[strongSwan] Should each StrongSwan have its own FreeRadius or should they share one?

Houman houmie at gmail.com
Wed Aug 21 08:20:11 CEST 2019


I have multiple StrongSwan VPN servers setup and each of them has its own
FreeRadius server. Each of the freeradius servers then points to the
central database in a separate location. This works without any problem.
But I wonder if this is the right approach after all.

Maybe I should have only one FreeRadius server installed next to the
database, and have each VPN server connect to the central freeradius server

As in setting *accounting = yes* and *address= [remote IP of freeradius
server]* in /etc/strongswan.d/charon/eap-radius.conf for each VPN.

What is the most optimal way?

Many Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190821/9889f8d1/attachment.html>

More information about the Users mailing list