Best/fastest method to query external radius OTP

Alan DeKok aland at
Thu Jun 18 13:10:31 CEST 2020

On Jun 18, 2020, at 4:35 AM, Dominique Wille <dominique.wille at> wrote:
> Hello dear users. Could you help ?
> We have a freeradius 3.0.x configuration working
> - Authorization with LDAP
> - Authentication with LDAP, backup to files
> Now trying to get validation from OTP provider
> Needs to send a radius request with User-Name="myusername",
> User-Password="push" (this one is always "push", not the original pwd). The
> "push" words triggers a push notification on mobile that needs to be
> answered, and then OTP provider radius answers with accept or reject.
> I have tried radclient (working in console mode) with exec module, but
> having some issues to move it to rlm_exec module (piping data I think).

  Why not just proxy the packet?

  You can re-write the password in the "pre-proxy" section.   That's what it's for.

  Alan DeKok.

More information about the Freeradius-Users mailing list