mgrotke/linuxrouter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
linuxrouter/docker/routlin-dash/app/pages/radius/content.json
Matthew Grotke 286930423f Development
2026-06-06 00:51:30 -04:00

386 lines
12 KiB
JSON
Raw Blame History

{
"client_requirement": "client_is_administrator+",
"items": [
{
"type": "header_page_title",
"items": [
{
"type": "h1",
"text": "RADIUS"
},
{
"type": "p",
"text": "FreeRADIUS server configuration and shared secret."
}
]
},
{
"type": "raw_html",
"html": "<span id=\"js-pro-license\" data-value=\"%PRO_LICENSE_JS%\" hidden></span>"
},
{
"type": "info_bar",
"variant": "info",
"text": "%RADIUS_CLIENT_STATUS_TEXT%"
},
{
"type": "card",
"label": "Shared Secret",
"client_requirement": "client_is_administrator+",
"items": [
{
"type": "p",
"text": "Enter this secret in your access point or wireless controller as the RADIUS shared secret. It authenticates your APs to this router's RADIUS server."
},
{
"type": "pre_block",
"text": "%RADIUS_SECRET%"
},
{
"type": "p",
"text": "Use this router's IP address on the AP's VLAN as the RADIUS server address. Authentication port: 1812. Accounting port: 1813."
},
{
"type": "button_row",
"items": [
{
"type": "button_danger",
"action": "/action/radius/regenerate",
"method": "post",
"text": "Regenerate"
}
]
}
]
},
{
"type": "card",
"label": "Options",
"client_requirement": "client_is_administrator+",
"items": [
{
"type": "form",
"action": "/action/radius/options_save",
"method": "post",
"items": [
{
"type": "field",
"label": "MAC Address Format",
"name": "mac_format",
"input_type": "select",
"value": "%RADIUS_MAC_FORMAT%",
"options": [
{"value": "aabbccddeeff", "label": "aabbccddeeff"},
{"value": "aa-bb-cc-dd-ee-ff", "label": "aa-bb-cc-dd-ee-ff"},
{"value": "aa:bb:cc:dd:ee:ff", "label": "aa:bb:cc:dd:ee:ff"},
{"value": "AABBCCDDEEFF", "label": "AABBCCDDEEFF"},
{"value": "AA-BB-CC-DD-EE-FF", "label": "AA-BB-CC-DD-EE-FF"},
{"value": "AA:BB:CC:DD:EE:FF", "label": "AA:BB:CC:DD:EE:FF"}
],
"hint": "Must match your AP/controller's expected format."
},
{
"type": "button_row",
"items": [
{
"type": "button_primary",
"action": "/action/radius/options_save",
"method": "post",
"text": "Save"
},
{
"type": "button_cancel",
"text": "Cancel"
}
]
}
]
}
]
},
{
"type": "card",
"label": "Default VLAN",
"client_requirement": "client_is_administrator+",
"items": [
{
"type": "p",
"text": "Unknown or unregistered devices are assigned to this VLAN. For wired switch ports, also set the fallback network in your managed switch's configuration."
},
{
"type": "hr"
},
{
"type": "form",
"action": "/action/radius/default_vlan_save",
"method": "post",
"items": [
{
"type": "field",
"label": "Default VLAN",
"name": "default_vlan",
"input_type": "select",
"value": "%RADIUS_DEFAULT_VLAN%",
"options": "%RADIUS_DEFAULT_VLAN_OPTIONS%",
"hint": "Devices without a DHCP reservation will receive RADIUS authorization to be placed on this VLAN. This may also be selected on the Network Layout page by denoting a VLAN as the \"RADIUS Default\"."
},
{
"type": "button_row",
"items": [
{
"type": "button_primary",
"text": "Save"
},
{
"type": "button_cancel",
"text": "Cancel"
}
]
}
]
}
]
},
{
"type": "card",
"label": "DEFAULT Rule Scope",
"client_requirement": "client_is_administrator+",
"items": [
{
"type": "p",
"text": "The DEFAULT Rule only applies to unknown devices (those without a DHCP reservation/authorization)."
},
{
"type": "hr"
},
{
"type": "form",
"action": "/action/radius/default_rule_save",
"method": "post",
"items": [
{
"type": "field",
"label": "Which RADIUS Clients (authenticators) may apply the DEFAULT rule to unknown devices?",
"name": "apply_to",
"input_type": "select",
"value": "%RADIUS_APPLY_TO%",
"options": [
{"value": "all", "label": "All authenticators"},
{"value": "wireless", "label": "Wireless authenticators only (NAS-Port-Type = Wireless-802.11)"},
{"value": "huntgroup", "label": "Wireless authenticators only (AP huntgroup by IP)"}
],
"hint": "_"
},
{
"type": "field",
"label": "Which of the following authenticators are Wireless Access Points that you wish to add to the huntgroup?",
"name": "ap_ips",
"input_type": "checkbox_group",
"options": "%RADIUS_AP_IPS_OPTIONS%",
"value": "%RADIUS_AP_IPS%",
"hint": "These authenticators are defined on the DHCP Reservations page by denoting a device (such as a managed switch or wireless access point) as a \"RADIUS Client\"."
