配置代理服务

在线编辑

RADIUS 代理配置信息位于 /etc/radius 目录中的 proxy 文件中。

初始 proxy 文件包含示例条目。 代理文件中有三个字段:Realm NameNext Hop IP address 以及 Shared Secret

要配置代理规则,请从以下项中选择:

 	  Configure Proxy Rules  

List all Proxy 
Add a Proxy 
Change / Show Characteristics of a Proxy 
Remove a Proxy
选择 List all Proxy 选项可读取 /etc/radius/proxy 文件并以列格式显示三个字段。 以下是列标题:
realm_name   next_hop_address  shared_secret

选择 Add a Proxy 可显示以下屏幕。 将从面板中检索信息,并将数据附加到 /etc/radius/proxy 文件的底部。

在两个 RADIUS 服务器之间,代理链的每个中继段都使用共享的秘密。 共享的秘密包含在 /etc/radius/proxy_file 中。 对于链中的每个代理中继段,共享秘密应该是唯一的。

有关创建共享密钥的更多信息,请参阅 /etc/radius/clients 文件

要添加代理,请从下面所示的字段中选择:

             Add a Proxy 
*Realm Name                               []  (max 64 chars) 
*Next Hop IP address (dotted decimal)     [xx.xx.xx.xx] 
*Shared Secret                            []  (minimum 6, maximum 256 chars)
选择 Change/Show 选项会显示域名列表。 该列表显示在弹出屏幕中,并且您必须选择一个域名。

Remove a Proxy 选项会显示域名列表。 该列表显示在弹出屏幕中,并且用户必须选择一个域名。 选择了名称后,除去域之前会显示验证弹出屏幕。

以下示例是 radiusd.conf 文件的代理配置信息部分:
#------------------------------------------------------------------#
#       PROXY RADIUS Information                                   #
#                                                                  #
#                                                                  #
#   Proxy_Allow               :  ON or OFF. If ON, then the server #
#                                can proxy packets to realms it    #
#                                knows of and the following        #
#                                fields must also be configured.   #
#   Proxy_Use_Table           :  ON or OFF. If ON, then the server #
#                                can use table for faster          #
#                                processing of duplicate requests  #
#                                Can be used without proxy ON, but #
#                                it is required to be ON if        #
#                                Proxy_Use_Table is set to ON.     #
#   Proxy_Realm_name          :  This field specifies the realm    #
#                                this server services.             #
#   Proxy_Prefix_delim        :  A list of separators for parsing  #
#                                realm names added as a prefix to  #
#                                the username.  This list must be  #
#                                mutually exclusive to the Suffix  #
#                                delimiters.                       #
#   Proxy_Suffix_delim        :  A list of separators for parsing  #
#                                realm names added as a suffix to  #
#                                the username.  This list must be  #
#                                mutually exclusive to the Prefix  #
#                                delimiters.                       #
#   Proxy_Remove_Hops         :  YES or NO.  If YES then the       #
#                                will remove its realm name, the   #
#                                realm names of any previous hops  #
#                                and the realm name of the next    #
#                                server the packet will proxy to.  #
#                                                                  #
#   Proxy_Retry_count         :  The number of times to attempt    #
#                                to send the request packet.       #
#                                                                  #
#   Proxy_Time_Out            :  The number of seconds to wait     #
#                                in between send attempts.         #
#                                                                  #
#------------------------------------------------------------------#
Proxy_Allow               :   OFF
Proxy_Use_Table           :   OFF
Proxy_Realm_name          :
Proxy_Prefix_delim        :   $/
Proxy_Suffix_delim        :   @.
Proxy_Remove_Hops         :   NO
Proxy_Retry_count         :   2
Proxy_Time_Out            :   3