Freeradius, PostgreSQL and One-Time-Password backends
mikoi
mika.koivisto at logica.com
Fri Jun 12 17:04:53 CEST 2009
The question was "how does freeradius talk to authentication database".
What does it send to it and what does it get back?
I´ll do my best to explain.
Access-Request packet from NAS/AAA-client contains:
User-Name
User-Password (One-Time-Password)
NAS-IP-Address
FreeRadius checks with SQL:
Is user allowed to access through this (NAS-IP-Address)?
Check User-Name / profile. To which server do i proxy authentication
request?
Access-Request packet sent to authentication server (OTP system).
Is User-name/User-Password ok?
Authentication server responds: Access-Accept/Reject.
If Access-Accept. Reply goes to FreeRadius.
FreeRadius checks with SQL.
What Reply attributes to send to NAS/AAA-client.
IETF (attribute 25, Class). etc..
Does this answer your question?
I need to know if FreeRadius can do the above things and if so how do i
proceed. This is what our ACS does at the moment.
Regards
Mika
--
View this message in context: http://www.nabble.com/Freeradius%2C-PostgreSQL-and-One-Time-Password-backends-tp23996193p24000727.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list