dynamic-authorization with TLS
murugesh pitchaiah
murugesh.pitchaiah at gmail.com
Sun Dec 20 19:17:58 CET 2020
Thanks Alan.
My understanding is freeradius should receive the coa packets. And then it
just forwards same to the NAS. Am I right?
In that case there should be some originator of the coa packets who has TLS
connection with freeradius server. Please advise if any well known
application exist.
I see the originate-coa site in freeradius can do same. But not sure if
that supports TLS.
Thanks in advance.
Regards
Murugesh. P
On Sun, Dec 20, 2020, 10:56 PM Alan DeKok <aland at deployingradius.com> wrote:
> On Dec 20, 2020, at 8:37 AM, murugesh pitchaiah <
> murugesh.pitchaiah at gmail.com> wrote:
> > TLS Connection between Radius server and NAS is established. But when
> > testing the coa - looks like the radclient to Radis server
> > communication is failing.
>
> radclient cannot do TLS. It can do TCP, but not TLS. They're really
> not the same thing.
>
> If you need to send packets to localhost, there's no benefit to using
> TLS.
>
> > To send a coa disconnect/coa request to TLS port is there any other
> > way ? Am i missing any configuration ? Any help please.
>
> Use TLS when connecting to a TLS port. Don't use bare TCP.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list