The state of TACACS+

Matthew Newton mcn4 at
Mon Jan 5 12:46:59 UTC 2015

On Mon, Dec 29, 2014 at 04:25:56PM +0900, Randy Bush wrote:
> > Rfc6613: TLS or IPsec  transport is shown as mandatory for RADIUS over TCP.
> sweet.  can you ref conforming implementations?

FreeRADIUS and Radiator can do RADSEC, as well as radsecproxy, so
it can be used to protect e.g. site-to-site proxying. I don't know
whether any switches/NASes can do it at present, though.


Matthew Newton, Ph.D. <mcn4 at>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at>

More information about the NANOG mailing list