On Wed, 15 May 2002, Chris Parker wrote: > At 11:54 AM 5/15/2002 -0400, Alan DeKok wrote: > >Chris Parker <[EMAIL PROTECTED]> wrote: > > > That could be solved by establishing an IPSec tunnel between our radius > > > and your servers, setting up a direct network connection ( peering point ) > > > for exchange of radius/authentication traffic, or installing a server > > > at our colo facility so auth traffic never crosses a third-party network. > > > > > > > Anybody making NAS boxes that support IPSec tunnelling? > > > > > > Yes, but the number that support IPSec tunneling of radius packets is > > > about equal to the number that support EAP authentication. :\ > > > > I'm curious if there would be any use/interest in hacking FreeRADIUS > >to "encrypt" packets it's sending to a proxy. > > I wouldn't invent a proprietary method.
I would certainly find this capability useful. I don't see the harm in _open_ extensions provided that they're documented and are inactive by default. josh. ------------------------------------------------------------ Josh Howlett, Networking & Digital Communications, Information Systems & Computing, University of Bristol, U.K. 'phone: 0117 928 7850 email: [EMAIL PROTECTED] ------------------------------------------------------------ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
