1 Dec
2009
1 Dec
'09
1:29 p.m.
If I understand correctly, I don't need to worry about ntlm_auth at all in this case (because with MSCHAP I don't have a cleartext password, and thus ntlm_auth won't do me any good), so I probably don't need to update the Auth-Type?
If you are sure that all requests will be mschap. That if will work just if it's a pap request.
So I think what I need is:
if(Huntgroup-Name == "VPN_Huntgroup") { if(Ldap-Group == "VPN_Users") {
Put just ok in there. It might not like empty brackets.
} else { reject } }
woudl that unlang go into the ./users file? or into the authorization {..} section?
authorize. Ivan Kalik