Advertisement
Guest User

Untitled

a guest
Jan 17th, 2012
184
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. FreeRADIUS Version 2.1.10, for host i686-pc-linux-gnu, built on May 19 2011 at 15:42:57
  2. Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
  3. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
  4. PARTICULAR PURPOSE.
  5. You may redistribute copies of FreeRADIUS under the terms of the
  6. GNU General Public License v2.
  7. Starting - reading configuration files ...
  8. including configuration file /etc/freeradius/radiusd.conf
  9. including configuration file /etc/freeradius/proxy.conf
  10. including configuration file /etc/freeradius/clients.conf
  11. including files in directory /etc/freeradius/modules/
  12. including configuration file /etc/freeradius/modules/sql_log
  13. including configuration file /etc/freeradius/modules/ldap
  14. including configuration file /etc/freeradius/modules/otp
  15. including configuration file /etc/freeradius/modules/linelog
  16. including configuration file /etc/freeradius/modules/echo
  17. including configuration file /etc/freeradius/modules/smbpasswd
  18. including configuration file /etc/freeradius/modules/expr
  19. including configuration file /etc/freeradius/modules/cui
  20. including configuration file /etc/freeradius/modules/mschap
  21. including configuration file /etc/freeradius/modules/detail.log
  22. including configuration file /etc/freeradius/modules/perl
  23. including configuration file /etc/freeradius/modules/checkval
  24. including configuration file /etc/freeradius/modules/acct_unique
  25. including configuration file /etc/freeradius/modules/chap
  26. including configuration file /etc/freeradius/modules/always
  27. including configuration file /etc/freeradius/modules/attr_filter
  28. including configuration file /etc/freeradius/modules/counter
  29. including configuration file /etc/freeradius/modules/exec
  30. including configuration file /etc/freeradius/modules/radutmp
  31. including configuration file /etc/freeradius/modules/wimax
  32. including configuration file /etc/freeradius/modules/etc_group
  33. including configuration file /etc/freeradius/modules/realm
  34. including configuration file /etc/freeradius/modules/mac2ip
  35. including configuration file /etc/freeradius/modules/unix
  36. including configuration file /etc/freeradius/modules/pap
  37. including configuration file /etc/freeradius/modules/opendirectory
  38. including configuration file /etc/freeradius/modules/expiration
  39. including configuration file /etc/freeradius/modules/inner-eap
  40. including configuration file /etc/freeradius/modules/krb5
  41. including configuration file /etc/freeradius/modules/smsotp
  42. including configuration file /etc/freeradius/modules/mac2vlan
  43. including configuration file /etc/freeradius/modules/sradutmp
  44. including configuration file /etc/freeradius/modules/attr_rewrite
  45. including configuration file /etc/freeradius/modules/detail
  46. including configuration file /etc/freeradius/modules/detail.example.com
  47. including configuration file /etc/freeradius/modules/ippool
  48. including configuration file /etc/freeradius/modules/passwd
  49. including configuration file /etc/freeradius/modules/ntlm_auth
  50. including configuration file /etc/freeradius/modules/preprocess
  51. including configuration file /etc/freeradius/modules/digest
  52. including configuration file /etc/freeradius/modules/sqlcounter_expire_on_login
  53. including configuration file /etc/freeradius/modules/files
  54. including configuration file /etc/freeradius/modules/logintime
  55. including configuration file /etc/freeradius/modules/pam
  56. including configuration file /etc/freeradius/modules/policy
  57. including configuration file /etc/freeradius/modules/dynamic_clients
  58. including configuration file /etc/freeradius/eap.conf
  59. including configuration file /etc/freeradius/policy.conf
  60. including files in directory /etc/freeradius/sites-enabled/
  61. including configuration file /etc/freeradius/sites-enabled/default
  62. including configuration file /etc/freeradius/sites-enabled/inner-tunnel
  63. main {
  64. user = "freerad"
  65. group = "freerad"
  66. allow_core_dumps = no
  67. }
  68. including dictionary file /etc/freeradius/dictionary
  69. main {
  70. prefix = "/usr"
  71. localstatedir = "/var"
  72. logdir = "/var/log/freeradius"
  73. libdir = "/usr/lib/freeradius"
  74. radacctdir = "/var/log/freeradius/radacct"
  75. hostname_lookups = no
  76. max_request_time = 30
  77. cleanup_delay = 5
  78. max_requests = 1024
