**Ceci est une ancienne révision du document !**
Voici des extraits détaillés de la configuration RADIUS de FDN:
users:
DEFAULT Huntgroup-Name == 'td', Auth-Type := td
Service-Type:1 := "Framed",
Framed-Protocol:1 := "PPP",
Class:1 := 0,
Tunnel-Type:1 := "L2TP",
Tunnel-Medium-Type:1 := "IP",
radiusd.conf:
modules {
pap { encryption_scheme = crypt }
chap { authtype = CHAP }
realm suffix {
format = suffix
delimiter = "@"
ignore_default = no
ignore_null = no
}
sql sqlfdn {
driver = "rlm_sql_mysql"
server = "localhost"
login = "toto"
passwd = "toto"
radius_db = "adsl"
authorize_check_query = "\
select UATTR_ID,RADUSER_LOGIN,UATTR_ATTR,UATTR_VALUE,UATTR_OP \
from RADUSER,UATTR \
where ((RADUSER_LOGIN = REPLACE('%{SQL-User-Name}','@fdn.nerim','@fdn.fr')) or (RADUSER_LOGIN = '%{SQL-User-Name}')) and \
UATTR.RADUSER_ID = RADUSER.RADUSER_ID and \
UATTR_TYPE = 'check' \
order by UATTR_ID"
authorize_reply_query = "\
select UATTR_ID,RADUSER_LOGIN,UATTR_ATTR,UATTR_VALUE,UATTR_OP \
from RADUSER,UATTR \
where ((RADUSER_LOGIN = REPLACE('%{SQL-User-Name}','@fdn.nerim','@fdn.fr')) or (RADUSER_LOGIN = '%{SQL-User-Name}')) and \
UATTR.RADUSER_ID = RADUSER.RADUSER_ID and \
UATTR_TYPE = 'reply' \
order by UATTR_ID"
authorize_group_check_query = "\
select GATTR_ID,RADUSER_LOGIN,GATTR_ATTR,GATTR_VALUE,GATTR_OP \
from RADUSER,GATTR \
where ((RADUSER_LOGIN = REPLACE('%{SQL-User-Name}','@fdn.nerim','@fdn.fr')) or (RADUSER_LOGIN = '%{SQL-User-Name}')) and \
GATTR.RADGROUP_ID = RADUSER.RADGROUP_ID and \
GATTR_TYPE = 'check'"
authorize_group_reply_query = "\
select GATTR_ID,RADUSER_LOGIN,GATTR_ATTR,GATTR_VALUE,GATTR_OP \
from RADUSER,GATTR \
where ((RADUSER_LOGIN = REPLACE('%{SQL-User-Name}','@fdn.nerim','@fdn.fr')) or (RADUSER_LOGIN = '%{SQL-User-Name}')) and \
GATTR.RADGROUP_ID = RADUSER.RADGROUP_ID and \
GATTR_TYPE = 'reply'"
...
}
}
instantiate {}
authorize {
preprocess
suffix
files
Autz-Type fdn {
chap
sqlfdn
}
}
authenticate {
Auth-Type PAP { pap }
Auth-Type CHAP { chap }
Auth-Type essai { ok }
eap
}