(RADIATOR) Secure reliable Radius?

Mike McCauley mikem at open.com.au
Wed Feb 2 04:52:57 CST 2005


Hi again,

Of course, the unspoken assumption here is that you would use this sort of 
feature to proxy Radius across the internet or some other insecure network. A 
typical scenario would between outlying POPs and the core network of an ISP, 
or between a geographically separated roaming partners.

Cheers.

On Wednesday 02 February 2005 16:36, Mike McCauley wrote:
> Hi All,
>
> we are thinking here about a new idea for Radiator, and wondering if anyone
> else finds it interesting and perhaps useful.
>
> We are thinking of a new AuthBy RELIABLERADIUS which would open a TCP
> connection to a remote Radiator and send Radius packets over a TCP
> transport instead of UDP. The remote Radiator would have a Server
> RELIABLERADIUS to listen for such requests.
>
> Clearly, such a TCP connection could also be secured with SSL or TLS, using
> client and/or server certificates to authenticate each end and encrypt the
> Radius traffic too.
>
> The benefits of this would be:
>
> 1. No more lost packets
> 2. High security encryption of Radius traffic
> 3. mutual authentication of each end of the tcp transport.
>
> Obviously this provides some of the features that are part of Diameter, and
> our forthcoming raDiameter product will include these too, but in the
> meantime....
>
> anyone interested?

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list