How to implement two possible passwords? (one for PEAP and otherforTTLS)

Sergio Belkin sebelk at gmail.com
Wed Apr 30 20:11:43 CEST 2008


Sorry I sent by mistake the earlier message, Thank Ivan now is working
using that mapping in ldap.attrmap with both PEAP and TTLS. Now my
question is: is radiusPassword send over network encrypted?

thanks in advance!


>  Just map radiusPassword to Cleartext-Password and peap will ignore the
>  encrypted userPassword and use Cleartext-Password. So, no extra virtual
>  servers needed. In your ldap.attrmap it's mapped to clrtxtPassword.
>
>
>  >>  >ldap.attrmap
>  >>  >checkItem       $GENERIC$                       radiusCheckItem
>  >>  >replyItem       $GENERIC$                       radiusReplyItem
>  >>  >checkItem   Cleartext-Password       clrtxtPassword
>  >>  >checkItem       User-Password                   userPassword
>
>  -
>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>



-- 
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -



More information about the Freeradius-Users mailing list