#Created by Cottrell and Caporossi #Creation Date: 05-22-2008 #Last Edited: 05-22-2008 #Foreground #LogStdout LogDir c:\Program Files\Radiator\logs DbDir c:\Program Files\Radiator LogFile %L/%m%d%y.log DictionaryFile %D/dictionary PidFile %D/radiusd.pid AuthPort 1812 AcctPort 1813 Trace 3 Identifier ppp Secret putyoursecrethere DupInterval 2 NasType Cisco SNMPCommunity putyoursecrethere IgnoreAcctSignature 1 Identifier vpn IdenticalClients 128.23.242.1 Secret putyoursecrethere DupInterval 2 NasType Cisco SNMPCommunity putyoursecrethere IgnoreAcctSignature 1 Identifier hal Secret putyoursecrethere DupInterval 2 NasType unknown IgnoreAcctSignature 1 PreClientHook file:"%D/scripts/acct_adjustment.pl" IdenticalClients 10.24.70.12,10.24.70.21,10.24.70.22,10.24.70.31,10.24.70.32,10.24.70.41,10.24.70.42,10.24.70.13,10.24.70.14,10.24.70.23,10.24.70.24,10.24.70.15,10.24.70.16,10.24.70.25,10.24.70.26,10.24.238.41,10.24.238.42 Secret putyoursecrethere Identifier airespace DupInterval 2 NasType Cisco SNMPCommunity putyoursecrethere IgnoreAcctSignature 1 # # Identifier debugging # Trace 4 # LogMicroseconds # Filename %L/%m%d%y.debug.log # PreProcessingHook file:"%D/scripts/eap_anon_hook.pl" AddToRequest Connect-Info=%{Client:Identifier},Ascend-Authen-Alias=%h StripFromRequest Class Host radacct.mdc.musc.edu Secret putyoursecrethere AcctPort 1813 Retries 10 AcctFailedLogFileName %L/%{Client:Identifier}/%m%d%y.log.missed AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log Identifier AcctStartStopOnly AcctStartResult ACCEPT AcctStopResult ACCEPT AcctAliveResult IGNORE AuthByPolicy ContinueUntilAccept RewriteUsername s/(.*)\\(.*)/$2/ Domain clinlan #Group Domain Users #DomainController zulu EAPType MSCHAP-V2 AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log PostAuthHook file:"%D/scripts/eap_anon_hook.pl" PostProcessingHook file:"%D/scripts/eap_acct_username.pl" AuthByPolicy ContinueUntilAccept # Strip realm if in MSN format RewriteUsername s/(.*)\\(.*)/$2/ #AuthBy LDAPAuthentication Domain clinlan #Group Domain Users #DomainController zulu EAPType MSCHAP-V2 GroupFilename %D/group # anonymous-PEAP must be in here: Filename %D/radauth_pass.wlan AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log PostAuthHook file:"%D/scripts/eap_anon_hook.pl" PostProcessingHook file:"%D/scripts/eap_acct_username.pl" AuthByPolicy ContinueUntilAccept AddToRequestIfNotExist Framed-IP-Address=%{Calling-Station-Id} StripFromRequest Class Filename %D/users EAPType TTLS, PEAP EAPTLS_CAFile %D/certificates/production/ca-bundle.crt EAPTLS_CertificateFile %D/certificates/production/%h_ips.pem EAPTLS_CertificateType PEM EAPTLS_PrivateKeyFile %D/certificates/production/%h_ips.pem EAPTLS_PrivateKeyPassword putyoursecrethere EAPTLS_VerifyDepth 3 EAPTLS_MaxFragmentSize 1000 AutoMPPEKeys SSLeayTrace 4 EAPTLS_PEAPVersion 1 EAPTLS_PEAPBrokenV1Label PreProcessingHook file:"%D/scripts/eap_anon_hook.pl" AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log AuthByPolicy ContinueUntilAccept AddToRequestIfNotExist Framed-IP-Address=%{Calling-Station-Id} StripFromRequest Class Filename %D/users EAPType PEAP,TTLS EAPTLS_CAFile %D/certificates/production/dc1_ca.cer EAPTLS_CertificateFile %D/certificates/production/%h_dc1.pem EAPTLS_CertificateType PEM EAPTLS_PrivateKeyFile %D/certificates/production/%h_dc1.pem EAPTLS_PrivateKeyPassword putyoursecrethere EAPTLS_VerifyDepth 3 EAPTLS_MaxFragmentSize 1000 AutoMPPEKeys SSLeayTrace 4 EAPTLS_PEAPVersion 1 EAPTLS_PEAPBrokenV1Label PreProcessingHook file:"%D/scripts/eap_anon_hook.pl" AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log AuthByPolicy ContinueUntilAccept AddToRequestIfNotExist Framed-IP-Address=%{Calling-Station-Id} StripFromRequest Class Filename %D/users EAPType PEAP,TTLS EAPTLS_CAFile %D/certificates/production/verisign-combo.crt EAPTLS_CertificateFile %D/certificates/production/%h.pem EAPTLS_CertificateType PEM EAPTLS_PrivateKeyFile %D/certificates/production/%h.pem EAPTLS_PrivateKeyPassword putyoursecrethere EAPTLS_VerifyDepth 3 EAPTLS_MaxFragmentSize 1000 AutoMPPEKeys SSLeayTrace 4 EAPTLS_PEAPVersion 1 EAPTLS_PEAPBrokenV1Label PreProcessingHook file:"%D/scripts/eap_anon_hook.pl" AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log AuthByPolicy ContinueUntilAccept AddToRequestIfNotExist Framed-IP-Address=%{Calling-Station-Id} StripFromRequest Class Filename %D/users EAPType PEAP,TTLS EAPTLS_CAFile %D/certificates/production/dc1_ca.cer EAPTLS_CertificateFile %D/certificates/production/%h_dc1.pem EAPTLS_CertificateType PEM EAPTLS_PrivateKeyFile %D/certificates/production/%h_dc1.pem EAPTLS_PrivateKeyPassword putyoursecrethere EAPTLS_VerifyDepth 3 EAPTLS_MaxFragmentSize 1000 AutoMPPEKeys SSLeayTrace 4 EAPTLS_PEAPVersion 1 EAPTLS_PEAPBrokenV1Label PreProcessingHook file:"%D/scripts/eap_anon_hook.pl" AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log AuthByPolicy ContinueUntilAccept AddToRequestIfNotExist Framed-IP-Address=%{Calling-Station-Id} StripFromRequest Class # anonymous-PEAP must be in here: GroupFilename %D/group Filename %D/radauth_pass.wlan NoEAP AuthByPolicy ContinueAlways #AuthByPolicy ContinueWhileIgnore # Default GroupFilename %D/group Filename %D/radauth_pass.ppp #syslog functions not available on win32 #AuthLog authlogger # Log accounting to a detail file AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log AuthByPolicy ContinueAlways # AuthByPolicy ContinueWhileIgnore # Default AddToRequestIfNotExist Calling-Station-Id=%{Tunnel-Client-Endpoint} GroupFilename %D/group Filename %D/radauth_pass.vpn #syslog functions not available on win32 #AuthLog authlogger # Log accounting to a detail file AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log AuthByPolicy ContinueUntilAccept GroupFilename %D/group Filename %D/passwd.nagios AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log