-
Notifications
You must be signed in to change notification settings - Fork 5
Modules
- mod_pap - PAP protocol implementation
- mod_chap - CHAP protocol implementation
- mod_digest - Digest protocol implementation
- mod_mschap_v2 - Microsoft CHAP version 2 protocol implementation
- mod_ippool - Implementation of pool of IP addresses
- mod_rpc - interface to execute commands on the server side
- mod_iptraffic - module for serving the VPN customers
- mod_postgresql - PostgreSQL driver for Netspire
- mod_disconnect_script - module for disconnecting clients with the executing external program
- mod_disconnect_pod - module for terminating client's sessions by sending Radius disconnect message to the NAS
Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2) that provides stronger security for the remote access connections.
This should be added to the modules section of the netspire.conf: {mod_mschap_v2, [{use_mppe, no}, {require_encryption, yes}, {require_strong, yes}]}
- use_mppe = yes | no
Enable or disable generation of the additional Radius attributes in Accept-Response packet which adds the support of the MPPE encryption.
- require_encryption = yes | no
Setup the MS-MPPE-Encryption-Policy attribute in the appropiate value to signify whether the use of encryption is allowed or required.
- require_strong = yes | no
Signify the types of the encryption available for the use of MPPE, 40-bit key or 128-bit key.
It's used to manage the pools of the IP addresses. Could allocate the pools, lease, renew and release of the IP addresses.
This should be added to the modules section of the netspire.conf: {mod_ippool, [ {allocate, true}, {default, main}, {timeout, 180}, {pools, [ {main, ["10.10.1.0/24", "192.168.1.0/255.255.252.0"]} ]} ]}
- allocate = true | false
Reset the pool on every application start
- default = name()
Default pool name will be used if Netspire-Framed-Pool RADIUS reply is missing
- timeout = integer()
Configure the life time of the leased IP address. IP address will be released after timeout value. The value should be specified in seconds.
Be aware that timeout value has to be 2-3 seconds more than the session_timeout parameter in mod_iptraffic
- The pools section is used to describe the IP pools and their IP ranges.
Disconnect the client by the executing external program
This should be added to the modules section of the netspire.conf:
{mod_disconnect_script, [{disconnect_script, "/full/path/to/script"}]}
- disconnect_script = string()
Specify the full path to the program which needs to be executed.
Terminate the client's session by sending Radius Disconnect-Message (rfc3576) to the NAS
This should be added to the modules section of the netspire.conf:
{mod_disconnect_pod, []}