radius

Printable View

November 6th, 2003, 04:04 PM
johnnymier

radius

Hello, I would like to know if anyone here has any experience setting up a radius server. I am doin some research into VoIP, and know I am trying to get some insight on how to setup authentication with radius, what databases are compatible, and are there any other solutions besides radius for authenticating users. I've googled around and found only pages selling software for this and no clear explanation about setup/implementation.

thanks

J
November 6th, 2003, 04:16 PM
jm459

I found this , but am not too sure if this is what you are looking for.

http://www.google.com/search?sourcei...+configuration
November 6th, 2003, 04:43 PM
thehorse13

I wrote 2 tutorials on this:

For Linux:
http://www.antionline.com/showthread...hreadid=239454

For Windows:
http://www.antionline.com/showthread...hreadid=239399

--Th13
November 7th, 2003, 02:21 AM
spools.exe

Actually i work at my local ISP and we do have a RADIUS SERVER setup. I catually love the way its set up. I can see if a person put in a wrong password or username, their phone number(caller ID), how they disconnected. just about everything,.
November 7th, 2003, 04:38 PM
tekno

are you trying to use radius to authenticate callers using IP Phones, or calls coming in or going out via VoIP?

Most RADIUS servers should allow you to use a database to look up the users. Something like LDAP, NIS or even a NT Domain.

Another authentication method that you could use would be one-time passwords or something like RSA's SecurID. Or you could only allow certain MAC addresses to access what is needed, but of course someone could spoof the MAC address.

Where I work, we're using Funk Software's Steel Belted Radius with their Odyssey Client. They have a software version that you can put on a windows or solaris box, or you can purchase a net appliance, (which we did) from NetworkEngines . We have 2 here. One at our Primary DataCenter and one at our secondary as a backup. So far no problems..well except for the fact that the doctors want to use their Palm's and Funk doesn't have a RADIUS client for the PalmOS....oh well.
November 7th, 2003, 04:42 PM
groovicus

For those of you that don't know what a radius server is:

http://www.yournew.com/radius_server.htm

(I didn't) :)

:dunce:
November 7th, 2003, 07:47 PM
johnnymier

Th13: thanks for those tutorials.
Thanks everyone for your input.

Something else I would like to ask: is radius the only solution for dial in/user/VoIP/ISP authentication or are there others???
November 7th, 2003, 08:29 PM
tekno

I know RADIUS is used alot in the ISP world. But some companies have used RAS devices, one-time passwords, SecurID and even biometrics.

RADIUS seems to be one the easiest to handle, but then again it all depends on your comfort level or experience.

one-time passwords are great cause the password is only valid for X amount of time, then it gets changed. I know RSA has a product, and starting soon im going to be evalutating the VASCO line of products.

But like i stated before...RADIUS seems to be the most common for Dial-Up ISP solutions.
November 7th, 2003, 10:10 PM
thehorse13

There is one even more evil - ENtrust. Ugh!

You have a few major players:
1) RADIUS
2) LDAP
3) SecureID
4) ENtrust

I'm not aware of other mainstream auth methods other than these guys.