AuthPort 1812 AcctPort 1813 DbDir /etc/radiator DictionaryFile %D/dictionary,%D/dictionary.ascend,%D/dictionary.cisco,%D/av-pairs-cisco-altiga-cvpn LogDir /var/log/radius LogFile %L/radius.log PidFile /var/run/radiusd.pid Trace 3 #Foreground 1 Secret ********* Identifier Testes Locais Secret ********* Identifier BDigital IdenticalClients 193.137.16.2 IdenticalClients 193.137.16.3 IdenticalClients 193.137.16.4 IdenticalClients 193.137.16.5 IdenticalClients 193.137.16.6 IdenticalClients 193.137.16.7 IdenticalClients 193.137.16.8 IdenticalClients 193.137.16.9 IdenticalClients 193.137.16.10 IdenticalClients 193.137.16.11 IdenticalClients 193.137.16.12 IdenticalClients 193.137.16.13 Secret ********* Identifier VOIP10 IdenticalClients 193.137.19.251 IdenticalClients 193.137.17.20 Secret ********* Identifier hotspot_wbl Secret ********* Identifier ras Secret ********* Identifier Projecto_Bumerang Secret ********* Secret ********* Secret ********* Identifier GSM - Ramada IdenticalClients 192.168.35.1 IdenticalClients 193.137.17.41 IdenticalClients 192.168.250.1 Secret ********* Identifier ConcentradoresVPN Secret ********* Identifier WLSE IgnoreAcctSignature Secret ********* IdenticalClients 193.137.88.123 Secret ********* Identifier Projecto BAES IgnoreAcctSignature Secret ********* DupInterval 0 NoEAP Identifier Auth-di AuthByPolicy ContinueWhileIgnore RewriteUsername s/^([^@]+).*/$1/ Timeout 5 FailureBackoffTime 10 AutoMPPEKeys AuthDN cn=SCOMadmin,dc=di,dc=uminho,dc=pt AuthPassword ******** BaseDN dc=di,dc=uminho,dc=pt Description Autenticador por LDAP para o DI EAPTLS_CAFile /etc/radiator/certs/e-U/cacert-scom.pem EAPTLS_CertificateFile /etc/radiator/certs/e-U/roamer-b-cert.pem EAPTLS_CertificateType PEM EAPTLS_MaxFragmentSize 1024 EAPTLS_PrivateKeyFile /etc/radiator/certs/e-U/roamer-b-priv-key.pem EAPTLS_PrivateKeyPassword ******** EAPType PEAP, TTLS Host 192.168.64.7 SSLeayTrace 4 UseSSL SSLCAFile /etc/radiator/certs/ca-di-uminho-pt.cer Port 636 UsernameAttr uid PasswordAttr userpassword AddToReply Tunnel-Type=VLAN, Tunnel-Medium-Type=Ether_802, Tunnel-Private-Group-ID=247, Class=funcionarios Timeout 5 FailureBackoffTime 10 AutoMPPEKeys AuthDN cn=SCOMadmin,dc=di,dc=uminho,dc=pt AuthPassword ******** BaseDN dc=di,dc=uminho,dc=pt Description Autenticador por LDAP para o DI EAPTLS_CAFile /etc/radiator/certs/e-U/cacert-scom.pem EAPTLS_CertificateFile /etc/radiator/certs/e-U/roamer-b-cert.pem EAPTLS_CertificateType PEM EAPTLS_MaxFragmentSize 1024 EAPTLS_PrivateKeyFile /etc/radiator/certs/e-U/roamer-b-priv-key.pem EAPTLS_PrivateKeyPassword ******** EAPType PEAP, TTLS Host ds.di.uminho.pt Identifier ldapauth-di SSLeayTrace 4 UseSSL SSLCAFile /etc/radiator/certs/ca-di-uminho-pt.cer Port 636 UsernameAttr uid PasswordAttr userpassword AddToReply Tunnel-Type=VLAN, Tunnel-Medium-Type=Ether_802, Tunnel-Private-Group-ID=247, Class=funcionarios Timeout 5 FailureBackoffTime 10 AutoMPPEKeys AuthDN cn=SCOMadmin,dc=di,dc=uminho,dc=pt AuthPassword ******** BaseDN dc=di,dc=uminho,dc=pt Description Autenticador por LDAP para o DI EAPTLS_CAFile /etc/radiator/certs/e-U/cacert-scom.pem EAPTLS_CertificateFile /etc/radiator/certs/e-U/roamer-b-cert.pem EAPTLS_CertificateType PEM EAPTLS_MaxFragmentSize 1024 EAPTLS_PrivateKeyFile /etc/radiator/certs/e-U/roamer-b-priv-key.pem EAPTLS_PrivateKeyPassword ******** EAPType PEAP, TTLS Host www.di.uminho.pt SSLeayTrace 4 UseSSL SSLCAFile /etc/radiator/certs/ca-di-uminho-pt.cer Port 636 UsernameAttr uid PasswordAttr userpassword AddToReply Tunnel-Type=VLAN, Tunnel-Medium-Type=Ether_802, Tunnel-Private-Group-ID=247, Class=funcionarios NoEAP Identifier Auth-SAPIA AuthByPolicy ContinueWhileIgnore Description Autentica Users SAPIA de forma redundante RewriteUsername s/^([^@]+).*/$1/ Timeout 5 FailureBackoffTime 10 AutoMPPEKeys AuthDN cn=scomwireless,ou=servicos,dc=uminho,dc=pt AuthPassword ******** BaseDN ou=utentes,dc=uminho,dc=pt ServerChecksPassword UsernameAttr sAMAccountName Description Autenticador por LDAP - opcao 1 EAPTLS_CAFile /etc/radiator/certs/e-U/cacert-scom.pem EAPTLS_CertificateFile /etc/radiator/certs/e-U/roamer-b-cert.pem EAPTLS_CertificateType PEM EAPTLS_MaxFragmentSize 1024 EAPTLS_PrivateKeyFile /etc/radiator/certs/e-U/roamer-b-priv-key.pem EAPTLS_PrivateKeyPassword ******** EAPType TTLS, PAP, MSCHAPV2, PEAP, MSCHAP-V2 Host 193.137.9.164 AuthAttrDef um-SCOMattribute3, Class, reply AuthAttrDef extensionAttribute2, Reply-Message, reply AddToReply Tunnel-Type = VLAN, Tunnel-Medium-Type = Ether_802 AuthAttrDef um-SCOMattribute2, Tunnel-Private-Group-ID, reply UseSSL # SSLVerify none SSLCAFile /etc/radiator/certs/sapia/uminho_CA.pem Port 636 AutoMPPEKeys AuthDN cn=scomwireless,ou=servicos,dc=uminho,dc=pt AuthPassword ******** BaseDN ou=utentes,dc=uminho,dc=pt ServerChecksPassword UsernameAttr sAMAccountName Description Autenticador por LDAP - opcao 2 EAPTLS_CAFile /etc/radiator/certs/e-U/cacert-scom.pem EAPTLS_CertificateFile /etc/radiator/certs/e-U/roamer-b-cert.pem EAPTLS_CertificateType PEM EAPTLS_MaxFragmentSize 1024 EAPTLS_PrivateKeyFile /etc/radiator/certs/e-U/roamer-b-priv-key.pem EAPTLS_PrivateKeyPassword ******** EAPType TTLS,MSCHAPV2,MSCHAP-V2,PEAP,MSCHAP Host 193.137.9.143 AuthAttrDef um-SCOMattribute3, Class, reply AuthAttrDef extensionAttribute2, Reply-Message, reply AddToReply Tunnel-Type = VLAN, Tunnel-Medium-Type = Ether_802 AuthAttrDef um-SCOMattribute2, Tunnel-Private-Group-ID, reply UseSSL # SSLVerify none SSLCAFile /etc/radiator/certs/sapia/uminho_CA.pem Port 636 AcctPort 1813 AuthPort 1812 Description Servidor Proxy Radius FCCN Host cv-radius.fccn.pt Host cv2-radius.fccn.pt Identifier FCCNRadiusServer Retries 5 RetryTimeout 30 Secret ********* StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private-Group-ID, Filter-ID AddToReply Tunnel-Type = VLAN, Tunnel-Medium-Type = Ether_802, Tunnel-Private-Group-ID="250" Identifier SQLAccounting DBSource dbi:mysql:usertracking:193.137.17.45 DBUsername utuser DBAuth lixo100 # Just accounting, no auth IgnoreAuthentication AuthSelect AccountingTable RAD_ACCOUNTING HandleAcctStatusTypes Start,Alive,Stop DateFormat %Y-%m-%d %X AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer-date AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCT,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCT,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef NASIPADDRESS,NAS-IP-Address AcctColumnDef CALLEDSTATIONID,Called-Station-Id AcctColumnDef CALLINGSTATIONID,Calling-Station-Id AcctColumnDef SSID,cisco-avpair AcctColumnDef SYSLOCATION,WISPr-Location-Name Identifier SQLAccountingVPN DBSource dbi:mysql:usertracking:193.137.17.45 DBUsername utuser DBAuth lixo100 # Just accounting, no auth IgnoreAuthentication AuthSelect AccountingTable RAD_ACCOUNTING_VPN HandleAcctStatusTypes Start,Alive,Stop DateFormat %Y-%m-%d %X AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer-date AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCT,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCT,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef NASIPADDRESS,NAS-IP-Address AcctColumnDef CALLEDSTATIONID,Called-Station-Id AcctColumnDef CALLINGSTATIONID,Calling-Station-Id AcctColumnDef SERVICETYPE, Service-Type AcctColumnDef FRAMEDPROTOCOL, Framed-Protocol AcctColumnDef FRAMEDIPADDRESS, Framed-IP-Address AcctColumnDef CLASS, Class AcctColumnDef NASPORTTYPE, NAS-Port-Type Description Accounting Proxy Radius FCCN Identifier FCCNAccounting AcctPort 1813 # Just accounting, no auth IgnoreAuthentication Host cv-radius.fccn.pt Host cv2-radius.fccn.pt Retries 5 RetryTimeout 30 Secret ********* ################################ Filename %L/peap.log Identifier peaplog LogSuccess 1 LogFailure 1 NoEAP Host 192.168.62.100 Secret ********* AuthPort 1812 AcctPort 1813 EAPType PEAP,TTLS,TLS,MSCHAPV2,MSCHAP-V2 Description PEAP no SAPIA Identifier PEAPnoSAPIA Retries 5 RetryTimeout 30 StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private-Group-ID, Class AddToReply Tunnel-Type=VLAN, Tunnel-Medium-Type=Ether_802, Tunnel-Private-Group-ID=247, Class=funcionarios AuthLog peaplog StripFromRequest ConvertedFromEAPMSCHAPV2 AuthBy PEAPnoSAPIA RewriteUsername s/^([^@]+).*/$1/ # Dont really need this # Filename %D/users # This tells the PEAP client what types of inner EAP requests # we will honour EAPType MSCHAP-V2 # This flag tells EAPType MSCHAP-V2 to convert the inner EAP-MSCHAPV2 request into # an ordinary Radius-MSCHAPV2 request and redespatch to to a Handler # that matches ConvertedFromEAPMSCHAPV2=1 (see above) EAP_PEAP_MSCHAP_Convert 1 ################################ Description Autentica os users do hotspot WBL - e-UM-eventos AcctLogFileName /var/log/radius/radacct/wbl-%Y%m RejectHasReason Filename /etc/radiator/usersWBL Description auth_wbl_users Description Autentica os users de acesso remoto por telefone AcctLogFileName /var/log/radius/radacct/ras-%Y%m RejectHasReason Filename /etc/radiator/usersAR Description auth_ras_users Description Monitorizacao da FCCN RejectHasReason RewriteUsername s/^([^@]+).