Freeradius as Authenticator
Alan DeKok
aland at ox.org
Thu Aug 4 17:26:28 CEST 2005
Florian Prester <Florian.Prester at rrze.uni-erlangen.de> wrote:
> With MSCHAP we are using the NT-password ( I know it is not realy
> crypted, but still better than cleartext!)
That's a common misconception.
> Now, how can I use PAP authentication with EAP-TTLS?
Tell the client to use it. The server has NO control over whether
the client uses PAP or not.
> Thu Aug 4 08:44:33 2005 : Debug: rad_check_password: Found
> Auth-Type LDAP
> Thu Aug 4 08:44:33 2005 : Debug: auth: type "LDAP"
> Thu Aug 4 08:44:33 2005 : Debug: ERROR: Unknown value specified for
> Auth-Type. Cannot
> perform requested action.
Yeah, the LDAP module sets Auth-Type itself, and it can end up
causing problems. The work-around is to set Auth-Type to PAP. i.e.
DEFAULT Auth-Type = PAP
Alan DeKok.
More information about the Freeradius-Users
mailing list