2 May
2016
2 May
'16
3 p.m.
Dear list. I'm using freeradius 2.2.5 on Debian-Jessie. I would like to limit the accepted authentication types to TTLS-PAP, as I'm using SHA1-PWs stored in a MySQL-DB. As described on http://deployingradius.com/documents/configuration/auth_type.html using `Auth-Type' in sites-available/inner-tunnel or default to generally reject mschap and chap is not recommended. Instead an entry in the users file (or radcheck table) should be used. The problem is for me, that the example describes the acception of MSCHAP only, but I didn't succeed in adapting it for accepting PAP only. How is this possible to reject any authentication attempt except PAP? For advanced: How generally switch of PEAP? Many thanks in advance and best regards Jens