How to implement two possible passwords? (one for PEAP andotherforTTLS)
Ivan Kalik
tnt at kalik.net
Thu May 1 00:25:21 CEST 2008
>From ldap to radius? Probably not. But you can configure TLS encryption
between ldap and radius servers in ldap {} module.
Ivan Kalik
Kalik Informatika ISP
Dana 30/4/2008, "Sergio Belkin" <sebelk at gmail.com> piše:
>Sorry I sent by mistake the earlier message, Thank Ivan now is working
>using that mapping in ldap.attrmap with both PEAP and TTLS. Now my
>question is: is radiusPassword send over network encrypted?
>
>thanks in advance!
>
>
>> Just map radiusPassword to Cleartext-Password and peap will ignore the
>> encrypted userPassword and use Cleartext-Password. So, no extra virtual
>> servers needed. In your ldap.attrmap it's mapped to clrtxtPassword.
>>
>>
>> >> >ldap.attrmap
>> >> >checkItem $GENERIC$ radiusCheckItem
>> >> >replyItem $GENERIC$ radiusReplyItem
>> >> >checkItem Cleartext-Password clrtxtPassword
>> >> >checkItem User-Password userPassword
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>
>
>
>
>--
>--
>Open Kairos http://www.openkairos.com
>Watch More TV http://sebelk.blogspot.com
>Sergio Belkin -
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list