Is it possible to do Auth, Accounting and COA over single client initiated RADSEC session?

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Jun 27 12:47:20 CEST 2014


On 27 Jun 2014, at 03:01, Smc Kms <smckms at cleverlittlebunny.com> wrote:

>> Heh, that's kinda cool. So even behind NAT or over a WAN link with a dynamic connection you can still signal the NAS. I can definitely see the utility in that, but I don't think it's currently supported.
> Yes Arran, you've hit the nail on the head, we don't want to have to muck around putting holes in firewalls to allow inbound connections. Having the device call out and having everything over the same session should resolve that.
> 
>>> If this is not currently supported, is this a feature that is in consideration for future development?
>> 
>> RFC6614 does not deal with this scenario, so no and probably no, unless you're willing to do the dev work.
> 
> I will be trying to implement the COA over RadSec so if I have any success with code changes, I will be in touch.

Cool, if you have any questions, feel free to post to the dev list, or ping Alan and I and email off list.

-Arran

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140627/7554514b/attachment.pgp>


More information about the Freeradius-Users mailing list