About EAP-TTLS + MS-CHAPv2 authentication

Alan DeKok aland at deployingradius.com
Tue Jul 30 17:08:23 CEST 2019


On Jul 30, 2019, at 11:06 AM, Yuya Yanagi <peacefull64 at gmail.com> wrote:
> 
> Thank you for your reply.
> 
> The LDAP server uses OpenLDAP.

  Then the database needs to supply a Cleartext-Password to FreeRAIDUS.

> Authentication of Wifi_AP and wired LAN does not use AD.
> 
> The attribute about the user is set to OpenLDAP.

  OK.

  How are the passwords stored in LDAP?  Clear text?  crypt?  Some other method?

  Only Clear text passwords and NT hashed passwords are compatible with MS-CHAPv2.

> The migration source passes authentication with MS-CHAPv2, but
> Maybe you should choose MS-Chapv2?

  They're the same thing.

  Alan DeKok.




More information about the Freeradius-Users mailing list