*/$1/ Filename /etc/radiator/test-users AcctLogFileName /var/log/radius/radacct/%Y%m AuthBy Auth-SAPIA AuthBy SQLAccounting RejectHasReason Description SSID e-U para os users da UMinho StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private-Group-ID, Class AddToReply Tunnel-Type=VLAN, Tunnel-Medium-Type=Ether_802, Tunnel-Private-Group-ID=248 PreProcessingHook file:"/etc/radiator/radius.rewriteMAC.pl" PostProcessingHook file:"/etc/radiator/eap_acct_username_alunos.pl" AcctLogFileName /var/log/radius/radacct/%Y%m Description SSID e-U para utilizadores DI AuthBy SQLAccounting AuthBy Auth-di RejectHasReason StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private-Group-ID, Class AddToReply Tunnel-Type=VLAN, Tunnel-Medium-Type=Ether_802, Tunnel-Private-Group-ID=248 PreProcessingHook file:"/etc/radiator/radius.rewriteMAC.pl" PostProcessingHook file:"/etc/radiator/eap_acct_username.pl" AcctLogFileName /var/log/radius/radacct/vpn-%Y%m Description Autentica utilizadores DI na VPN AuthBy SQLAccountingVPN AuthBy Auth-di RejectHasReason PostProcessingHook file:"/etc/radiator/eap_acct_username.pl" AcctLogFileName /var/log/radius/radacct/%Y%m Description SSID eduroam para utilizadores DI AuthBy SQLAccounting AuthBy Auth-di RejectHasReason PreProcessingHook file:"/etc/radiator/radius.rewriteMAC.pl" PostProcessingHook file:"/etc/radiator/eap_acct_username.pl" AcctLogFileName /var/log/radius/radacct/%Y%m Description SSID e-U para utilizadores uminho.pt AuthBy SQLAccounting AuthBy Auth-SAPIA RejectHasReason StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private-Group-ID, Class AddToReply Tunnel-Type=VLAN, Tunnel-Medium-Type=Ether_802, Tunnel-Private-Group-ID=248 PreProcessingHook file:"/etc/radiator/radius.rewriteMAC.pl" PostProcessingHook file:"/etc/radiator/eap_acct_username_sapia.pl" AcctLogFileName /var/log/radius/radacct/vpn-%Y%m Description Autentica utilizadores uminho.pt na VPN AuthBy SQLAccountingVPN AuthBy Auth-SAPIA RejectHasReason PostProcessingHook file:"/etc/radiator/eap_acct_username_sapia.pl" AcctLogFileName /var/log/radius/radacct/%Y%m Description SSID eduroam para utilizadores uminho.pt AuthBy SQLAccounting AuthBy Auth-SAPIA RejectHasReason PreProcessingHook file:"/etc/radiator/radius.rewriteMAC.pl" PostProcessingHook file:"/etc/radiator/eap_acct_username_sapia.pl" # Para que pedidos sem REALM nao saiam da propria instituicao #AuthBy SQLAccounting Description Evita que utilizadores sem dominio saiam na UM PreProcessingHook file:"/etc/radiator/radius.rewriteMAC.pl" Filename /etc/radiator/users AcctLogFileName /var/log/radius/radacct/%Y%m Description SSID e-U para roamers - fase intermedia - apagar em 2007.12.31 AuthBy SQLAccounting AuthBy FCCNAccounting AuthBy FCCNRadiusServer RejectHasReason StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private-Group-ID, Class AddToReply Tunnel-Type=VLAN, Tunnel-Medium-Type=Ether_802, Tunnel-Private-Group-ID=248, Class=visitantes PreProcessingHook file:"/etc/radiator/radius.rewriteMAC.pl" PostProcessingHook file:"/etc/radiator/eap_acct_username_sapia.pl" Description SSID eduroam para utilizadores em roaming (visitantes) AcctLogFileName /var/log/radius/radacct/%Y%m AuthBy SQLAccounting AuthBy FCCNAccounting AuthBy FCCNRadiusServer PreProcessingHook file:"/etc/radiator/radius.rewriteMAC.pl"