On Thu, Sep 27, 2012 at 5:42 AM, Michael Geary <mge...@greataukwireless.com> wrote: > Good Evening, > > We have several separate networks. Our main network runs PPPoE while all of > the others run over DHCP. I would like to migrate the DHCP networks to use > PPPoE. > > Currently, our Radius server resides at the head end of our PPPoE network. I > would like to remove the chance that if the Internet failed there, that no > one on the separate networks would be able to authenticate. > > Has anyone had any experience with using a Radius server in the cloud to > authenticate users?
There's nothing magic about it, really. You need to decide what you want first. For example, on out setup. the NAS (i.e. BRAS) and other internal systems (including radius and billing) are connected using internal private network. We put radius servers on multiple locations, connected to that internal network. That way, if one radius location goes down, or even if the whole internet goes down, users will still be able to authenticate. Now when you say "radius in the cloud", it can either mean: - you have and manage radius servers in multiple locations accessible from internet. Again, nothing magic about this. It should just work provided you have ways to synchronize data between radius servers (e.g. using db replication or whatever). OR - someone else will manage radius service for you. There are companies that provide that, and it should work, though personally I haven't tried any of them. Either one should work, assuming you already know what you want and create a suitable design for it. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html