Re: (RADIATOR) Various questions
Hello Vangelis - Radiator only supports authentication via TACACS, however you can return radius reply attributes for authorisation. You will not be able to retrieve the authorisation commands from TACACS with Radiator. regards Hugh On Wed, 23 Aug 2000, Vangelis Kyriakakis wrote: Hugh Irvine wrote: Hello Vangelis - The AuthBy TACACSPLUS module only handles authentication requests. You will have to deal with authorisation and accounting seperately. regards Hugh Is there a module in Radiator that can get authorization commands from the TACACS server and send them to the Access server, or is something we'll have to do outside the RADIATOR? thanks Vangelis -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Various questions
Hello Vangelis - On Mon, 21 Aug 2000, Vangelis Kyriakakis wrote: Hello, 1) Is Radiator capable of sending authentication requests to TACACS+ servers? We need to implement a scheme in which a call will be authenticated based on the domain name either from a wholesale customer's Radius server or from a wholesale customer's TACACS+ server. The NAS will ask our Radius server which will forward the request to the appropriate customer's server. Yes, Radiator includes an AuthBy TACACSPLUS module. See section 6.34 in the Radiator 2.16.2 reference manual. 2) We would like to implement the following scheme: A number of POPs (Point of Presence) each one with its own NAS boxes, and a number of RADIUS servers which are used by the NASs for AAA services. We would like to have our Wholesale customers authenticate their users through our NASs but we would like to be able to set a limit on the number of modems they can useacross the whole network. For example let's say we have 3 POPs, 2 AAA servers. POP 1 sends its requests to AAA server 1, POP 2 to AAA server 1 and 2, POP 3 to AAA server 2. A wholesale customer has a limit of using 100 modems. 40 of its customers have logged in through POP 1, 30 through POP 2 and 30 through POP 3. Then this wholesale customer has reached its modems' limit, so if another of its customers tries to log in is not authorized. Is it possible to set such a limit across a number of RADIATOR servers? If not are there any values we can take from them in order to keep track of the limits from another machine... Yes you can acheive this with a SessionDatabase SQL shared by all copies of Radiator together with one or more AuthBy PORTLIMITCHECK clauses. See section 6.38 in the Radiator 2.16.2 reference manual. 3) Is there a developer's kit or something like that for the RADIATOR? No, but there are a number of examples in the "goodies" directory as well as all the source code in the "Radius" directory. There is also a section in the manual (17.0) that describes how to develop custom modules. hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Various questions
Hugh Irvine wrote: Hello Vangelis - On Mon, 21 Aug 2000, Vangelis Kyriakakis wrote: Hello, 1) Is Radiator capable of sending authentication requests to TACACS+ servers? We need to implement a scheme in which a call will be authenticated based on the domain name either from a wholesale customer's Radius server or from a wholesale customer's TACACS+ server. The NAS will ask our Radius server which will forward the request to the appropriate customer's server. Yes, Radiator includes an AuthBy TACACSPLUS module. See section 6.34 in the Radiator 2.16.2 reference manual. Is there a way to get Authorization and Accounting from a TACACS+ server? thanks Vangelis === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Various questions
Hello Vangelis - The AuthBy TACACSPLUS module only handles authentication requests. You will have to deal with authorisation and accounting seperately. regards Hugh On Tue, 22 Aug 2000, Vangelis Kyriakakis wrote: Hugh Irvine wrote: Hello Vangelis - On Mon, 21 Aug 2000, Vangelis Kyriakakis wrote: Hello, 1) Is Radiator capable of sending authentication requests to TACACS+ servers? We need to implement a scheme in which a call will be authenticated based on the domain name either from a wholesale customer's Radius server or from a wholesale customer's TACACS+ server. The NAS will ask our Radius server which will forward the request to the appropriate customer's server. Yes, Radiator includes an AuthBy TACACSPLUS module. See section 6.34 in the Radiator 2.16.2 reference manual. Is there a way to get Authorization and Accounting from a TACACS+ server? thanks Vangelis -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.