captive portal auth with freeradius

Chitrang Srivastava chitrang.srivastava at gmail.com
Wed Apr 17 17:07:18 CEST 2013


But its working fine with wifi authentication ( I am using ntlm auth for
MSCHAPv2 with LDAP) only issue is with when request come from captive
portal ..I needto see why PAP request comes


On Wed, Apr 17, 2013 at 7:28 PM, Olivier Beytrison <olivier at heliosnet.org>wrote:

> On 17.04.2013 15:37, Chitrang Srivastava wrote:
> > Thanks , I am trying to MSCHAPv2 (TTLS or PEAP ) or GTC with LDAP
>
> MSCHAPv2 with EAP-TTLS or PEAP will NOT work with LDAP. as explained
> almost everywhere, and especially here :
> http://deployingradius.com/documents/protocols/compatibility.html
>
> You need a cleartext password or a NT_Hash to authenticate with MSCHAPv2.
>
> Only EAP-GTC will work with LDAP if I'm not mistaken.
>
> And by the way, your debug output show a request using PAP. PAP and EAP
> are two completly different things, which different requirements.
>
> > I see that rlm_ldap.c will set Auth-Type as ldap based on set_auth_type
> > =yes and 3 other flags,
> > tried but it didn't worked ,
> > I will try from scratch
>
> This won't change that you can't authenticate with EAP-TTLS/PEAP and
> MSCHAPv2 against a LDAP directory. (Well, except if you're using Novell
> eDirectory with the Central Password management, but that's another story).
>
> Olivier
> --
>
>  Olivier Beytrison
>  Network & Security Engineer, HES-SO Fribourg
>  Mail: olivier at heliosnet.org
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130417/ab6172fa/attachment-0001.html>


More information about the Freeradius-Users mailing list