SV: FR proxy to ACS and NPS with MS CHAP v2
Alan DeKok
aland at deployingradius.com
Tue Oct 12 15:49:30 CEST 2010
sbaror wrote:
> Hi Alan
> The issue is that the MS CHAP v2 authentication fails. it succeeds when the
> 2nd Radius is FR and fails with MS NPS.
> Sniffer traces show tha the dialog between the MS CHAP v2 FR and the DC is
> different then the one between the NPS and the DC.
Yes. NPS uses magic AD protocols. Samba (which FreeRADIUS uses)
implements the old NT protocols.
That doesn't matter.
What matters is configuring FreeRADIUS correctly. It's not hard to
set up ntlm_auth to AD. It's documented in a number of places,
including my web site:
http://deployingradius.com
Alan DeKok.
More information about the Freeradius-Users
mailing list