Here’s the complete working YAML I use:
1 Like
Glad to hear… would love to see a post on this. Is it standard enough it could become a Community App?
Enterprise 2FA is important.
Does it matter if its RADIUS only?
I think Cisco has acquired an LDAP Proxy that gateways to Radius for 2FA. Duo.
I believe so. The Docker run from that link is pretty bog standard:
docker run --rm --net=host --uts=host \
-v /etc/os-release:/etc/os-release \
--cap-add=NET_RAW --cap-add=NET_ADMIN \
--name lldpd \
ghcr.io/lldpd/lldpd:latest
I built mine without the –rm and without the –uts=host, but it seems to work regardless.
Here’s the output from a LLDP neighbor:
LINK CHASSIS-ID SYSTEM-NAME CAPS PORT-ID PORT-DESCRIPTION
enx00e04c360557 d0:50:99:d4:b7:91 raven.local ..b.r...... d0:50:99:d4:b7:91 eno1
RADIUS via proxy should work in many cases, but native RADIUS and/or TACACS+ is recommended for those enterprises for whom proxied RADIUS isn’t compatible or against policy.
For anyone interested in making this LLDP capability available and contribute, here’s the link to creating a new App in the TrueNAS App catalog.
1 Like