using Freeradius in a cloud application

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

using Freeradius in a cloud application

The Doctor
I wish to the following:

----------     ----------------------------    ----------------------
| client|  --> | cloud  from anywhere     | -->| Freeradius auth.   |
----------     ----------------------------    ----------------------

What is needed?

--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b  Look at Psalms 14 and 53 on Atheism
Talk Sense to a fool and he calls you foolish - Euripides
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: using Freeradius in a cloud application

Phil Mayers
On 30/07/17 12:44, The Doctor wrote:
> I wish to the following:
>
> ----------     ----------------------------    ----------------------
> | client|  --> | cloud  from anywhere     | -->| Freeradius auth.   |
> ----------     ----------------------------    ----------------------
>
> What is needed?

This is a very vague question, and you're unlikely to get good answers
without being more specific.

However, one obvious thing jumps out - RADIUS by default uses UDP and
keys off the client source IP to identify the shared secret. This will
be difficult or insecure if you have clients on unknown IPs.

As such, you will want to investigate RadSec (RADIUS-over-TLS) or use of
a tunneling mechanism (IPSec, OpenVPN, etc.)

You'll need to ask more specific questions if you want more specific advice.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Loading...