Meraki

Community

Radsec with AWS ALB

Fabian1
Getting noticed
9 hours ago
9 hours ago

Radsec with AWS ALB

Hi everyone,

 

we are thinking about implementing radsec, but I don't want to have to change the certificated manually, so I'm wondering if I could simply add an AWS application load balancer between our access points and the radius server. Then we could automatically change the certificates and we don't have to change anything on the radius server...

 

Your thoughts? 

0 Kudos
1 Reply 1
Mloraditch
Head in the Cloud
7 hours ago
7 hours ago

I am somewhat confused with what you are describing about manual vs automatic. You still need a complete chain of trust for the connection to be secure all the way through. There are other reasons to want a load balancer, but all items (Dashboard, Load Balancer, Radius Server) need a cert and need to trust the other certs. So the thing that doesn't support automation will still need to be updated.

Are you trying to create a RADSEC connection between just the dashboard and the load balancer and then the load balancer would be having an unencrypted connection to the RADIUS server? I suppose if the load balancer supports that, in theory it would work but I've not heard of that sort of functionality before. 

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2025 Cisco Systems, Inc.