Question about authenticating CHAP clientsusinganexternalprogram-A different case

Ali Majdzadeh ali.majdzadeh at
Thu Feb 26 10:00:35 CET 2009

Thanks for your reply. I have got some questions to ask. We have different
types of clients (Or, connections) in our system; Dial-Up, ADSL, VoIP, CHAP,
MS-CHAP, MS-CHAPv2 and ... . Each of these clients need different
authorization method. Now, where should our authorization code reside? Shall
we create an authorization external program as an instance of the rlm_exec
module and call it in the Authorization section of radiusd.conf? Shall we
create our customized module and form our code as the authorization
function? What about authentication, I completely understood the idea of
post-auth, but how it should be implemented? Do we need another instance of
the rlm_module placed in the post-auth section of radiusd.conf or we should
implement post-auth functionalities as post-auth function in our customized
module? In general, what should be our strategy, developing a customized
module and implementing our logic as it's functions, or using multiple
instances of rlm_exec module and placing them in the appropriate sections of
the radiusd.conf?
Thanks again for your kind attention.

Kind Regards
Ali Majdzadeh Kohbanani
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list