Example configuration that proxy PEAP MSCHAPv2 to an IAS server
Glenn Machin
gmachin at sandia.gov
Fri Aug 26 23:40:36 CEST 2011
I using radiusd: FreeRADIUS Version 2.1.11.
I cannot seem to get the RHEL5 (2.6.18-238.9.1.el5) ntlm_auth program to
properly authenticate the challenge and nt-response packets.
If I set the password using clear-text and also set
MS-CHAP-Use-NTLM-Auth, the authentication works fine. The version of
ntlm_auth is Version 3.5.4-0.83.el5
So my next step is to try to filter PEAP MSCHAPv2 requests and proxy
them off to an IAS server. However I still want PEAP GTC packets
handled on this server.
Anyone doing such a thing? If so can you tell me how you set up
eap.conf, sites-enabled/inner-tunnel and sites-enabled/default, or any
other configuration files?
Thanks
More information about the Freeradius-Users
mailing list