RADIUS shared secret over internet

Fajar A. Nugraha list at fajar.net
Tue Apr 9 10:27:59 CEST 2013


On Tue, Apr 9, 2013 at 2:52 PM, Muhammad Nuzaihan Kamal Luddin
<muhammad at taqisystems.com> wrote:
> Hi,
>
> I have read on the archives regarding the above issue and that the
> RADIUS shared secret is an obfuscation method of securing the
> communications between the NAS and RADIUS Server.
>
> One method i have read is by using IPSec

... or whatever private tunnel you can create between NAS and radius,
e.g. openvpn, PPTP, etc.

> but i am asking around if there
> are other ideas that i may not have thought of.

Depending on what you use the radius for, you might get away by ONLY
allowing (T)TLS/EAP along with strict cert checking.

-- 
FAN


More information about the Freeradius-Users mailing list