  79. pidfile = "/var/run/freeradius/freeradius.pid"
  80. checkrad = "/usr/sbin/checkrad"
  81. debug_level = 0
  82. proxy_requests = yes
  83. log {
  84. stripped_names = no
  85. auth = no
  86. auth_badpass = no
  87. auth_goodpass = no
  88. }
  89. security {
  90. max_attributes = 200
  91. reject_delay = 1
  92. status_server = yes
  93. }
  94. }
  95. radiusd: #### Loading Realms and Home Servers ####
  96. proxy server {
  97. retry_delay = 5
  98. retry_count = 3
  99. default_fallback = no
  100. dead_time = 120
  101. wake_all_if_all_dead = no
  102. }
  103. home_server localhost {
  104. ipaddr = 127.0.0.1
  105. port = 1812
  106. type = "auth"
  107. secret = <edit>
  108. response_window = 20
  109. max_outstanding = 65536
  110. require_message_authenticator = yes
  111. zombie_period = 40
  112. status_check = "status-server"
  113. ping_interval = 30
  114. check_interval = 30
  115. num_answers_to_alive = 3
  116. num_pings_to_alive = 3
  117. revive_interval = 120
  118. status_check_timeout = 4
  119. irt = 2
  120. mrt = 16
  121. mrc = 5
  122. mrd = 30
  123. }
  124. home_server_pool my_auth_failover {
  125. type = fail-over
  126. home_server = localhost
  127. }
  128. realm example.com {
  129. auth_pool = my_auth_failover
  130. }
  131. realm LOCAL {
  132. }
  133. realm deusto.es {
  134. authhost = LOCAL
  135. accthost = LOCAL
  136. }
  137. radiusd: #### Loading Clients ####
  138. client localhost {
  139. ipaddr = 127.0.0.1
  140. require_message_authenticator = no
  141. secret = <edit>
  142. nastype = "other"
  143. }
  144. client 192.168.250.250 {
  145. require_message_authenticator = no
  146. secret = <edit>
  147. shortname = "eduroam"
  148. }
  149. radiusd: #### Instantiating modules ####
  150. instantiate {
  151. Module: Linked to module rlm_exec
  152. Module: Instantiating module "exec" from file /etc/freeradius/modules/exec
  153. exec {
  154. wait = no
  155. input_pairs = "request"
  156. shell_escape = yes
  157. }
  158. Module: Linked to module rlm_expr
  159. Module: Instantiating module "expr" from file /etc/freeradius/modules/expr
  160. Module: Linked to module rlm_expiration
  161. Module: Skipping instantiation of expiration
  162. Module: Linked to module rlm_logintime
  163. Module: Instantiating module "logintime" from file /etc/freeradius/modules/logintime
  164. logintime {
  165. reply-message = "You are calling outside your allowed timespan "
  166. minimum-timeout = 60
  167. }
  168. }
  169. radiusd: #### Loading Virtual Servers ####
  170. server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel
  171. modules {
  172. Module: Checking authenticate {...} for more modules to load
  173. Module: Linked to module rlm_pap
  174. Module: Instantiating module "pap" from file /etc/freeradius/modules/pap
  175. pap {
  176. encryption_scheme = "auto"
  177. auto_header = no
  178. }
  179. Module: Linked to module rlm_chap
  180. Module: Instantiating module "chap" from file /etc/freeradius/modules/chap
  181. Module: Linked to module rlm_mschap
  182. Module: Skipping instantiation of mschap
  183. Module: Linked to module rlm_eap
  184. Module: Instantiating module "eap" from file /etc/freeradius/eap.conf
  185. eap {
  186. default_eap_type = "peap"
  187. timer_expire = 60
  188. ignore_unknown_eap_types = no
  189. cisco_accounting_username_bug = no
  190. max_sessions = 4096
  191. }
  192. Module: Linked to sub-module rlm_eap_md5
  193. Module: Instantiating eap-md5
  194. Module: Linked to sub-module rlm_eap_leap
  195. Module: Instantiating eap-leap
  196. Module: Linked to sub-module rlm_eap_gtc
  197. Module: Instantiating eap-gtc
  198. gtc {
  199. challenge = "Password: "
  200. auth_type = "PAP"
  201. }
  202. Module: Linked to sub-module rlm_eap_tls
  203. Module: Instantiating eap-tls
  204. tls {
  205. rsa_key_exchange = no
  206. dh_key_exchange = yes
  207. rsa_key_length = 512
  208. dh_key_length = 512
  209. verify_depth = 0
  210. pem_file_type = yes
  211. private_key_file = "/etc/freeradius/eduroam-certs/server.key"
  212. certificate_file = "/etc/freeradius/eduroam-certs/server.pem"
  213. CA_file = "/etc/freeradius/eduroam-certs/ca.pem"
  214. private_key_password = <edit>
  215. dh_file = "/etc/freeradius/eduroam-certs/dh"
  216. random_file = "/dev/urandom"
  217. fragment_size = 1024
  218. include_length = yes
  219. check_crl = no
  220. cipher_list = "DEFAULT"
  221. make_cert_command = "/etc/freeradius/eduroam-certs/bootstrap"
  222. cache {
  223. enable = no
  224. lifetime = 24
  225. max_entries = 255
  226. }
  227. }
  228. Module: Linked to sub-module rlm_eap_ttls
