RADIUS Auth-Type
Bohannan, Chad W
Chad_Bohannan at reyrey.com
Mon Dec 5 16:06:05 CET 2005
I don't think that is the issue. The NAS authenticates my users just
fine so long as the /etc/raddb/users file specifies the users
"Auth-Type= System". What I want to figure out is how to make the
authentication request proxy out to the AD server. Based on the tutorial
& test results everything should be working, but I need to know what
auth-type to use.
Chad
-----Original Message-----
From: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of Phil
Mayers
Sent: Saturday, December 03, 2005 9:08 AM
To: FreeRadius users mailing list
Subject: Re: RADIUS Auth-Type
Bohannan, Chad W wrote:
> OK, here is the situation. I have successfully configured RADIUS to
> authenticate/authorize NAS requests from my Cisco gear so long as the
> user "Auth-Type= System". I have also managed to get Samba working and
> have joined the radius server to the AD realm in question. This is
> confirmed through the following:
The radius server doesn't specify MSCHAP. The NAS *tells* the radius
server that this request *is* using MSCHAP by virtue of sending the
appropriate MSCHAP attributes.
Configure your NAS (dialup server, VPN, IPSec+xauth, whatever) to do
MSCHAP, and as long as the mschap module is in the authorize and
authenticate sections, it will work.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list