focal (1) radsecproxy.1.gz

Provided by: radsecproxy_1.8.1-1_amd64 bug

NAME
       radsecproxy - a generic RADIUS proxy that provides both RADIUS UDP and TCP/TLS (RadSec) transport.


SYNOPSIS
       radsecproxy [-c configfile] [-d debuglevel] [-f] [-i pidfile] [-p] [-v]


DESCRIPTION
       radsecproxy  is  a  generic RADIUS proxy that in addition to to usual RADIUS UDP transport, also supports
       TLS (RadSec). The aim is for the proxy to have sufficient features to be flexible, while at the same time
       to be small, efficient and easy to configure.

       The  proxy  was  initially  made  to  be  able  to  deploy  RadSec  (RADIUS  over TLS) so that all RADIUS
       communication across network links could be done using TLS, without modifying existing  RADIUS  software.
       This  can  be  done  by  running  this proxy on the same host as an existing RADIUS server or client, and
       configure the existing client/server to talk to localhost (the  proxy)  rather  than  other  clients  and
       servers directly.

       There  are  however  other  situations  where  a  RADIUS proxy might be useful. Some people deploy RADIUS
       topologies where they want to route RADIUS messages to the right server. The nodes that do purely routing
       could  be  using a proxy. Some people may also wish to deploy a proxy on a site boundary. Since the proxy
       supports both IPv4 and IPv6, it could also be used to allow communication  in  cases  where  some  RADIUS
       nodes use only IPv4 and some only IPv6.


OPTIONS
       -f     Run in foreground.
              By  specifying  this option, the proxy will run in foreground mode. That is, it won't detach. Also
              all logging will be done to stderr.

       -d debuglevel
              This specifies the debug level. It must be set to 1, 2, 3, 4 or  5,  where  1  logs  only  serious
              errors,  and  5  logs  everything.  The  default  is  2  which  logs  errors,  warnings  and a few
              informational messages.

       -p     Pretend
              The proxy reads configuration files and performs initialisation  as  usual,  but  exits  prior  to
              creating  any  sockets. It will return different exit codes depending on whether the configuration
              files are okay. This may be used to verify configuration files, and  can  be  done  while  another
              instance is running.

       -v     Print version and exit.

       -c configfile
              This  option  allows  you to specify which config file to use. This is useful if you want to use a
              config file that is not in any of the default locations.

       -i pidfile
              This option tells the proxy to create a PID file with the specified path.


SIGNALS
       The proxy generally exits on all signals. The exceptions are listed below.

       SIGHUP
              When logging to a file, this signal forces a reopen of the log file.
              When using TLS or DTLS, reload certificate CRLs.

       SIGPIPE
              This signal is ignored.


FILES
       /etc/radsecproxy.conf

              The default configuration file.


SEE ALSO
       radsecproxy.conf(5), radsecproxy-hash(1)

                                                   5 July 2018                                    radsecproxy(1)