Regarding RADIUS Authentication feature Implementation over TLS

Javed jaakhtar at cisco.com
Tue Dec 20 10:57:43 CET 2016


Hello Alan,

I have this query,

I have downloaded the server program for FreeRADIUS v3.0.10 .Would you like to share the purpose of the file below:
radclient.c
client.c   

available under /src/main/ 


You mentioned in one of the mail saying that RADIUS server has to contain client side program too in or der to serve as a client to 0the RADIUS remote servers. Is that means that the client side files we are looking for we can get all through RADIUS server code/package? 


Javed Akhtar
Technical Lead
jaakhtar at cisco.com
Tel: 
Cisco Systems, Inc.



India
cisco.com


Think before you print.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message.
Please click here for Company Registration Information.



-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+jaakhtar=cisco.com at lists.freeradius.org] On Behalf Of A.L.M.Buxey at lboro.ac.uk
Sent: 19 December 2016 17:57
To: FreeRadius developers mailing list <freeradius-devel at lists.freeradius.org>
Cc: 'FreeRadius users mailing list' <freeradius-users at lists.freeradius.org>
Subject: Re: Regarding RADIUS Authentication feature Implementation over TLS

Hi,

> >just read the 'tls' virtual server module. configure with required certificate details, add your client details, restart the server and then configure the client appropriately.
> 
> Would you like to elaborate a bit .what do you mean by configuring client appropriately? What will be the client side changes?

the client is currently RADIUS over UDP - so you'll need to configure it to use TCP/TLS and set the correct certificate details (CA etc etc - its a TLS client).

> >regarding client....I would just point the client at a local, very stripped down FR server (so its just converting the RADIUS UDP into RADIUS TLS/TCP - very very basic config... or even more basic, a local copy of radsecproxy to do the same.
> 
> Is this you ment we can download thye pakage of radsecproxy and will use the same as client side program? 
> &
> I couldn’t understnd FR server?

FR = FreeRADIUS

radsecproxy is a simple program that will take UDP and turn it into TCP/TLS

> Any opensource codebase  can be helpful to download the client side code?

FreeRADIUS contains the client side code - it has to as it is also a client of remote RADSEC servers.....

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list