1radsecproxy(1)              General Commands Manual             radsecproxy(1)
2
3
4

NAME

6       radsecproxy  - a generic RADIUS proxy that provides both RADIUS UDP and
7       TCP/TLS (RadSec) transport.
8
9

SYNOPSIS

11       radsecproxy [-c configfile] [-d debuglevel] [-f] [-i pidfile] [-p] [-v]
12
13
14

DESCRIPTION

16       radsecproxy is a generic RADIUS proxy that  in  addition  to  to  usual
17       RADIUS  UDP  transport,  also supports TLS (RadSec). The aim is for the
18       proxy to have sufficient features to be flexible,  while  at  the  same
19       time to be small, efficient and easy to configure.
20
21       The  proxy  was initially made to be able to deploy RadSec (RADIUS over
22       TLS) so that all RADIUS communication across  network  links  could  be
23       done  using  TLS, without modifying existing RADIUS software.  This can
24       be done by running this proxy on the same host as  an  existing  RADIUS
25       server  or  client, and configure the existing client/server to talk to
26       localhost (the proxy) rather than other clients and servers directly.
27
28       There are however other situations where a RADIUS proxy might  be  use‐
29       ful.  Some  people  deploy  RADIUS  topologies where they want to route
30       RADIUS messages to the right server. The nodes that do  purely  routing
31       could  be using a proxy. Some people may also wish to deploy a proxy on
32       a site boundary. Since the proxy supports both IPv4 and IPv6, it  could
33       also  be  used  to allow communication in cases where some RADIUS nodes
34       use only IPv4 and some only IPv6.
35
36

OPTIONS

38       -f     Run in foreground.
39              By specifying this option, the  proxy  will  run  in  foreground
40              mode. That is, it won't detach. Also all logging will be done to
41              stderr.
42
43
44       -d debuglevel
45              This specifies the debug level. It must be set to 1, 2, 3, 4  or
46              5,  where 1 logs only serious errors, and 5 logs everything. The
47              default is 2 which logs errors, warnings and a few informational
48              messages.
49
50
51       -p     Pretend
52              The  proxy reads configuration files and performs initialisation
53              as usual, but exits prior  to  creating  any  sockets.  It  will
54              return  different exit codes depending on whether the configura‐
55              tion files are okay. This may be used  to  verify  configuration
56              files, and can be done while another instance is running.
57
58
59       -v     Print version and exit.
60
61
62       -c configfile
63              This option allows you to specify which config file to use. This
64              is useful if you want to use a config file that is not in any of
65              the default locations.
66
67
68       -i pidfile
69              This option tells the proxy to create a PID file with the speci‐
70              fied path.
71
72

SIGNALS

74       The proxy generally exits on all signals.  The  exceptions  are  listed
75       below.
76
77
78       SIGHUP
79              When  logging  to a file, this signal forces a reopen of the log
80              file.
81              When using TLS or DTLS, reload certificate CRLs.
82
83
84       SIGPIPE
85              This signal is ignored.
86
87

FILES

89       /etc/radsecproxy.conf
90
91              The default configuration file.
92
93

SEE ALSO

95       radsecproxy.conf(5), radsecproxy-hash(1)
96
97
98
99                                  5 July 2018                   radsecproxy(1)
Impressum