Very Interesting. I have been evaluating Radiator off and on and find it interesting that you would prefer FreeRADIUS over a $700 Radius solution. Could you give me more insight into this switch? More details on the AV pairs to certain proxy requests based on Client-IP-Address? Could you provide any details on the hardware that your setup is running on?
Zack > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:freeradius-users- > [EMAIL PROTECTED]] On Behalf Of Franklin Trumpy > Sent: Tuesday, October 29, 2002 12:31 PM > To: Freeradius-Users > Subject: Re: Experience > > I am running three implementations of FreeRADIUS for three different > purposes. Primarily, I use FreeRADIUS to authenticate, authorize, and > account for about 750 PPP dial users via SQL(including the session > database), with authentication and authorization failover to a users file. > These same two RADIUS servers also proxy requests for about 15,000 users > to a set of Radiator RADIUS servers, which are, incidentially, scheduled > to be replaced by FreeRADIUS servers in the next month. > > All told, the 16,000 users arrive from any of about 99 RADIUS clients, > 80 of which are the proxy RADIUS servers of three wholesale dial vendors > (AT&T, QWest, and UUNet). Those 80 clients proxy requests for about 500 > NAS. The remaining 19 RADIUS clients are NAS controlled by my organization. > FreeRADIUS also serves to add several AV pairs to certain proxy requests > based on Client-IP-Address, a function Radiator RADIUS cannot easily > handle. > > My second implementation, using two other servers, does AAA for about > 500 L2TP users via SQL, also failing over to a flatfile in the event > of loss of database connectivity. There are about 15 "virtual" RADIUS > clients configured on the one "real" NAS, a Redback SMS 1800. > > The third and final implementation, on its own, single server, provides > AAA for about 200 PPTP users via SQL. Once again, it fails over to a > flatfile if necessary. The single RADIUS client is a Cisco 3000-series VPN > concentrator where authentication is handled by MS-CHAPv2. > > Three services, five servers, all running a FreeRADIUS CVS snapshot from > last week, and running just fine. > > Franklin > > -- > Franklin Trumpy, NFA, MNGS, GSc | Say not, "I have found the truth," > Sr. UNIX Systems Administrator | but rather, "I have found a truth." > Lighthouse Communications | > [EMAIL PROTECTED] | Say not, "I have found the path of the > soul." > (515)244-1115 | Say rather, "I have met the soul walking > (888)953-3278 | upon my path." > http://www.lh.net | > | -Kahlil Gibran, _The Prophet_, > 1923 > | > > On Tue, 29 Oct 2002, Zack W Kneisley wrote: > > > Date: Tue, 29 Oct 2002 08:12:38 -0500 > > From: Zack W Kneisley <[EMAIL PROTECTED]> > > Reply-To: [EMAIL PROTECTED] > > To: Freeradius-Users <[EMAIL PROTECTED]> > > Subject: Experience > > > > I've been watching this list for some time now, and it seems that > > Freeradius is much more robust than I previously thought. Could some > > users of this list give me some configuration examples (users served, > > how many NAS's using, Hardware & OS's being used, using sql, how long > > you have been using it ect. ) I have been looking into several different > > radius packages and it seems Freeradius can do almost everything the > > others can. If you could provide me with successful read-world > > deployments, the pros & cons, I encourage you to post them. > > > > Zack Kneisley > > > > > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
