FreeRADIUS Accounting Logging to Two Separate Locations Simultaneously
CHRISTOPHER SHELDON DECKER
csd126 at psu.edu
Fri Sep 6 00:13:37 CEST 2013
Alan,
Thanks for responding.
I'm from the Security group so I'm not intimately familiar with FreeRADIUS - can you please elaborate on how it would work off we set up a Virtual Accounting server?
Sent from my iPhone
> On Sep 5, 2013, at 5:53 PM, Alan Buxey <A.L.M.Buxey at lboro.ac.uk> wrote:
>
> The default install comes with a few accounting virtual servers that you can use. I'd strongly advise one of the or of band asynchronous ones.
>
> If you use UDP syslog is not blocking. .. it is fire and forget. .. so if you might lose packets if you have congested links or a disruption between source and destination. For security throw a VPN tunnel between the hosts.
>
> At the end is whatever floats your boat and is maintainable. . you had a big list some of which seem prone to issues and overworked. And why not think of it the other way around? Let security have all the logs and then give ops access to the data via their system. ..ops then no longer need to worry about data retention, the legal issues, disk space etc. ..they just run a radius daemon ;)
>
> alan
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list