using Freeradius in a cloud application
Phil Mayers
p.mayers at imperial.ac.uk
Sun Jul 30 14:14:26 CEST 2017
On 30/07/17 12:44, The Doctor wrote:
> I wish to the following:
>
> ---------- ---------------------------- ----------------------
> | client| --> | cloud from anywhere | -->| Freeradius auth. |
> ---------- ---------------------------- ----------------------
>
> What is needed?
This is a very vague question, and you're unlikely to get good answers
without being more specific.
However, one obvious thing jumps out - RADIUS by default uses UDP and
keys off the client source IP to identify the shared secret. This will
be difficult or insecure if you have clients on unknown IPs.
As such, you will want to investigate RadSec (RADIUS-over-TLS) or use of
a tunneling mechanism (IPSec, OpenVPN, etc.)
You'll need to ask more specific questions if you want more specific advice.
More information about the Freeradius-Users
mailing list