RadSec Dynamic Server Discovery

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Tue Jan 12 11:06:42 CET 2016


> They also claim that it's less secure to expose the RADIUS servers
> directly, but I don't really buy that argument.

eh?  if you just use a national proxy you only need prot 2083 open to those few hosts.

if you use dynamic server discovery you need to open up port 2083 to the whole
internet (as you dont know the source addresses of all legitimate RADIUS servers).


More information about the Freeradius-Users mailing list