dynamic-authorization with TLS

murugesh pitchaiah murugesh.pitchaiah at gmail.com
Sun Dec 20 19:17:58 CET 2020

Thanks Alan.

My understanding is freeradius should receive the coa packets. And then it
just forwards same to the NAS. Am I right?

In that case there should be some originator of the coa packets who has TLS
connection with freeradius server. Please advise if any well known
application exist.

I see the originate-coa site in freeradius can do same. But not sure if
that supports TLS.

Thanks in advance.

Murugesh. P

On Sun, Dec 20, 2020, 10:56 PM Alan DeKok <aland at deployingradius.com> wrote:

> On Dec 20, 2020, at 8:37 AM, murugesh pitchaiah <
> murugesh.pitchaiah at gmail.com> wrote:
> > TLS Connection between Radius server and NAS is established. But when
> > testing the coa - looks like the radclient to Radis server
> > communication is failing.
>   radclient cannot do TLS.  It can do TCP, but not TLS.  They're really
> not the same thing.
>   If you need to send packets to localhost, there's no benefit to using
> TLS.
> > To send a coa disconnect/coa request to TLS port is there any other
> > way ? Am i missing any configuration ? Any help please.
>   Use TLS when connecting to a TLS port.  Don't use bare TCP.
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list