Hello,

> On 23 May 2017, at 2.16, LaPorte, David <david_lapo...@harvard.edu> wrote:
> 
> For us, the Auth Proxy worked fine, but the change was about being able to 
> seamlessly leverage the other capabilities of Radiator without having to link 
> in another authentication box.  We ran it for 3+ years without issue.  
> 
> On 5/22/17, 6:21 PM, "radiator on behalf of Jennifer Mehl" 
> <radiator-boun...@lists.open.com.au on behalf of jennifer.m...@ucsb.edu> 
> wrote:
> 
> I wanted to know if there was general guidance and opinions (pros, cons, use 
> cases etc.) on when to use the AuthByDuo clause built-in to Radiator vs. 
> installing and deploying the Duo Authentication Proxy package from Duo 
> Security, and setting Radiator RADIUS as the primary authenticator there.
> 

I second David, AuthBy DUO integrates Duo’s 2FA more tightly with Radiator.

Pros for AuthBy DUO:

+ Same Log/AuthLog with a rest of an authentication chain (a special char ‘%1’ 
will contain a result reason or an error message from Duo’s API)
+ Works with all EAP methods

Pros for Duo’s Authentication Proxy:

+ Offers onboarding and Duo’s method selection GUI through Radius Reply-Message 
AVP for devices supporting that.


BR
-- 
Tuure Vartiainen <varti...@open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.

_______________________________________________
radiator mailing list
radiator@lists.open.com.au
http://lists.open.com.au/mailman/listinfo/radiator

Reply via email to