Mike Richardson wrote:
I posted the configs in the original email - was there anything in there which looked completely out of place?
No idea. Honestly, I rarely look at configurations. There's just too much stuff there. I look at debug logs. And if the configuration has big problems, it's *really* not worth my time to look. That's why I keep saying "start with the default config"
How does the config know to use PAP rather than CHAP/MSCHAP? Because all of the experience of the developers working for years with RADIUS is distilled into the configuration files.
Is there any documentation on how this works? I would like to know.
raddb/radiusd.conf. In short, the RADIUS Access-Request contains all of the information the server needs to determine the authentication method. The only requirement on the local administrator is to somehow tell the server a Cleartext-Password.
I don't mind fighting for a week if it works at the end and I have a better understanding. At this point it doesn't work but I do have a better understanding. Most software takes more than 10 minutes to understand and configure and I wouldn't be confident in my ability to support it campus wide if I'd only spend 10 mins on it. I don't believe in asking for help without doing as thorough as job as I can in experimenting and learning.
Sure. But the default configuration is *really* that simple for basic things like LDAP, SQL, and 802.1x. And version 2.0 is even easier. Alan DeKok.