LinuxCommandLibrary

pppd-radius

RADIUS authentication plugin for pppd(8)

SYNOPSIS

pppd [ options ] plugin radius.so

DESCRIPTION

The RADIUS plugin for pppd permits pppd to perform PAP, CHAP, MS-CHAP and MS-CHAPv2 authentication against a RADIUS server instead of the usual /etc/ppp/pap-secrets and /etc/ppp/chap-secrets files.

The RADIUS plugin is built on a library called radiusclient which has its own configuration files (usually in /etc/radiusclient), consult those files for more information on configuring the RADIUS plugin

OPTIONS

The RADIUS plugin introduces one additional pppd option:

radius-config-file filename

The file filename is taken as the radiusclient configuration file. If this option is not used, then the plugin uses /etc/radiusclient/radiusclient.conf as the configuration file.

avpair attribute=value

Adds an Attribute-Value pair to be passed on to the RADIUS server on each request.

map-to-ifname

Sets Radius NAS-Port attribute to number equal to interface name (Default)

map-to-ttyname

Sets Radius NAS-Port attribute value via libradiusclient library

USAGE

To use the plugin, simply supply the plugin radius.so option to pppd, and edit /etc/radiusclient/radiusclient.conf appropriately. If you use the RADIUS plugin, the normal pppd authentication schemes (login, checking the /etc/ppp/*-secrets files) are skipped. The RADIUS server should assign an IP address to the peer using the RADIUS Framed-IP-Address attribute.

SEE ALSO

pppd(8) pppd-radattr(8)

AUTHOR

Dianne Skoll <dianne@skoll.ca>

Copied to clipboard