then dont keep it under 400. more info is better. ( and real examples too ) thanx. On 16/01/2008, Alan DeKok <aland@deployingradius.com> wrote:
orion wrote:
alan , can we have the TOC of the book ?
It's still in development, and I'm re-arranging it occasionally. At a high level:
Introduction
Concepts Participants and their roles User Devices NAS RADIUS Servers Databases AAA Overview Authentication Authorization Accounting Auditing Conversations Protocol overview Message contents Dictionaries Security
Participants in more detail User devices NAS RADIUS Servers Databases
Authentication The basics PAP CHAP MS-CHAP Digest Managing passwords hashes & protocol compatibility EAP EAP-GTC EAP-MD5 EAP-MSCHAPv2 LEAP EAP and password storage EAP-TLS Methods EAP-TLS Microsoft Windows requirements PEAP EAP-TTLS Wireless and wired security with EAP Other authentication protocols
Authorizations Principles for policy creating Logging Role-based authorization Policy maintenance Chained policies Examples
Accounting Interaction with authorization Generation of data Logging of data Relaying of packets Simultaneous-Use
RADIUS Server implementations ACS OAS Juniper OCS Radiator FreeRADIUS Others Recommendations
----- And now we get into FreeRADIUS-specific text. :)
Basic deployments Installing FreeRADIUS Configuration files radiusd.conf clients.conf proxy.conf virtual servers Starting the server Debugging Tracking configuration changes Test methodology
radiusd.conf Layout Processing of requests authentication accounting proxying Modules Multiple instances of a module Redundant and load-balanced modules simple flow control
"unlang" Introduction Interaction with modules Examples
"clients.conf"
proxy.conf
virtual servers
"users" file format sample entries
Dictionaries ATTRIBUTE definitions VALUE definitions VENDOR definitions Loading other dictionary files Creating a dictionary file Special considerations
Debugging a deployment Tools Test methods and procedures EAP testing with eapol_test
Databases LDAP Active Directory considerations SQL MySQL Postgresql
Common deployment issues Windows AP implementations RADIUS Servers LDAP Servers
Security Network security Physical security Configuration security Methods for policy creation
RADIUS protocol reference Attributes Data types VSA's Packet types
Module overview rlm_chap rlm_digest ...
If you've read this far, I'm impressed. With each topic on a single line like that, it starts to look silly after a while.
The intent, though, is to be the *definitive* reference for not only FreeRADIUS, but also for the protocol, and common use cases. Where other books say things like "Access-Request packets contain requests for access", this one says that, and more. Like common problems people see, common mistakes vendors make, common misunderstandings and how to correct them, and how to work around various issues in practice.
I'm going to try to keep it under 400 pages, but I do think there's enough material to make 400 pages.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html