Disable PAP and use only CHAP

Navodit Bhardwaj navodit.bhardwaj at gmail.com
Thu May 30 07:22:45 CEST 2013


Hi

I want to disable PAP and other authenticaiton methods and use only CHAP.
Means if user request does not contain CHAP is should be Rejected.

I have tried to disable PAP from the modules and
/usr/local/etc/raddb/sites-enabled/default, but still the Access is
Accepted.

how to enable only CHAP??


# Executing section authorize from file
/usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[suffix] No '@' in User-Name = "eala", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry egalqa at line 91
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
WARNING: Please update your configuration, and remove 'Auth-Type = Local'
WARNING: Use the PAP or CHAP modules instead.
User-Password in the request is correct.
# Executing section post-auth from file
/usr/local/etc/raddb/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 13 to 192.168.1.209 port 2788
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Address = 172.16.3.33
        Framed-IP-Netmask = 255.255.255.0
        Framed-Routing = Broadcast-Listen
        Framed-Filter-Id = "std.ppp"
        Framed-MTU = 1500
        Framed-Compression = Van-Jacobson-TCP-IP
Finished request 4.


-- 
br,
Navodit Bhardwaj
Hughes Systique Corporation
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130530/58f0eefe/attachment.html>


More information about the Freeradius-Users mailing list