In a scenario where I have one up-link in public internet and one BGP transit link with both public and private IP networks in INTRANET, I faced a situation where I needed to setup a guest LAN and isolate it from the trusted zone in INTRANET.
When Google Chrome shows you HSTS error like below:
Example 100 outer tag 123 inner tag.
On my current work environment I have several devices that can only use TACACS+ for centralized authentication. Integrating TACACS+ with FreeIPA and FreeRadius will complete my centralized AAA system.
This article shows how to configure and integrate FreeRADIUS and TACACS+ with FreeIPA to implement a AAA system, which provide authentication, authorization and accounting to RADIUS or TACACS+ compatible, systems (e.g. a VPN server, routers, switches etc.).
The FreeIPA server is configured as a stand-alone system, with no integration with other directory servers or any other system, you can follow Centralized authentication server with FreeIPA for guidance on how to install FreeIPA.