how to configure Cisco vpn clients againts freeradius
Jevos, Peter
Peter.Jevos at oriflame.com
Wed Jul 14 17:40:46 CEST 2010
Jevos, Peter wrote:
> user Auth-Type := ntlm_auth
> Service-Type = NAS-Prompt-User,
> cisco-avpair = "shell:priv-lvl=15"
...
> And I added this lines into users file:
> DEFAULT Huntgroup-Name == "vpn"
> Auth-Type := ntlm_auth2
What is "Auth-Type" on the first line for "user", and on the second
for "DEFAULT"?
See "man users"
Run the server in debugging mode. It WILL complain about the
"Auth-Type" being on the second line.
Alan DeKok.
-
HI alan
Thank you for your answer, but I don't understand
I took it from the mailing list:
http://lists.freeradius.org/mailman/htdig/freeradius-users/2010-February
/msg00046.html
I'd like to authenticate all cisco vpn clients that match the proper
domain name and password. I already have the ntlm_auth command, but I
don't know how should look like the Users file
My ntlm_auth is:
ntlm_auth2 = "/usr/bin/ntlm_auth --request-nt-key
--username=%{mschap:User-Name} --domain=%{mschap:NT-Domain:}
--challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}
--require-membership-of='SOMEDOMAIN+domain users'"
I'm using ntlm_auth2 because ntlm_auth is already used ( for the router
access )
Thanks
pet
More information about the Freeradius-Users
mailing list