Authenticator -to- RADIUS connection

[Turner, Randy]

I wasn’t playing peek-a-boo and I didn’t use the phrase “like TLS’, my first question was pretty straightforward.   We were just trying to understand if we could use something other than a username/password for the authenticator to authenticate to RADIUS.

From: Freeradius-Users <freeradius-users-bounces+randy.turner=landisgyr.com at lists.freeradius.org> on behalf of Alan DeKok <aland at deployingradius.com>
Date: Tuesday, October 5, 2021 at 9:41 AM
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: Authenticator -to- RADIUS connection
On Oct 5, 2021, at 9:36 AM, Turner, Randy <Randy.Turner at landisgyr.com> wrote:
> I guess I was thinking about using mutual TLS for the authenticator to authenticate itself to the FreeRADIUS server…rather than a username and password..

  If you look at the examples and documentation, there's EAP-TLS.

  If the authenticator doesn't support EAP, then it's impossible.

  And PLEASE ask good questions.  It's frustrating to get told on the THIRD MESSAGE "Oh, something like TLS".  Playing "peek a boo" with information is not productive.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.freeradius.org%2Flist%2Fusers.html&data=04%7C01%7Crandy.turner%40landisgyr.com%7Cb54fed4ed8cf45277eae08d98805d52d%7Cee2cd48b958f4be49852b8f104c001b9%7C0%7C0%7C637690380897334767%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=ZOw7YNQFuTNc%2FDqcDEYvedMImy2HEf5UPwwPHUVqSvU%3D&reserved=0