[RADIATOR] A few questions regarding MacSec
vartiait at open.com.au
Sun Apr 17 03:47:01 CDT 2016
> On 17 Apr 2016, at 10:21, Nadav Hod <nadav.hod at comm-it.co.il> wrote:
> Cisco use EAP-Fast for NDAC. The secure seeding device closest to the authentication server (this is configurable) authenticates the neighboring switches, which in turn authenticate their neighboring switches, and so on. ...
> Is there any chance that Radiator supports uplink Macsec within a Cisco infrastructure? I'm aware that they tailored their solution to Cisco ISE and therefore this may not be a solution based on standards, but it would be interesting to know whether this can be supported without ISE.
EAP-FAST part works with Radiator, but in Cisco TrustSec (CTS) switches derive
their shared secret for a RADIUS server from a PAC file and that’s an undocumented
Cisco proprietary method.
Tuure Vartiainen <vartiait at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
More information about the radiator