diff options
author | Emil Renner Berthing <esmil@labitat.dk> | 2017-11-18 19:34:34 +0100 |
---|---|---|
committer | Emil Renner Berthing <esmil@labitat.dk> | 2017-11-18 19:36:08 +0100 |
commit | 505f69ee1540581eef2465dc420525213d278473 (patch) | |
tree | 018b20a4586ec1cdf12fff5157f19970767e6436 /roles/space_server/files/radius/sites-available/labitat-inner | |
parent | 5517f9fcf84ad5043ae7e45da2b592c56a3e8e94 (diff) | |
download | labitat-ansible-505f69ee1540581eef2465dc420525213d278473.tar.gz labitat-ansible-505f69ee1540581eef2465dc420525213d278473.tar.xz labitat-ansible-505f69ee1540581eef2465dc420525213d278473.zip |
space_server: radius: clean up configuration
Disable all the unused auth methods
Diffstat (limited to 'roles/space_server/files/radius/sites-available/labitat-inner')
-rw-r--r-- | roles/space_server/files/radius/sites-available/labitat-inner | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/roles/space_server/files/radius/sites-available/labitat-inner b/roles/space_server/files/radius/sites-available/labitat-inner new file mode 100644 index 0000000..94d5643 --- /dev/null +++ b/roles/space_server/files/radius/sites-available/labitat-inner @@ -0,0 +1,46 @@ +server labitat-inner { + + authorize { + filter_username + filter_inner_identity + suffix + + update control { + &Proxy-To-Realm := LOCAL + } + + eap { + ok = return + } + + files + expiration + logintime + pap + } + + authenticate { + Auth-Type PAP { + pap + } + + eap + } + + post-auth { + Post-Auth-Type REJECT { + attr_filter.access_reject + + update outer.session-state { + &Module-Failure-Message := &request:Module-Failure-Message + } + } + } + + pre-proxy { + } + + post-proxy { + eap + } +} |