[177171] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: The state of TACACS+

daemon@ATHENA.MIT.EDU (Matthew Newton)
Mon Jan 5 07:47:08 2015

X-Original-To: nanog@nanog.org
Date: Mon, 5 Jan 2015 12:46:59 +0000
From: Matthew Newton <mcn4@leicester.ac.uk>
To: Randy Bush <randy@psg.com>
In-Reply-To: <m261cudiij.wl%randy@psg.com>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org

On Mon, Dec 29, 2014 at 04:25:56PM +0900, Randy Bush wrote:
> > Rfc6613: TLS or IPsec  transport is shown as mandatory for RADIUS over TCP.
> 
> sweet.  can you ref conforming implementations?

FreeRADIUS and Radiator can do RADSEC, as well as radsecproxy, so
it can be used to protect e.g. site-to-site proxying. I don't know
whether any switches/NASes can do it at present, though.

Matthew

-- 
Matthew Newton, Ph.D. <mcn4@le.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[177171] in North American Network Operators' Group

Re: The state of TACACS+

daemon@ATHENA.MIT.EDU (Matthew Newton)Mon Jan 5 07:47:08 2015

daemon@ATHENA.MIT.EDU (Matthew Newton)
Mon Jan 5 07:47:08 2015