[c-nsp] Radius solution for VPN Concentrator and 802.1x
Steve Bertrand
steve at ibctech.ca
Thu Jan 21 08:16:04 EST 2010
Frederic LOUI wrote:
> Hi Luismi,
>
> Freeradius is a good alternative and can be used to cover all the needs
> you mentioned.
> Coupled with openldap, you can benefit from having all the LDAP
> Directory GUI for user creation.
> In addition, you can use MySQL backend for accounting purposes.
>
> As far as I could find, Freeradius is very popular so that's the reason
> why we decided to go for it.
It supports HA for itself and its database back-ends, and has a web gui
(dialupadmin) for those so inclined, that does everything that the OP
required out of it.
> Finally, the whole solution can run on LINUX.
Most Unix-like OSs have pre-built packages that can be installed via its
packaging system. The documentation explains very clearly on how to
install it onto a myraid of systems.
> And the documentation is quite "sparse" so that makes things more
> difficuklt to grasp.
Actually, the documentation for FreeRADIUS is quite good. Even the
configuration files are full of notes explaining exactly what each
config variable does, and how to set it.
Also, FreeRADIUS has an extremely active mailing list, where I don't
think I've seen a day go by in years where the primary developer (Alan
DeKok) hasn't responded to at least one thread.
http://freeradius.org
http://wiki.freeradius.org
Steve
More information about the cisco-nsp
mailing list