  229. Module: Instantiating eap-ttls
  230. ttls {
  231. default_eap_type = "md5"
  232. copy_request_to_tunnel = no
  233. use_tunneled_reply = no
  234. virtual_server = "inner-tunnel"
  235. include_length = yes
  236. }
  237. Module: Linked to sub-module rlm_eap_peap
  238. Module: Instantiating eap-peap
  239. peap {
  240. default_eap_type = "mschapv2"
  241. copy_request_to_tunnel = no
  242. use_tunneled_reply = no
  243. proxy_tunneled_request_as_eap = yes
  244. virtual_server = "inner-tunnel"
  245. }
  246. Module: Linked to sub-module rlm_eap_mschapv2
  247. Module: Instantiating eap-mschapv2
  248. mschapv2 {
  249. with_ntdomain_hack = no
  250. }
  251. Module: Checking authorize {...} for more modules to load
  252. Module: Linked to module rlm_realm
  253. Module: Instantiating module "suffix" from file /etc/freeradius/modules/realm
  254. realm suffix {
  255. format = "suffix"
  256. delimiter = "@"
  257. ignore_default = no
  258. ignore_null = no
  259. }
  260. Module: Linked to module rlm_files
  261. Module: Instantiating module "files" from file /etc/freeradius/modules/files
  262. files {
  263. usersfile = "/etc/freeradius/users"
  264. acctusersfile = "/etc/freeradius/acct_users"
  265. preproxy_usersfile = "/etc/freeradius/preproxy_users"
  266. compat = "no"
  267. }
  268. Module: Linked to module rlm_ldap
  269. Module: Skipping instantiation of ldap
  270. Module: Checking session {...} for more modules to load
  271. Module: Linked to module rlm_radutmp
  272. Module: Instantiating module "radutmp" from file /etc/freeradius/modules/radutmp
  273. radutmp {
  274. filename = "/var/log/freeradius/radutmp"
  275. username = "%{User-Name}"
  276. case_sensitive = yes
  277. check_with_nas = yes
  278. perm = 384
  279. callerid = yes
  280. }
  281. Module: Checking post-proxy {...} for more modules to load
  282. Module: Checking post-auth {...} for more modules to load
  283. Module: Linked to module rlm_attr_filter
  284. Module: Instantiating module "attr_filter.access_reject" from file /etc/freeradius/modules/attr_filter
  285. attr_filter attr_filter.access_reject {
  286. attrsfile = "/etc/freeradius/attrs.access_reject"
  287. key = "%{User-Name}"
  288. }
  289. } # modules
  290. } # server
  291. server { # from file /etc/freeradius/radiusd.conf
  292. modules {
  293. Module: Checking authenticate {...} for more modules to load
  294. Module: Checking authorize {...} for more modules to load
  295. Module: Linked to module rlm_preprocess
  296. Module: Instantiating module "preprocess" from file /etc/freeradius/modules/preprocess
  297. preprocess {
  298. huntgroups = "/etc/freeradius/huntgroups"
  299. hints = "/etc/freeradius/hints"
  300. with_ascend_hack = no
  301. ascend_channels_per_line = 23
  302. with_ntdomain_hack = no
  303. with_specialix_jetstream_hack = no
  304. with_cisco_vsa_hack = no
  305. with_alvarion_vsa_hack = no
  306. }
  307. Module: Checking preacct {...} for more modules to load
  308. Module: Linked to module rlm_acct_unique
  309. Module: Instantiating module "acct_unique" from file /etc/freeradius/modules/acct_unique
  310. acct_unique {
  311. key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
  312. }
  313. Module: Checking accounting {...} for more modules to load
  314. Module: Linked to module rlm_detail
  315. Module: Instantiating module "detail" from file /etc/freeradius/modules/detail
  316. detail {
  317. detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
  318. header = "%t"
  319. detailperm = 384
  320. dirperm = 493
  321. locking = no
  322. log_packet_header = no
  323. }
  324. Module: Linked to module rlm_unix
  325. Module: Instantiating module "unix" from file /etc/freeradius/modules/unix
  326. unix {
  327. radwtmp = "/var/log/freeradius/radwtmp"
  328. }
  329. Module: Instantiating module "attr_filter.accounting_response" from file /etc/freeradius/modules/attr_filter
  330. attr_filter attr_filter.accounting_response {
  331. attrsfile = "/etc/freeradius/attrs.accounting_response"
  332. key = "%{User-Name}"
  333. }
  334. Module: Checking session {...} for more modules to load
  335. Module: Checking post-proxy {...} for more modules to load
  336. Module: Checking post-auth {...} for more modules to load
  337. } # modules
  338. } # server
  339. radiusd: #### Skipping IP addresses and Ports ####
  340. listen {
  341. type = "auth"
  342. ipaddr = *
  343. port = 0
  344. }
  345. listen {
  346. type = "acct"
  347. ipaddr = *
  348. port = 0
  349. }
  350. Configuration appears to be OK.
Advertisement
Advertisement
Advertisement
RAW Paste Data Copied
Advertisement