dynamic-authorization with TLS
Alan DeKok
aland at deployingradius.com
Sun Dec 20 20:15:53 CET 2020
On Dec 20, 2020, at 1:17 PM, murugesh pitchaiah <murugesh.pitchaiah at gmail.com> wrote:
>
> My understanding is freeradius should receive the coa packets. And then it
> just forwards same to the NAS. Am I right?
It can do that if you configure it. See sites-available/coa-relay in recent releases. You night need to use the v3.0.x branch from GitHub, though. It has some fixes for CoA and TLS.
> In that case there should be some originator of the coa packets who has TLS
> connection with freeradius server. Please advise if any well known
> application exist.
No, that's not necessary. FreeRADIUS can receive packets over plain UDP, and proxy them to the NAS over TLS.
> I see the originate-coa site in freeradius can do same. But not sure if
> that supports TLS.
See the v3.0.x branch on GitHub. It has fixes for this.
Alan DeKok.
More information about the Freeradius-Users
mailing list