[RADIATOR] MessageLog for Server RADSEC and AuthBy RADSEC seems to logg incoming only
Heikki Vatiainen
hvn at open.com.au
Thu Aug 31 17:53:42 UTC 2017
On 14.08.2017 17:17, Karl Gaissmaier wrote:
> we need it especially for RADSEC (Server AND AuthBy) because we can't
> decode the sniffered but encrypted RADSEC traffic without the TLS
> session keys.
Yes, that certainly helps. There's now an update in Radiator 4.19
patches that adds support for logging outgoing RadSec messages with
MessageLog.
> RADIUS traffic can be sniffed and decoded by wireshark without any
> elaborated tricks.
Sometimes doing this from within the application has its advantages: For
example, you see the messages that were actually received by the
application with better understanding when their processing started.
This can be useful when comparing to wire view to see if anything was
dropped and how long the messages were buffered by kernel.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list