Govroam

The Roaming solution for the public sector

User Tools

Site Tools


siteadmin:basic_orps_radsecproxy_configuration
# Some basic logging
LogLevel 3                                                                                
                                                                                          
LogDestination         x-syslog:///LOG_DAEMON                                             

# Prevents RADIUS servers from causing a loop by sending requests back again.
LoopPrevention         On                                                                 
            
# FTICKS is a standardised way of logging authentication attempts.                                                                                                       
FTicksSyslogFacility LOG_LOCAL0                                                           
FTicksReporting Full                                                                      
FTicksMAC VendorKeyHashed                                                                 
FTicksKey arandomsalt                                                                     


# Upstream RADIUS proxy                                                                                   
server  nrps0 {                                                                           
        host 10.10.10.31                                                                  
        type udp                                                                          
        secret XXXX                                                             
        statusServer on   #This checks that status of the adjacent servers.                                                                   
}                                                                                         


# Local IdP which will do the authentication (Omit for Visited Only)                                                                                       
server  localidp0 {                                                                       
        host 10.10.10.21                                                                  
        type udp                                                                          
        secret XXXX                                                             
        statusServer on                                                                   
}                                                                                         


# RADIUS requests will also be received from the national proxies. (Omit for Visited Only)                                                                                      
client  nrps0 {                                                                           
        host roaming0.govroam.uk                                                                  
        type udp                                                                          
        secret XXXX                                                             
}                                                                                         
                                                                                          
client  localidp0 {                                                                       
        host 10.10.10.21                                                                  
        type udp                                                                          
        secret XXXX                                                             
}                                                                                         

# Wireless system                                                                                         
client  nas {                                                                             
        host 10.10.10.10                                                                  
        type udp                                                                          
        secret XXXX                                                             
        fticksVISCOUNTRY GB                                                               
        fticksVISINST 1localnet        # Adding information to the logs about this client.                                                   
}                                                                                         

#Known local realm (Omit for Visited Only)                                                                                         
realm localnet {                                                                          
        server localidp0                                                                  
        AccountingResponse On                                                             
}                                                                                         

#Default destination for unknown realms                                                                                          
realm * {                                                                         
        server nrps0                                                                
        AccountingResponse On                                                             
}                                                                                         
siteadmin/basic_orps_radsecproxy_configuration.txt · Last modified: 2021/03/09 15:26 by admin