freeradius proxy with 802.1x termination
Alan DeKok
aland at deployingradius.com
Thu Jan 7 18:55:24 CET 2010
John Gammons wrote:
> My client "Ubiquity Nanostation" only supports EAP-TTLS MSCHAPv2.
>
> My NAS, only supports access-requests using PAP/CHAP passwords in clear-text.
What does that mean?
> I am attempting to setup a "Radius Proxy" that terminates the EAP-TTLS
> outer, and takes MSCHAPv2 inner tunnel, and forwards a clear-text
> user/pass to the NAS for authentication.
The NAS is a RADIUS client. It originates Access-Requests. It
doesn't receive them, and it definitely doesn't do authentication.
> The more I read, the more I
> am getting the impression that this is not possible. Is that the
> case?
You can't convert MS-CHAP into PAP or CHAP. And I have no idea what
you mean when you say the NAS does authentication.
Alan DeKok.
More information about the Freeradius-Users
mailing list