Hi, > We have a a supplicant that is our own box doing client 802.1x > authentication using freeradius. We do not establish a TLS/IPSec > connection between the supplicant and freeradius. We need to establish a > secure channel between the supplicant and freeradius.
NAS or supplicant? a supplicant never talks to the RADIUS - its all done via the NAS. there are plenty of options to you - you already have thought about one method - use a VPN (DTLS/IPsec based...up to you) to tunnel the RADIUS though. or , if the NAS can do it, think about RADSEC - FreeRADIUS 3 supports RADSEC and its the way to go unless you want to forget RADIUS and use DIAMETER instead. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
