[c-nsp] Cisco SSG as a RADIUS gateway without SESM?

[Nitzan Tzelniker]

If you don't wont to work with the SESM you have two options

1. use WSG (SOAP interface on the SESM) here you will need SESM but
the configuration is very simple in this case (you don't need to work
with the JSP code just edit some XML and build web service on your web
server that will tack with the SESM).

2. use http://search.cpan.org/~cmyers/Net-Radius-SSG-0.04/SSG.pm this
is perl module that talk with the SSG I didn't test it yet but it look
a little older and you can`t use PBHK with it.

Nitzan

On 3/3/06, A. K. <ak21201 at gmail.com> wrote:
> We use Cisco 2811 as edge routers in a PWLAN environment. Currently we have
> "hotspot in a box" type devices (think Nomadix, Colubris, Xyzel, etc.)
> acting as gateways to AAA and RADIUS.
>
> AAA & RADIUS <----> Internet <----> 2811 <----> Catalyst <----> "hotspot
> box" & Aironet WAP <----> Client
>
> Our requirements are basic. We need a user to get HTTP redirected to a
> remote login page, authenticate against a remote RADIUS, surf the internet,
> and log-off.
>
> >From what I've read about the SSG it sounds like it could perform the
> functions of a "hotspot box" and the software will run on our existing
> routers. However, the configuration options for the SSG are a bit
> bewildering and every document I have found mentions the SESM as a
> requirement which we would prefer not to implement.
>
> Is there a basic config for the SSG that would suit our needs or is what we
> are trying to implement impossible without SESM? If possible we would prefer
> to run with something like this.....
>
> AAA & RADIUS <----> Internet <----> 2811 w/SSG <----> Catalyst <---->
> Aironet WAP <----> Client
>
> Any help, advice, right-direction-pointing, much appreciated!
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>