(RADIATOR) RADIUS, L2TP, and IPSEC protocols
Hugh Irvine
hugh at open.com.au
Sat Sep 28 19:16:00 CDT 2002
Hello Bon -
I am not quite sure what you are asking, but keep in mind that the
Radius protocol is only used for the initial authentication and
subsequent accounting for a particular connection request. In other
words, the rest of the connection, be it L2TP or IPSEC, does not depend
on radius at all.
If you are talking about the authentication phase itself, you are
correct in saying that "these protocols do not mix well...", given that
it is the radius protocol itself that has been "extended" to carry
other protocols inside it. The real answer is a re-engineering of a AAA
protocol, and that is what "Diameter" is.
If you are interested in this area, I suggest you have a look at the
relevant IETF documents.
http://www.ietf.org/internet-drafts/draft-ietf-aaa-diameter-12.txt
regards
Hugh
On Sunday, September 29, 2002, at 05:05 AM, Bon sy wrote:
> Hi everyone,
>
> I just started reading L2TP and IPSEC. I try to understand, but
> could not quite figure it out yet how to put in the proper context of
> RADIUS protocol. For example, can we have L2TP over IPSEC on top of
> RADIUS
> protocol? Is it necessary? What are the (dis)advantage(s) it brings
> forth?
> Or it's pretty much these protocols do not mix well with each
> other. Anyone in the group has any experience about this? What are the
> architectural options out there from the implementation point of view?
>
> Thanks!
>
> Bon
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list