xenial (1) radsecproxy.1.gz

Provided by: radsecproxy_1.6.5-1build1_amd64 bug

NAME

       radsecproxy - a generic RADIUS proxy that provides both RADIUS UDP and TCP/TLS (RadSec) transport.

SYNOPSIS

       radsecproxy [-c configfile] [-d debuglevel] [-f] [-i pidfile] [-p] [-v]

DESCRIPTION

       radsecproxy  is  a  generic RADIUS proxy that in addition to to usual RADIUS UDP transport, also supports
       TLS (RadSec). The aim is for the proxy to have sufficient features to be flexible, while at the same time
       to be small, efficient and easy to configure.  Currently the executable on Linux is only about 48 KB, and
       it uses about 64 KB (depending on the number of peers) while running.

       The proxy was initially made to  be  able  to  deploy  RadSec  (RADIUS  over  TLS)  so  that  all  RADIUS
       communication  across  network links could be done using TLS, without modifying existing RADIUS software.
       This can be done by running this proxy on the same host as an  existing  RADIUS  server  or  client,  and
       configure  the  existing  client/server  to  talk  to localhost (the proxy) rather than other clients and
       servers directly.

       There are however other situations where a RADIUS proxy  might  be  useful.  Some  people  deploy  RADIUS
       topologies where they want to route RADIUS messages to the right server. The nodes that do purely routing
       could be using a proxy. Some people may also wish to deploy a proxy on a site boundary. Since  the  proxy
       supports  both  IPv4  and  IPv6,  it could also be used to allow communication in cases where some RADIUS
       nodes use only IPv4 and some only IPv6.

OPTIONS

       -f

              Run in foreground

              By specifying this option, the proxy will run in foreground mode. That is, it won't  detach.  Also
              all logging will be done to stderr.

       -d <debug level>

              Debug level

              This  specifies  the  debug  level.  It  must be set to 1, 2, 3, 4 or 5, where 1 logs only serious
              errors, and 5  logs  everything.  The  default  is  2  which  logs  errors,  warnings  and  a  few
              informational messages.

       -p

              Pretend

              The  proxy  reads  configuration  files  and  performs initialisation as usual, but exits prior to
              creating any sockets. It will return different exit codes depending on whether  the  configuration
              files  are  okay.  This  may  be used to verify configuration files, and can be done while another
              instance is running.

       -v

              Print version

              When this option is specified, the proxy will simply print version information and exit.

       -c <config file path>

              Config file path

              This option allows you to specify which config file to use. This is useful if you want  to  use  a
              config file that is not in any of the default locations.

       -i <pid file path>

              PID file path

              This option tells the proxy to create a PID file with the specified path.

SIGNALS

       The proxy generally exits on all signals. The exceptions are listed below.

       SIGHUP

              When logging to a file, this signal forces a reopen of the log file.

       SIGPIPE

              This signal is ignored.

FILES

       /etc/radsecproxy.conf

              The default configuration file.

SEE ALSO

       radsecproxy.conf(5), RadSec internet draft http://tools.ietf.org/html/draft-ietf-radext-radsec

                                                   1 Jun 2010                                     radsecproxy(1)