},
{
"type": "button_row",
"items": [
{
"type": "button_primary",
"action": "/action/radius/default_rule_save",
"method": "post",
"text": "Save"
},
{
"type": "button_cancel",
"text": "Cancel"
}
]
}
]
}
]
},
{
"type": "card",
"label": "Authentication Mode",
"client_requirement": "client_is_administrator+",
"items": [
{
"type": "p",
"text": "802.1X authentication modes require a Routlin Pro license."
},
{
"type": "hr"
},
{
"type": "form",
"action": "/action/radius/auth_mode_save",
"method": "post",
"items": [
{
"type": "field",
"label": "Authentication Mode",
"name": "auth_mode",
"input_type": "select",
"value": "%RADIUS_AUTH_MODE%",
"options": "%RADIUS_AUTH_MODE_OPTIONS%",
"hint": "_"
},
{
"type": "raw_html",
"html": "<div id=\"eap-protocol-row\">"
},
{
"type": "field",
"label": "Username/Password Protocol",
"name": "eap_protocol",
"input_type": "select",
"value": "%RADIUS_EAP_PROTOCOL%",
"options": "%RADIUS_EAP_PROTOCOL_OPTIONS%",
"hint": "_"
},
{
"type": "raw_html",
"html": "</div>"
},
{
"type": "button_row",
"items": [
{
"type": "button_primary",
"text": "Save"
},
{
"type": "button_cancel",
"text": "Cancel"
}
]
}
]
}
]
},
{
"type": "card",
"label": "EAP Settings",
"client_requirement": "client_is_administrator+",
"items": [
{
"type": "p",
"text": "These settings are required for MAC-based 802.1X authentication on managed switches."
},
{
"type": "hr"
},
{
"type": "form",
"action": "/action/radius/eap_save",
"method": "post",
"items": [
{
"type": "field",
"label": "",
"name": "allow_weak_eap",
"input_type": "checkbox",
"checkbox_label": "Allow weak EAP types",
"value": "%RADIUS_ALLOW_WEAK_EAP%",
"hint": "Enables EAP-MD5. Required for switch port MAC-based 802.1X authentication."
},
{
"type": "field",
"label": "",
"name": "tunneled_reply",
"input_type": "checkbox",
"checkbox_label": "Use tunneled reply (EAP-TTLS / EAP-PEAP)",
"value": "%RADIUS_TUNNELED_REPLY%",
"hint": "Sets use_tunneled_reply = yes in EAP-TTLS and EAP-PEAP modules. Required for switch MAC authentication."
},
{
"type": "button_row",
"items": [
{
"type": "button_primary",
"text": "Save"
},
{
"type": "button_cancel",
"text": "Cancel"
}
]
}
]
}
]
},
{
"type": "card",
"label": "Logging",
"client_requirement": "client_is_administrator+",
"items": [
{
"type": "form",
"action": "/action/radius/logging_save",
"method": "post",
"items": [
{
"type": "field",
"label": "",
"name": "logging",
"input_type": "checkbox",
"checkbox_label": "Log auth requests",
"value": "%RADIUS_LOGGING%",
"hint": "%RADIUS_LOGGING_HINT%"
},
{
"type": "hr"
},
{
"type": "pre_block",
"text": "%RADIUS_LOG_TAIL%",
"scroll_to_bottom": true
},
{
"type": "raw_html",
"html": "%RADIUS_LOG_SUMMARY%"
},
{
"type": "button_row",
"items": [
{
"type": "button_ghost",
"action": "/action/radius/logging_download",
"text": "Download Log"
}
]
},
{
"type": "hr"
},
{
"type": "field",
"label": "Max Log Size (KB)",
"name": "log_max_kb",
"input_type": "number",
"layout": "inline",
"value": "%RADIUS_GEN_LOG_MAX_KB%",
"min": "64",
"hint": "Log will automatically be cleared when it reaches this size."
},
{
"type": "button_row",
"items": [
{
"type": "button_primary",
"text": "Save"
},
{
"type": "button_cancel",
"text": "Cancel"
}
]
}
]
}
]
}
]
}
Reference in a new issue View git blame Copy permalink