rlm_perl with WinXP MS-CHAP clients ?

Michael Gale michael.gale at pason.com
Wed Sep 20 23:50:30 CEST 2006


Hello,

	I think I used some of the wrong terms before ...

So currently we have a freeradius server with the default setup except I 
have enabled the SQL module. I have then placed users in a mysql db 
according to the schema.

In the DB I setup static IP's for the users.

Now the clients are WinXP machines using the Microsoft PPTP connection 
with the defaults and it is working fine. I believe that it is using 
MS-CHAP.

I would like to move away from the SQL DB, since all the users exist in 
another place. So I was hoping to use the rlm_perl module to check the 
username and passwords of the people connecting and if valid assign them 
a static IP.

Michael



Alan DeKok wrote:
> Michael Gale <michael.gale at pason.com> wrote:
>> To the authentication section, which means if the Auth-Type is set to 
>> perl then using the module perl. However I think that since the client 
>> or server is setting the auth type to MS-CHAP since that is what the 
>> client is using, it is trying to use the mschap module.
> 
>   The mschap module is setting that.
> 
>   Are you really saying you're going to write Perl code to validate
> the MS-CHAP data sent by the client, and in turn send the right
> MS-CHAP response?  Why?  What possible benefit does this have?
> 
>>> Here I assign static IP's and users to groups. We wish to use rlm_perl 
>>> instead of the sql module so we can authenticate the users against a in 
>>> house application.
> 
>   Does that in-house application support MS-CHAP?  No?  Then using
> rlm_perl won't help.
> 
>   Alan DeKok.
> --
>   http://deployingradius.com       - The web site of the book
>   http://deployingradius.com/blog/ - The blog
> - 
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-- 
Michael Gale

Red Hat Certified Engineer
Network Administrator
Pason Systems Corp.



More information about the Freeradius-Users mailing list