OTP autentication to a mobile phone (sometimes called mobile TAN/mTAN)

Alan DeKok aland at deployingradius.com
Tue Feb 3 10:51:07 CET 2009

Verlag Neue Stadt wrote:
> we would like to have captive users(authentication portal) authenticated
> with a one time password (OTP).

  The captive portal is responsible for implementing the login page, and
all of the handling of RADIUS client requests.

> After entering the user-account at the captive login page, preferably
> a/the RADIUS server should send
> the unique autentication number (sometimes called mobile TAN/mTAN or
> OTP) to the users mobile
> phone in order to gant access.

  No.  The *captive portal* is responsible for this.  It should also
insert the number into a DB.  FreeRADIUS can then query that DB for
authentication information.

> Is something like that possible with freeradius?

  It has very little to do with FreeRADIUS.  You need to configure it to
read usernames/passwords from a DB, and you need to configure the
captive portal to do everything else.

  Alan DeKok.

More information about the Freeradius-Users mailing list