Re: RadiusNT + distributed/proxy authentication

Dale E. Reed Jr. ( (no email) )
Sun, 21 Dec 1997 11:44:37 -0800

Jason Hodges wrote:
> Does anyone have some suggestions as to how this may be avoided? Does
> RadiusNT support the use of suffixes which are available in a few other
> Radius implementations?

Not really. Suffixes and prefixes are a carry over from the unix days
when you had your passwd file, and would put a couple entries in your
users file with prefixes/suffixes to handle the multiple types.

RadiusNT uses a database for the users (ODBC mode) and thus a kludge
is not needed to map two different user files together.

RadiusNT with proxy enabled can be configured to remove certain
domains (merit calls them realms) from the username and then treat
the login as local. That solves the problem of proxy on the RadiusNT
side (if the upstream can't do this, like RadiusNT can).

> What stage is RadiusNT up to with Proxy support? I don't think Dale
> actually every answered with a yes, and here's the info on where to find
> out more!

RadiusNT 2.5 is being tested in Proxy right now. Proxy will NOT be a
standard feature, though. We will have an enterprise edition of RadiusNT
that will include proxy support among other features asked for in medium
to large installations. We have not finalized the RadiusNT Enterprise,
but it doesn't look to be over $1000 and an upgrade will be offered for
normal RadiusNT customers at a steep discount.

Please don't hound us about the details, because we simply don't have
them available yet. We have been working on finalizing everything and
will post the details sometimes after the first of the year.

-- Dale E. Reed Jr.  (       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |