Re: (RADIUS) Anyone using Cistron Radius? Specifically:

Jordyn A. Buchanan (jordyn@bestweb.net)
Wed, 22 Apr 1998 11:19:42 -0400

At 2:25 PM -0600 4/21/98, Don Papp wrote:
>> >perl script. I customized mine and don't use SNMP to check ports.
>>
>> But SNMP is the important bit! Without SNMP Cistron has all the same
>> inherent problems as the other hacks! Relyign on RADIUS alone is NOT
>> a good idea, SNMP is there to fill in the holes in RADIUS and MUST be
>> used to have a complete solution.
>
> I suppose - but doesn't Cistron cost money? Making a hack to
>RADIUS may not be the best (bulletproof) solution, but it is good enough
>for many applications, I would think. Any errors in the multi-login
>detection can be made to be in the user's favor. Again, not bulletproof,
>but a damn sight better than not having any protection at all. (And it's
>free!)

Cistron is free, AFAIK. It's impossible to make deletion errors in a
user's favor--if an accounting packet indicating a disconnect is lost, the
RADIUS process will think a user is still logged on and prevent the next
connection. This will continue until someone hits the same port on the NAS
and RADIUS realizes it made a boo-boo.

Cistron has other handy features like hunt-group access, and has some
interesting logging features as well. It's also not constrained by
Livingston's RADIUS 2.0 licensing restrictions.

Cheers,

Jordyn

|----------------------------------------------------------------|
|Jordyn A. Buchanan mailto:jordyn@bestweb.net |
|Bestweb Corporation http://www.bestweb.net |
|Director of Technology +1.914.271.4500 |
|----------------------------------------------------------------|

-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-radius' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>