LDAP-FreeRadius-Cisco Switch-802.1x Fails.
Wassim Zaarour
wassim.zaarour at navlink.com
Fri Apr 20 09:22:30 CEST 2012
On 4/20/12 10:15 AM, "Fajar A. Nugraha" <list at fajar.net> wrote:
>On Fri, Apr 20, 2012 at 2:09 PM, Wassim Zaarour
><wassim.zaarour at navlink.com> wrote:
>> Hi Alan,
>>
>> I went through the archives and did some changes but still getting the
>> error, appreciate of you can help me a bit here.
>>
>> I think I read that the ldap request must be proxied to the inner
>>tunnel for
>> it work, is that true? How can we do that?
>
>Short version: you won't be able to get PEAP-MSCHAPv2 (i.e. what
>windows use) to work with your LDAP. Period.
>
>Long version:
>MSCHAPv2 (which also means PEAP-MSCHAPv2) needs either:
>- Cleartext-Password or NT-Hash available (in LDAP, sql, users file
>whatever), OR
>- an active directory
>
>If you don't have either, then it won't work.
Hi Farja,
Passwords are stored as clear text in my LDAP, that should make MSCHAPv2
work right?
Wassim
More information about the Freeradius-Users
mailing list