Do you have a preferred vendor for your network gear?
I’ll go first:
- Firewalls: Fortinet, ASA, Palo Alto
- Route/Switch: Cisco, HPE/Aruba
- Wireless: Aruba, Cisco, Meraki
- Auth: NPS, ISE, ClearPass
- Monitoring: SolarWinds, Auvik, PRTG
- Automation: Ansible
- SDWAN: PA Prisma SDWAN, Fortinet, Velocloud
Zabbix is great, I’ve rolled an instance of that. Also did extensive work with FreeRADIUS - that’s one big conf file.
The key to FreeRADIUS is to auto-generate the config, and use something like SQL or LDAP as an auth source.
Yeah, unfortunately, the use case I was implementing it for was 802.1X with certificates… that was fun!
Once upon a time I setup the same thing and it was a PITA, and we didn’t want to use it in production. We’ve just setup PacketFence which uses FreeRadius and it was an absolute breeze by comparison