Who Talks to Who?

Thomas Reeves thomas_reeves at verizon.net
Mon Jul 5 19:58:10 CEST 2010

Thanks for the clarification, Alan.  Looks like a client corresponds to users' equipment (laptop in your example) OUTSIDE of my firewall.  This means the NAS would be my BSD-based Pfsense gateway.  I googled and found out that Pfsense supports FreeRADIUS, which answers my next question, "How do you implement NAS/FreeRADIUS communication?".

I get it now.  Thanks for everyone's input.  I'll feedback on the Kerberos implementation...


-----Original Message-----
From: freeradius-users-bounces+thomas_reeves=verizon.net at lists.freeradius.org [mailto:freeradius-users-bounces+thomas_reeves=verizon.net at lists.freeradius.org] On Behalf Of Alan Buxey
Sent: Monday, July 05, 2010 1:34 PM
To: FreeRadius users mailing list
Subject: Re: Who Talks to Who?


> Im new to FreeRADIUS and I still dont have a good sense of who talks to who.  Ive attached a small PDF-format diagram of what Im trying to accomplish and my IDEA of who talks to who.  Any links or feedback would be appreciated

clients (eg users laptops) talk to NAS (eg wifi access point), which talk to
RADIUS server, which then uses eg SQL, LDAP, AD or a flat file locally to authenticate.

a client doesnt talk directly to the RADIUS server  (dont forget, in eg 802.1X
environment, the client isnt even on the network...its using eg EAPOL to talk
over a L2 link to the access point). 

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list