[c-nsp] Open Source Substitute for Cisco's Secure ACS?
Stephen Fulton
sf at lists.esoteric.ca
Thu Aug 13 21:51:23 EDT 2009
For PPPoE, FreeRADIUS is very worthwhile. The options the software provides on
on-par with the best commercial RADIUS software. The downside? It is not GUI
based (though you can write your own and link it to SQL/LDAP/etc, we have and I
suspect most ISP's do) and also, it does involve a learning curve. If you are
willing to take the time to read the documentation, and look at the notes
associated with most functions (conveniently within the module configurations,
usually), and ask intelligent questions on the mailing list, then you'll be fine.
If you are looking to use TACACS, others have suggested good alternatives (we
will be using TACACS for change management, because it provides finer control
with IOS devices [thanks Cisco, grrr]).
Any migration should be thought through carefully, with a view to the future.
Generally I suggest looking ahead to what you'd like something to be, and use
this as an opportunity to make it so.
-- Stephen
M Callahan wrote:
> We're currently using a very dated version of Cisco's Secure ACS to
> authenticate a relatively small group of PPPoE ADSL users. We have a
> planned hardware upgrade for this system, but no funding for updated ACS
> software. That said, I was wondering what open source alternatives folks on
> the list have found to be an adequate substitute for ACS.
>
> Thanks,
>
> Mike
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list