> On 23 May 2017, at 2.16, LaPorte, David <david_lapo...@harvard.edu> wrote:
> For us, the Auth Proxy worked fine, but the change was about being able to
> seamlessly leverage the other capabilities of Radiator without having to link
> in another authentication box. We ran it for 3+ years without issue.
> On 5/22/17, 6:21 PM, "radiator on behalf of Jennifer Mehl"
> <radiator-boun...@lists.open.com.au on behalf of jennifer.m...@ucsb.edu>
> I wanted to know if there was general guidance and opinions (pros, cons, use
> cases etc.) on when to use the AuthByDuo clause built-in to Radiator vs.
> installing and deploying the Duo Authentication Proxy package from Duo
> Security, and setting Radiator RADIUS as the primary authenticator there.
I second David, AuthBy DUO integrates Duo’s 2FA more tightly with Radiator.
Pros for AuthBy DUO:
+ Same Log/AuthLog with a rest of an authentication chain (a special char ‘%1’
will contain a result reason or an error message from Duo’s API)
+ Works with all EAP methods
Pros for Duo’s Authentication Proxy:
+ Offers onboarding and Duo’s method selection GUI through Radius Reply-Message
AVP for devices supporting that.
Tuure Vartiainen <varti...@open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
radiator mailing list