Secure tunnel to freeradius
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Mon Aug 5 14:29:07 CEST 2013
Hi,
> We have a a supplicant that is our own box doing client 802.1x
> authentication using freeradius. We do not establish a TLS/IPSec
> connection between the supplicant and freeradius. We need to establish a
> secure channel between the supplicant and freeradius.
NAS or supplicant? a supplicant never talks to the RADIUS - its all done
via the NAS.
there are plenty of options to you - you already have thought about one
method - use a VPN (DTLS/IPsec based...up to you) to tunnel the RADIUS though.
or , if the NAS can do it, think about RADSEC - FreeRADIUS 3 supports
RADSEC and its the way to go unless you want to forget RADIUS and use DIAMETER
instead.
alan
More information about the Freeradius-Users
mailing list