...
Currently (10th June 2011) there are some bugs with handling unreachable remote proxies which causes the daemon to die. A few of these have already been dealt with via bug reports but some still lurk. Also, the certificate checking/verification code does not currently work - we hope to be able to verify the certificate issuer and OID as we do with RADIATOR and RadSecProxy. Note that this software only does RADSEC/TLS with TCP - DTLS over UDP is not yet an option. Clients are 'radsec' only and the standard naslist or naslist imported from SQL won't operate with radsec. Include Page
VitalAAA
To set up a federation-level RADIUS proxy server for VitalAAA you must change the following configuration files:
- server_properties
- method_dispatch
- clients
You must also download the following files from http://www.eduroam.org/downloads/docs/eduroam-cookbookscripts.zip:
Code Block |
---|
Radius-Acct-Address = "*:1813"
Radius-Auth-Address = "*:1812"
Database-Address = "0"
Radius-CharSet = UTF8
Delimiter-Precedence = "@"
Suffix-Delimiters = "@"
|
method_dispatch file:
Code Block |
---|
radius Auth 1 prepare setWorkingVars
radius acct 4 aaa dropRadiusAcct
|
clients file
Add the lines with the eduroam proxy server and the local RADIUS servers to the clients file:
Code Block |
---|
192.87.106.34 <eduroam_secret>
130.225.242.109 <eduroam_secret>
<192.168.1.10> <local_server_secret>
<192.168.1.20> <local_server_secret>
|
Gauging your federation's performance
...