[RADIATOR] Central Authentication - RADIUS, TACACS+, LDAP - is RADIATOR the one!
Hugh Irvine
hugh at open.com.au
Thu Feb 25 03:49:12 CST 2010
Hello Mark -
Most people tend to use PAM for host-based authentication via RADIUS.
Radiator will handle RADIUS requests and TACACS+ requests, and can be configured to authenticate against LDAP.
In other words, you can use LDAP as your central authentication database and have Radiator configured to query it for authentication requests from devices using either RADIUS or TACACS+. Obviously this will require an LDAP server of some sort. And as Radiator is written in Perl you will also need Perl of course plus whatever additional Perl modules are necessary for your particular configuration.
You don't say what your prefered user database is - I'm assuming LDAP, but there are many other options including SQL, AD, etc.
The Radiator reference manual is online here:
http://www.open.com.au/radiator/documentation.html
If you have any other questions please ask.
regards
Hugh
On 25 Feb 2010, at 20:33, Mark Hodgetts wrote:
> Hi,
>
> I have a requirement to provide central authentication in a mixed
> environment. I was hoping the list can advise on whether Radiator is
> the way forward :-)
>
> Radiator will be be installed on Sun hardware running Solaris 10.
>
> My environment includes:
>
> Sun Solaris 10 - will use LDAP for authentication
> Cisco IOS - will use TACACS+ ideally but RADIUS is an option
> BigIP F5 - will use RADIUS
> Juniper firewalls - will use RADIUS
> Linux Sentos - will use LDAP
>
> Will radiator be able to handle all these types of requests?
>
> If so, will radiator natively be able to handle these requests or will I
> need to install other code, such as openLDAP etc.
>
> Do you guys have any other options, links to documentation which may
> help me out?
>
> Your help is greatly appreciated.
>
> Thanks in Advance.
>
> Cheers,
> Mark.
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
More information about the radiator
mailing list