document radiusv11 configuration

author Alan T. DeKok <aland@freeradius.org>

Tue, 11 Apr 2023 12:50:55 +0000 (08:50 -0400)

committer Alan T. DeKok <aland@freeradius.org>

Tue, 11 Apr 2023 13:09:49 +0000 (09:09 -0400)
author Alan T. DeKok <aland@freeradius.org>
Tue, 11 Apr 2023 12:50:55 +0000 (08:50 -0400)
committer Alan T. DeKok <aland@freeradius.org>
Tue, 11 Apr 2023 13:09:49 +0000 (09:09 -0400)
diff --git a/raddb/sites-available/tls b/raddb/sites-available/tls

index 137fcbc6cc322616b5de85e9ccf03c99a01cf63c..e58c784144b34dfbe44f234991ea612701f32832 100644 (file)
--- a/raddb/sites-available/tls
+++ b/raddb/sites-available/tls
@@ -309,6 +309,17 @@ listen {
                 tls_min_version = "1.2"
                 tls_max_version = "1.3"
  
+               #
+               #  RADIUSv11 configuration
+               #
+               #  forbid  - just use normal RADIUS/TLS
+               #  allow   - use RADIUSv11 if the other end negotiates it
+               #  require - require the use of RADIUSv11 on this connection.
+               #
+               #  The default is "forbid"
+               #
+       #       radiusv11 = forbid
+
                 #
                 #  Session resumption / fast reauthentication
                 #  cache.
@@ -477,6 +488,8 @@ clients radsec {
                 #
                 secret = radsec
  
+       #       radiusv11 = forbid
+
                 #
                 #  You can also use a "limit" section here.
                 #  See raddb/clients.conf for examples.
@@ -550,6 +563,9 @@ home_server tls {
                 #
         #       hostname = "example.com"
  
+
+       #       radiusv11 = forbid
+
                 private_key_password = whatever
                 private_key_file = ${certdir}/client.pem
author	Alan T. DeKok <aland@freeradius.org>
	Tue, 11 Apr 2023 12:50:55 +0000 (08:50 -0400)
committer	Alan T. DeKok <aland@freeradius.org>
	Tue, 11 Apr 2023 13:09:49 +0000 (09:09 -0400)