Re: FreeRadius vrs Cisco RADIUS
[EMAIL PROTECTED] wrote on 08/19/2003 04:21:20 AM:
> > If you need paid support ("It's busted and I need it fixed RIGHT
NOW!!"),
> > then you're obviously SOL running freeradius. (Don't misinterpret
this;
> > the FR team does a bang up job. BUT they're NOT obligated to do
> > _anything_ if something in FR doesn't quite work right.)
>
> Can I put that paragraph in the FAQ?
Feel free. :)
Vincent Giovannone
Network Infrastructure Group
Information Services Division
Rush - Presbyterian St. Luke's Medical Center
"A four-year-old will very quickly get over news of the death of Santa if
told that it was due to his fully loaded sleigh crashing in the back
garden."
-- Mil Millington
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius vrs Cisco RADIUS
[EMAIL PROTECTED] wrote:
> If you need to securID authentication _directly_, don't even bother
> thinking about freeradius; it simply doesn't do it. (search the mailing
> archives for a few diatribes by myself.)
It's at least partially a licensing issue. However, I *think* that
SecurID comes with a command-line token chek utility, which could then
be run from FreeRADIUS.
> If you need paid support ("It's busted and I need it fixed RIGHT NOW!!"),
> then you're obviously SOL running freeradius. (Don't misinterpret this;
> the FR team does a bang up job. BUT they're NOT obligated to do
> _anything_ if something in FR doesn't quite work right.)
Can I put that paragraph in the FAQ?
> Now, don't get me wrong here. I _love_ freeradius. To that end, for my
> wireless access points, I have ACS handle the radius PEAP requests, and
> freeradius handle the direct AP management (console login, ssh login,
> etc.) radius requests.
Wait a few months. With the discussions on -devel about TTLS &
PEAP, I'm sure they will be in FreeRADIUS before January.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: FreeRadius vrs Cisco RADIUS
[EMAIL PROTECTED] wrote on 08/19/2003 03:02:17 AM:
> I would agree. Cisco makes two products for Radius. One that is
> expensive and the other that is even more expensive. Neither one has
> all the same features as Freeradius AND neither one works as well.
>
> Gene Parks
> VIP Direct
That's a rather blanket reply. I use both freeradius and Cisco ACS. There
are some HUGE differences between the two, which is why (*duh*) we use
both.
If you need to securID authentication _directly_, don't even bother
thinking about freeradius; it simply doesn't do it. (search the mailing
archives for a few diatribes by myself.) Sure, FR can proxy against the
absolute PILE OF S**T radius server built into ACE, but why put a _great_
proxy against a _crap_ source radius server?
PEAP support still seems pretty skechy, at best. It's experimental, it's
new, and if you need it to work right now then FR isn't the best choice.
(LEAP, otoh, seems to be pretty stable in FR.)
If you need paid support ("It's busted and I need it fixed RIGHT NOW!!"),
then you're obviously SOL running freeradius. (Don't misinterpret this;
the FR team does a bang up job. BUT they're NOT obligated to do
_anything_ if something in FR doesn't quite work right.)
And lastly, ACS supports some other odd things (safetoken support, plus a
few other securID wannabees) that just aren't in FR.
Now, don't get me wrong here. I _love_ freeradius. To that end, for my
wireless access points, I have ACS handle the radius PEAP requests, and
freeradius handle the direct AP management (console login, ssh login,
etc.) radius requests.
I keep trying to push freeradius into MORE stuff on my network. But as
things stand _right_ _now_, they're two different products with different
strengths.
Vincent Giovannone
Network Infrastructure Group
Information Services Division
Rush - Presbyterian St. Luke's Medical Center
"A four-year-old will very quickly get over news of the death of Santa if
told that it was due to his fully loaded sleigh crashing in the back
garden."
-- Mil Millington
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: FreeRadius vrs Cisco RADIUS
I would agree. Cisco makes two products for Radius. One that is expensive and the other that is even more expensive. Neither one has all the same features as Freeradius AND neither one works as well. Gene Parks VIP Direct -Original Message- From: Michael Brown [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 19, 2003 1:22 AM To: [EMAIL PROTECTED] Subject: Re: FreeRadius vrs Cisco RADIUS it's free, and it WORKS. Quoting Zuheir Mheir <[EMAIL PROTECTED]>: > > Team, > > > > How would FreeRADIUS compete with Cisco RADIUS (or other vendors for that > matter). I guess what I am looking for is some feedback from people whom > have experienced commercial RADIUS and migrated to freeRADIUS. Your quick > response is greatly apperciated. > > > > Regards, > > > > Zuheir > > > > - > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software Michael Brown <> mikro network solutions * http://www.mikro-net.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius vrs Cisco RADIUS
it's free, and it WORKS. Quoting Zuheir Mheir <[EMAIL PROTECTED]>: > > Team, > > > > How would FreeRADIUS compete with Cisco RADIUS (or other vendors for that > matter). I guess what I am looking for is some feedback from people whom > have experienced commercial RADIUS and migrated to freeRADIUS. Your quick > response is greatly apperciated. > > > > Regards, > > > > Zuheir > > > > - > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software Michael Brown <> mikro network solutions * http://www.mikro-net.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRadius vrs Cisco RADIUS
Team, How would FreeRADIUS compete with Cisco RADIUS (or other vendors for that matter). I guess what I am looking for is some feedback from people whom have experienced commercial RADIUS and migrated to freeRADIUS. Your quick response is greatly apperciated. Regards, Zuheir Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software
