Simple questiona about RadSec - Freeradius 3.0.10
Hello Guys, I have a simple question about RadSec, but after a lot of research on the web i cant't figure out the solution. I have a federated FreeRADIUS scenario, where one central server answer requests and N other server who sent them requests. Everything is working fine without RadSec. But for security reasons i'm trying to configure RadSec. In my central server i have setup the RadSec sites-avaiable properly, but at my distributed clients i can't figure out what and where i have to change for client FreeRADIUS to proxy request as RadSec. In my research i found about radsecproxy, but i Think FreeRADIUS 3.0.X don't need that right? I'm using FreeRADIUS 3.0.10 compiled from source. My proxy config is like: realm central { type = auth authhost = centralradius.my.domain secret = secrect nostrip } So guys, what and where i have to change to this scenario works? With regards, Neuton Martins Costa
Your proxy config is just plain radius. You need to read the radsec parts of the config and ensure you have not only properly defined radeec clients on the central box but also radsec proxy statements on the leaf nodes alan
On Feb 18, 2016, at 12:27 PM, Neuton Martins <notuenmc@gmail.com> wrote:
I have a simple question about RadSec, but after a lot of research on the web i cant't figure out the solution.
See raddb/sites-available/tls The server comes with a detailed example that documents what it does, and how it works. Alan DeKok.
Thank you for the responses, i have read raddb/sites-available/tls, but i will read again several times until understandand. 2016-02-18 15:27 GMT-02:00 Neuton Martins <notuenmc@gmail.com>:
Hello Guys,
I have a simple question about RadSec, but after a lot of research on the web i cant't figure out the solution. I have a federated FreeRADIUS scenario, where one central server answer requests and N other server who sent them requests. Everything is working fine without RadSec. But for security reasons i'm trying to configure RadSec. In my central server i have setup the RadSec sites-avaiable properly, but at my distributed clients i can't figure out what and where i have to change for client FreeRADIUS to proxy request as RadSec. In my research i found about radsecproxy, but i Think FreeRADIUS 3.0.X don't need that right? I'm using FreeRADIUS 3.0.10 compiled from source.
My proxy config is like: realm central { type = auth authhost = centralradius.my.domain secret = secrect nostrip }
So guys, what and where i have to change to this scenario works?
With regards,
Neuton Martins Costa
participants (3)
-
Alan Buxey -
Alan DeKok -
Neuton Martins