LDAP SHA1 Password, EAP-PAP and Dynamic VLAN
Ggatten at waddell.com
Tue Jul 26 20:14:53 CEST 2011
The DVLAN is after a successful authentication, so I don't *think* it matters how the password is stored and such. If you can authenticate ok, then you move to the authorize section and do DVLAN through whatever means.
Note: I am a FR beginner myself, don't take my word for anything!
----- Original Message -----
From: stich86 [mailto:stich86 at gmail.com]
Sent: Tuesday, July 26, 2011 01:06 PM
To: freeradius-users at lists.freeradius.org <freeradius-users at lists.freeradius.org>
Subject: LDAP SHA1 Password, EAP-PAP and Dynamic VLAN
i'm trying to figure out how to configure FreeRadius with SHA1 hashed
password on openldap backend.
Actually i've already a configuration to dynamic assing VLAN ID with
MS-CHAPv2 (that works on OSX, Linux and Windows XP/Vista/7). I want to
switch to SHA1 because we have already a LDAP DB populated with all SHA1
password. I've read that it's possibile with the use of PAP (OSX and Linux
have no problem to support it, for Windows it's necessary another
supplicant.. no problem).
I've done some tests.. can actually authenticated based on the logs and the
switch info, but Dynamic VLAN isn't configured on the switch ports. So..
before waste my time.. Is it REAL possible to use SHA1 with PAP to do
Dynamic VLAN association?
Thanks to anyone :)
View this message in context: http://freeradius.1045715.n5.nabble.com/LDAP-SHA1-Password-EAP-PAP-and-Dynamic-VLAN-tp4635755p4635755.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
<div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'>
"This email is intended to be reviewed by only the intended recipient
and may contain information that is privileged and/or confidential.
If you are not the intended recipient, you are hereby notified that
any review, use, dissemination, disclosure or copying of this email
and its attachments, if any, is strictly prohibited. If you have
received this email in error, please immediately notify the sender by
return email and delete this email from your system."
More information about the Freeradius-Users