FR + LDAP + PAM + encryption question
aland at deployingradius.com
Mon Apr 23 16:48:25 CEST 2007
Jacob Jarick wrote:
> Is it possible to encasuplate PAP inside another protocol say EAP to
> prevent from packet sniffers etc.
Please stop worrying about how RADIUS works. It's fine.
Packet sniffers can't grab the PAP passwords.
> Failing that is it possible to asign vlans bases on ldap primary group
> via the ntlm_auth method.
No. ntlm_auth is just for authentication. You have to configure the
server to do LDAP group lookups for per-group VLAN assignment. See
messages on this list in the last week or so, which include examples.
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users