23 Apr
2007
23 Apr
'07
10:48 a.m.
Jacob Jarick wrote:
Is it possible to encasuplate PAP inside another protocol say EAP to prevent from packet sniffers etc.
Please stop worrying about how RADIUS works. It's fine. Packet sniffers can't grab the PAP passwords.
Failing that is it possible to asign vlans bases on ldap primary group via the ntlm_auth method.
No. ntlm_auth is just for authentication. You have to configure the server to do LDAP group lookups for per-group VLAN assignment. See messages on this list in the last week or so, which include examples. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog