GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  RADSECPROXY (1)

NAME

radsecproxy - a generic RADIUS proxy that provides both RADIUS UDP and TCP/TLS (RadSec) transport.

CONTENTS

SYNOPSIS

radsecproxy [-c configfile] [-d debuglevel] [-f] [-i pidfile] [-p] [-v]

DESCRIPTION

radsecproxy is a generic RADIUS proxy that in addition to to usual RADIUS UDP transport, also supports TLS (RadSec). The aim is for the proxy to have sufficient features to be flexible, while at the same time to be small, efficient and easy to configure. Currently the executable on Linux is only about 48 KB, and it uses about 64 KB (depending on the number of peers) while running.

The proxy was initially made to be able to deploy RadSec (RADIUS over TLS) so that all RADIUS communication across network links could be done using TLS, without modifying existing RADIUS software. This can be done by running this proxy on the same host as an existing RADIUS server or client, and configure the existing client/server to talk to localhost (the proxy) rather than other clients and servers directly.

There are however other situations where a RADIUS proxy might be useful. Some people deploy RADIUS topologies where they want to route RADIUS messages to the right server. The nodes that do purely routing could be using a proxy. Some people may also wish to deploy a proxy on a site boundary. Since the proxy supports both IPv4 and IPv6, it could also be used to allow communication in cases where some RADIUS nodes use only IPv4 and some only IPv6.

OPTIONS

-f

Run in foreground

By specifying this option, the proxy will run in foreground mode. That is, it won’t detach. Also all logging will be done to stderr.

-d <debug level>
 

Debug level

This specifies the debug level. It must be set to 1, 2, 3, 4 or 5, where 1 logs only serious errors, and 5 logs everything. The default is 2 which logs errors, warnings and a few informational messages.

-p

Pretend

The proxy reads configuration files and performs initialisation as usual, but exits prior to creating any sockets. It will return different exit codes depending on whether the configuration files are okay. This may be used to verify configuration files, and can be done while another instance is running.

-v

Print version

When this option is specified, the proxy will simply print version information and exit.

-c <config file path>
 

Config file path

This option allows you to specify which config file to use. This is useful if you want to use a config file that is not in any of the default locations.

-i <pid file path>
 

PID file path

This option tells the proxy to create a PID file with the specified path.

SIGNALS

The proxy generally exits on all signals. The exceptions are listed below.

SIGHUP

When logging to a file, this signal forces a reopen of the log file.

SIGPIPE

This signal is ignored.

FILES

/etc/radsecproxy.conf
 

The default configuration file.

SEE ALSO

radsecproxy.conf(5), RadSec internet draft http://tools.ietf.org/html/draft-ietf-radext-radsec
Search for    or go to Top of page |  Section 1 |  Main Index


--> RADSECPROXY (1) 1 Jun 2010

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.