(RADIATOR) Secure reliable Radius?

Mike McCauley mikem at open.com.au
Mon Feb 7 06:21:28 CST 2005


Hello again,

We got a good response to this idea. It seems that many people were 
interested. We have nearly finished the code now: It provides TCP/IP 
stream-based proxying with optional TLS encryption and optional mutual TLS 
authentication for client and server ends of the TLS connection. So it 
provides many of the features of Diameter proxying without the overhead.

Anyone interested in beta testing over the next few days?
Pls respond direct to me.

Cheers.

On Wednesday 02 February 2005 16:36, Mike McCauley wrote:
> Hi All,
>
> we are thinking here about a new idea for Radiator, and wondering if anyone
> else finds it interesting and perhaps useful.
>
> We are thinking of a new AuthBy RELIABLERADIUS which would open a TCP
> connection to a remote Radiator and send Radius packets over a TCP
> transport instead of UDP. The remote Radiator would have a Server
> RELIABLERADIUS to listen for such requests.
>
> Clearly, such a TCP connection could also be secured with SSL or TLS, using
> client and/or server certificates to authenticate each end and encrypt the
> Radius traffic too.
>
> The benefits of this would be:
>
> 1. No more lost packets
> 2. High security encryption of Radius traffic
> 3. mutual authentication of each end of the tcp transport.
>
> Obviously this provides some of the features that are part of Diameter, and
> our forthcoming raDiameter product will include these too, but in the
> meantime....
>
> anyone interested?

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list