Question about Access-Challenge

Udptelecom udptelecom at
Fri Jul 8 14:49:16 CEST 2011

Yes, it works this way. But the requirements are for a two phase authentication.

Sent from my iPhone

On Jul 8, 2011, at 2:11 AM, "Fajar A. Nugraha" <list at> wrote:

> On Fri, Jul 8, 2011 at 10:14 AM, Jamshid Abedi <udptelecom at> wrote:
>> Hello,
>> I've got Mobile OTP to work with FreeRadius, I'd like to take this one step
>> further and turn this into a two phase process. The objective is to first
>> take the pin, authenticate that and then communicate to the NAS with a
>> challenge to receive the OTP from the user. I think this can be done via an
>> access-challenge reply to the NAS. My question is how do I get FreeNAS to
>> send an Access-Challenge once it has verified the PIN is correct? If anyone
>> can kindly give me some hints or point me in the right direction.
> IMHO the simplest way would be just concatenate them together. e.g. if:
> - your pin is 4 digits
> - your OTP is 12 digits
> - you use PAP
> then you can ask your users to put the 4 digit pin followed by 12
> digit OTP, so the password will be 16 digits. And since you use PAP,
> you get User-Password attribute in the request which can easly be
> split using unlang/regex into two components, which you can then
> verifiy.
> -- 
> Fajar
> -
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list