Martin Jr., D. Michael wrote:
I am interested in what specific types of RADIUS servers are being used
by individuals out there in the higher education community for wireless
applications?
Are people using Unix-based, Linux-based, or Windows-based RADIUS
systems?
Unix/Linux. We run on Linux but might migrate to Solaris. (The project
staff was more familiar with Linux while the operational staff is more
Solaris).
Are people using OpenSource or Commercial?
Our first version for wireless was OpenSource FreeRADIUS with custom
hooks to Oracle. Support is an issue with OpenSource (using up internal
staff time is not "free"). It supported dial-in, VPN, IAP (internet
access ports) and Colubris (Web wireless login).
Our RADIUS guy was happy to work with FreeRADIUS to migrate the dial-in
(which is still used!) so we could have Oracle-based usage accounting.
Our final version for wireless is not using Radiator because of its
support for 802.1x EAP types (PEAP in particular) and our ability to add
the custom coded needed to check MSCHAP hash stored in our LDAP
directory. We were able to feed some of our code back to them and it
will hopefully make it into the main distribution (I see that they have
added some of the functionality). We prefer not to have custom code and
have it supported commercially via well-planned annual maintenance
costs. With Radiator, you get the benefit of having "supported" open code.
What RADIUS systems have been the easiest to configure?
Depends on the skillsets and requirements. We needed to be able to have
custom hooks into LDAP (at least when we started 2 years ago). Only a
few provided this, that is why we started with FreeRADIUS and migrated
to Radiator. With Perl support, you can take any smart programmer and
they can learn Perl very easily, the only concern is scalability but we
are testing this on our deployment :-)
What RADIUS systems have been the biggest headaches?
The problem with both IAS (MS) and ACS (Cisco) is the lack of custom
hook ability. If it does what you want out of the box, great, if not,
then you are in trouble. Funk was fairly good and had a good front end
for configuration. We tested Funk and Interlink but based on cost, we
selected the others.
..........................................................
Jonn Martell, Wireless Network Project and Service Manager
University of BC - ITServices, Vancouver, Canada
(604)822-9449 [EMAIL PROTECTED] www.wireless.ubc.ca
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/cg/.
