Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Currently (10th June 2011) there are some bugs with handling unreachable remote proxies which causes the daemon to die. A few of these have already been dealt with via bug reports but some still lurk. Also, the certificate checking/verification code does not currently work - we hope to be able to verify the certificate issuer and OID as we do with RADIATOR and RadSecProxy. Note that this software only does RADSEC/TLS with TCP - DTLS over UDP is not yet an option. Clients are 'radsec' only and the standard naslist or naslist imported from SQL won't operate with radsec. Include Pagevitalaaa-flrvitalaaa-flr


To set up a federation-level RADIUS proxy server for VitalAAA you must change the following configuration files:

  • server_properties
  • method_dispatch
  • clients

You must also download the following files from

Code Block
Radius-Acct-Address = "*:1813"
Radius-Auth-Address = "*:1812"
Database-Address = "0"
Radius-CharSet = UTF8
Delimiter-Precedence = "@"
Suffix-Delimiters = "@"

method_dispatch file:

Code Block
radius             Auth 1             prepare             setWorkingVars
radius             acct 4              aaa                   dropRadiusAcct

clients file

Add the lines with the eduroam proxy server and the local RADIUS servers to the clients file:

Code Block          <eduroam_secret>      <eduroam_secret>
<>                <local_server_secret>
<>                <local_server_secret>

Gauging your federation's performance