Proxying between RADIUS servers using TLS
Stefan Paetow
Stefan.Paetow at jisc.ac.uk
Wed Apr 1 15:11:01 CEST 2015
> You configure only TLS home servers for that realm.
> Realms are not home servers...
Ok, let me rephrase (and run through it)... Feel free to correct:
I have a TLS-only FR service at realm1, and a TLS-only FR service at
realm2 (they are *not* the same machine).
When FR at realm1 receives a request for realm2, I need an entry for
realm2 in proxy.conf to forward the request to realm2, correct? This is
unchanged, yes?
How do I configure the realm entry for realm2? With UDP it was simple:
realm realm2 {
authhost = ip.address:port
secret = RADIUS secret
}
So for TLS it should look how?
realm realm2 {
???
}
Or do I ignore proxy.conf for that and define that somewhere else?
I apologise if this is really obvious for you and not for me... I'm only
used to ABFAB-based TLS home server resolution at this point.
Stefan Paetow
Moonshot Industry & Research Liaison Coordinator
t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at jabber.dev.ja.net
skype: stefan.paetow.janet
jisc.ac.uk
Jisc is a registered charity (number 1149740) and a company limited by
guarantee which is registered in England under Company No. 5747339, VAT
No. GB 197 0632 86. JiscĀ¹s registered office is: One Castlepark, Tower
Hill, Bristol, BS2 0JA. T 0203 697 5800.
Jisc Collections and Janet Ltd. is a wholly owned Jisc subsidiary and a
company limited by guarantee which is registered in England under Company
No. number 2881024, VAT No. GB 197 0632 86. The registered office is:
Lumen House, Library Avenue, Harwell, Didcot, Oxfordshire, OX11 0SG. T
01235 822200.
>
More information about the Freeradius-Users
mailing list