how many clients use TCP Radius

Florin Andrei florin at
Wed May 4 03:01:38 CEST 2016

On 2016-05-03 17:56, Alan DeKok wrote:
> On May 3, 2016, at 8:45 PM, Florin Andrei <florin at> 
> wrote:
>> What clients actually use Radius over TCP? I can't find anything out 
>> there that's widely deployed and can query a Radius server over TCP. 
>> E.g. the Cisco documentation for routers, etc. seems to indicate that 
>> they only do UDP.
>   Most things only do UDP.
>> The reason why I'm asking - I'm looking into setting up authentication 
>> for a variety of clients, with Radius used as a transport protocol, 
>> and I'm wondering if it's worth the trouble to even think about 
>> enabling TCP, or promising I could offer TCP.
>   Don't use TCP.  Use TLS over TCP.  The RADIUS over TCP RFC says this
> explicitly.

Yup. I was looking at Radsec the other day. The problem is, if a lot of 
clients out there only do UDP, then Radsec is not really an option, 

I can't find even a single example of a client that can connect to a 
Radius server via TCP. Not custom-written clients that someone wrote 
specifically to do that, but devices or apps that are in fairly common 
use and just employ Radius for authentication.

Florin Andrei

More information about the Freeradius-Users mailing list