Differences

This shows you the differences between two versions of the page.

--- siteadmin:freeradius_radsec_configuration [2019/03/06 16:04] – admin
+++ siteadmin:freeradius_radsec_configuration [2023/04/05 12:00] (current) – admin
@@ Line 1: / Line 1: @@
+RADSEC is something for the future. Currently it's not recommended so don't worry about it for now.
 clients.conf:
@@ Line 25: / Line 27: @@
 }
 </code>
+sites-available/govroam:
 <code>
@@ Line 41: / Line 45: @@
                private_key_password = whatever
-               private_key_file = ${certdir}/radsec2/localorps1.localnet-key.pem
+               private_key_file = ${certdir}/<yoursite>-server-cert.pem
-               certificate_file = ${certdir}/radsec2/localorps1.localnet-server-cert.pem
+               certificate_file = ${certdir}/<yoursite>-key.pem
                ca_file = ${cadir}/radsecCA-2019.pem
                dh_file = ${certdir}/dh
-       #        random_file = ${certdir}/random
                fragment_size = 1071
                include_length = yes
@@ Line 57: / Line 60: @@
                require_client_cert = yes
                verify {
-       #                tmpdir = /tmp/
                }
            }
         }
+</code>
+proxy.conf:
+<code>
+realm "~.+$" {
+    auth_pool = govroam
+    nostrip
+}
+home_server_pool govroam {
+    home_server = roaming0
+    type = client-port-balance
+}
+home_server roaming0 {
+    ipaddr = 212.219.190.139
+    port = 2083
+    type = auth
+    secret = radsec
+    proto = tcp
+    status_check = status-server
+    tls {
+        certdir = ${confdir}/certs
+        cadir = ${confdir}/certs
+        private_key_password = whatever
+        private_key_file = ${certdir}/<yoursite>-key.pem
+        certificate_file = ${certdir}/<yoursite>-client-cert.pem
+        ca_file = ${cadir}/radsecCA-2019.pem
+        dh_file = ${certdir}/dh
+        random_file = ${certdir}/random
+        fragment_size = 1071
+        include_length = yes
+        cipher_list = "DEFAULT"
+    }
+}
 </code>