...
Operating a federation involves managing and supervising eduroam Identity Providers, eduroam Service Providers, as well as keeping authentication logs, fulfilling uptime requirements, etc. Prospect federation operators should read and understand the requirements in DS5.1.1 ("eduroam Service Definition and Implementation Plan") at httphttps://www.eduroam.org/downloads/docs/wp-content/uploads/2020/02/GN2-07-327v2-DS5_1_1-_eduroam_Service_Definition.pdf, particularly sections 4.1.4 ("Roles and Responsibilities - NROs") and section 6 ("Requirements on Confederation Members").
...
Code Block |
---|
<Handler User-Name = /\@/>
<AuthBy DNSROAM>
Port 2083
Protocol radsec
Transport tcp
UseTLS 1
Secret radsec
ReconnectTimeout 1
NoreplyTimeout 5
ConnectOnDemand
TLS_CAPath /etc/radiator/certs/CAs/current/
TLS_CertificateFile /etc/radiator/certs/server.pem
TLS_CertificateType PEM
TLS_PrivateKeyFile /etc/radiator/certs/server.key
TLS_PolicyOID .1.3.6.1.4.1.25178.3.1.2
TLS_ExpectedPeerName CN=.*
<Route>
Realm DEFAULT
Address etlr1.eduroam.org
Port 2083
Transport tcp
Protocol radsec
</Route>
</AuthBy>
AuthLog TICKS
</Handler> |
...