Who Talks to Who?
thomas_reeves at verizon.net
Mon Jul 5 19:58:10 CEST 2010
Thanks for the clarification, Alan. Looks like a client corresponds to users' equipment (laptop in your example) OUTSIDE of my firewall. This means the NAS would be my BSD-based Pfsense gateway. I googled and found out that Pfsense supports FreeRADIUS, which answers my next question, "How do you implement NAS/FreeRADIUS communication?".
I get it now. Thanks for everyone's input. I'll feedback on the Kerberos implementation...
From: freeradius-users-bounces+thomas_reeves=verizon.net at lists.freeradius.org [mailto:freeradius-users-bounces+thomas_reeves=verizon.net at lists.freeradius.org] On Behalf Of Alan Buxey
Sent: Monday, July 05, 2010 1:34 PM
To: FreeRadius users mailing list
Subject: Re: Who Talks to Who?
> Im new to FreeRADIUS and I still dont have a good sense of who talks to who. Ive attached a small PDF-format diagram of what Im trying to accomplish and my IDEA of who talks to who. Any links or feedback would be appreciated
clients (eg users laptops) talk to NAS (eg wifi access point), which talk to
RADIUS server, which then uses eg SQL, LDAP, AD or a flat file locally to authenticate.
a client doesnt talk directly to the RADIUS server (dont forget, in eg 802.1X
environment, the client isnt even on the network...its using eg EAPOL to talk
over a L2 link to the access point).
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users