Cloud Radius Server
Fajar A. Nugraha
list at fajar.net
Thu Sep 27 03:15:52 CEST 2012
On Thu, Sep 27, 2012 at 5:42 AM, Michael Geary
<mgeary at greataukwireless.com> wrote:
> Good Evening,
> We have several separate networks. Our main network runs PPPoE while all of
> the others run over DHCP. I would like to migrate the DHCP networks to use
> Currently, our Radius server resides at the head end of our PPPoE network. I
> would like to remove the chance that if the Internet failed there, that no
> one on the separate networks would be able to authenticate.
> Has anyone had any experience with using a Radius server in the cloud to
> authenticate users?
There's nothing magic about it, really. You need to decide what you want first.
For example, on out setup. the NAS (i.e. BRAS) and other internal
systems (including radius and billing) are connected using internal
private network. We put radius servers on multiple locations,
connected to that internal network. That way, if one radius location
goes down, or even if the whole internet goes down, users will still
be able to authenticate.
Now when you say "radius in the cloud", it can either mean:
- you have and manage radius servers in multiple locations accessible
from internet. Again, nothing magic about this. It should just work
provided you have ways to synchronize data between radius servers
(e.g. using db replication or whatever). OR
- someone else will manage radius service for you. There are companies
that provide that, and it should work, though personally I haven't
tried any of them.
Either one should work, assuming you already know what you want and
create a suitable design for it.
More information about the Freeradius-Users