User + X Authentication

Raz Muhammad raz.muhammad at cerberusnetworks.co.uk
Tue Sep 20 13:18:58 CEST 2011


Hi,

We are successfully running the following version on our network for our DSL users.

FreeRADIUS Version 2.1.7, for host i686-redhat-linux-gnu, built on Mar 31 2010 at 00:25:31
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.

FreeRADIUS was compiled with MySQL and radcheck is used for authentication along with other relevant tables.
We recently had a scenario where security of a CPE is a concern, and using PPP authentication is not enough. Someone suggested using Routers mac address along with PPP username/password authentication. But this method would relay on getting the router Mac address during the PPP negotiation, and it might be coming via the calling-station-id attribute, some suggestions are about using EAP and certifcates on the router.
I would like to find out what would be the best way to go for extra layer of authentication based security while using FreeRADIUS? and how can that be done with MySQL?

Regards
Raz

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110920/6470bde0/attachment.html>


More information about the Freeradius-Users mailing list