I wasn’t playing peek-a-boo and I didn’t use the phrase “like TLS’, my first question was pretty straightforward. We were just trying to understand if we could use something other than a username/password for the authenticator to authenticate to RADIUS. From: Freeradius-Users <freeradius-users-bounces+randy.turner=landisgyr.com@lists.freeradius.org> on behalf of Alan DeKok <aland@deployingradius.com> Date: Tuesday, October 5, 2021 at 9:41 AM To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Subject: Re: Authenticator -to- RADIUS connection On Oct 5, 2021, at 9:36 AM, Turner, Randy <Randy.Turner@landisgyr.com> wrote:
I guess I was thinking about using mutual TLS for the authenticator to authenticate itself to the FreeRADIUS server…rather than a username and password..
If you look at the examples and documentation, there's EAP-TLS. If the authenticator doesn't support EAP, then it's impossible. And PLEASE ask good questions. It's frustrating to get told on the THIRD MESSAGE "Oh, something like TLS". Playing "peek a boo" with information is not productive. Alan DeKok. - List info/subscribe/unsubscribe? See https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.freeradius.org%2Flist%2Fusers.html&data=04%7C01%7Crandy.turner%40landisgyr.com%7Cb54fed4ed8cf45277eae08d98805d52d%7Cee2cd48b958f4be49852b8f104c001b9%7C0%7C0%7C637690380897334767%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=ZOw7YNQFuTNc%2FDqcDEYvedMImy2HEf5UPwwPHUVqSvU%3D&reserved=0