Hi, all!

On Thu, Apr 13, 2006 at 11:18:32AM -0500, Roy Duperret wrote:

> I'm in the process of setting up a Cisco ASA firewall ...
> ...
> I'm trying to find a free or low cost TACACS or RADIUS server to
> run internally to provide that VPN user authentication.

If you are running some sort of Microsoft server infrastructure
with Active Directory or at least an "NT" domain, you could use
Microsoft's RADIUS server to authenticate against your AD/domain
user data. Unfortunately Microsoft didn't name their RADIUS
server "RADIUS server" - it's called IAS - Internet Authentication
Services. You can add and activate it through the control panel.

If you are running Win2K+, you even get certificate services "for free",
i.e. they come with your server license.

If you are not running MS servers, have a look at FreeRADIUS.
I'm running FreeRADIUS on FreeBSD working together with a
Microsoft Win2K based CA for 802.1x/WPA authentication. Works great ;-)

Regards, HTH,
Patrick M. Hausen
punkt.de GmbH Internet - Dienstleistungen - Beratung
Vorholzstr. 25 Tel. 0721 9109 -0 Fax: -100
76137 Karlsruhe http://punkt.de
firewall-wizards mailing list