RADIUS client-server connection across internet
Aaron Peschel
aaron.peschel at gmail.com
Thu Oct 10 09:34:57 CEST 2019
I'm looking to connect a Point to Site VPN endpoint to a RADIUS server
across the internet, and I'm looking for some guidance on whether my
understanding is correct.
My understanding is having a RADIUS server listening directly on the
internet would be bad security-wise, and should not be done, is this
correct?
Instead, a better architecture would be to connect the RADIUS server and
client over a secured channel, like a Site to Site VPN connection.
Is my understanding correct here? Would it be fine to connect a client to
the server over the internet directly? Is there an alternative simpler
solution that I am overlooking?
Thank you,
-Aaron Peschel
More information about the Freeradius-Users
mailing list