nanog mailing list archives

Re: The state of TACACS+

From: Matthew Newton <mcn4 () leicester ac uk>
Date: Mon, 5 Jan 2015 12:46:59 +0000

On Mon, Dec 29, 2014 at 04:25:56PM +0900, Randy Bush wrote:

Rfc6613: TLS or IPsec  transport is shown as mandatory for RADIUS over TCP.


sweet.  can you ref conforming implementations?


FreeRADIUS and Radiator can do RADSEC, as well as radsecproxy, so
it can be used to protect e.g. site-to-site proxying. I don't know
whether any switches/NASes can do it at present, though.

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 () le ac uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp () le ac uk>

Current thread:

Re: The state of TACACS+ Tony Varriale (Jan 01)
- <Possible follow-ups>
- Re: The state of TACACS+ Matthew Newton (Jan 05)