You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
43 lines
1.2 KiB
43 lines
1.2 KiB
---
|
|
|
|
rad_clients: []
|
|
# rad_clients:
|
|
# - name: ap-wifi
|
|
# ip: 192.168.7.0/24
|
|
# secret: p@ssw0rd
|
|
# nas_type: other
|
|
|
|
rad_auth_port: 1812
|
|
rad_acc_port: 1813
|
|
rad_ports: [ "{{ rad_auth_port }}", "{{ rad_acc_port }}" ]
|
|
rad_src_ip: []
|
|
|
|
# An optional password if the private key is protected
|
|
# rad_tls_key_pass:
|
|
|
|
# The CA (full chain) to verify client's certificates
|
|
# rad_tls_ca: |
|
|
# ---- BEGIN CERTIFICATE ----
|
|
# ---- END CERTIFICATE ----
|
|
|
|
# The certificate of the radius server
|
|
# rad_tls_cert: |
|
|
# ---- BEGIN CERTIFICATE ----
|
|
# ---- END CERTIFICATE ----
|
|
|
|
# The private key of the radius server
|
|
# rad_tls_key: |
|
|
# -----BEGIN RSA PRIVATE KEY-----
|
|
# -----END RSA PRIVATE KEY-----
|
|
|
|
# An optional CRL to check client's certificate against
|
|
# Can either be a raw CRL in PEM format, or an http or https URL
|
|
# where to fetch it
|
|
# If undefined, no check will be performed, and revoked certificates will be accepted
|
|
# rad_tls_crl:
|
|
|
|
# The issuer of the clients certificate
|
|
# This can be usefull if you have several intermediate CA
|
|
# all signed by the same root CA, but only want to trust clients from
|
|
# one of them
|
|
# rad_tls_issuer: /C=FR/ST=Aquitaine/L=Bordeaux/O=Firewall Services/OU=Security/CN=wifi
|
|
|