password encrypt

[Dale Grice]

Hi all,


I am hoping that someone can verify my understanding of one part of the
Xauth process. I am using a Juniper SSG as a firewall and need to allow
access from a vendor on the untrust zone to a server on a demil zone for
admin purposes.

My understanding is that freeradius uses the secret password in the
clients.conf file to encrypt the user password sent to the Juniper in this
case, which then sends to the untrust user for verification. Is this
correct. I am trying to determine if the password is in the clear on the
Internet or if I have to go through the trouble of setting up a VPN between
the vendor and the server.

Thanks,

Dale

-- 

Dale Grice

Staff Engineer, Lab Architect; Motorola
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111122/2c0ac4ab/attachment.html>