Florian Prester <Florian.Prester@rrze.uni-erlangen.de> wrote:
With MSCHAP we are using the NT-password ( I know it is not realy crypted, but still better than cleartext!)
That's a common misconception.
Now, how can I use PAP authentication with EAP-TTLS?
Tell the client to use it. The server has NO control over whether the client uses PAP or not.
Thu Aug 4 08:44:33 2005 : Debug: rad_check_password: Found Auth-Type LDAP Thu Aug 4 08:44:33 2005 : Debug: auth: type "LDAP" Thu Aug 4 08:44:33 2005 : Debug: ERROR: Unknown value specified for Auth-Type. Cannot perform requested action.
Yeah, the LDAP module sets Auth-Type itself, and it can end up causing problems. The work-around is to set Auth-Type to PAP. i.e. DEFAULT Auth-Type = PAP Alan DeKok.