Issue with MSCHAP

alan buxey A.L.M.Buxey at lboro.ac.uk
Mon Nov 5 00:12:10 CET 2012


Hi,

>    yeah i haven't touched anything just setup ubuntu server + pptp +
>    freeradius + mysql thats it. 

ah. VPN stuff - you should have clarified.... the pointers about TTLS etc
from others was for enterprise wireless (WPA2/AES - aka WPA/RADIUS) 

2 step approach - secure access to the DB in the first instance, second
would be to use eg NT-HASH rather than PAP for storage. where is the DB? same
host as the RADIUS? ensure only the processes that need access have access
and ensure only the account that needs privileges gets read access.

alan


More information about the Freeradius-Users mailing list