EAP-GTC configuration
Levavi, Yariv
Yariv.Levavi at safenet-inc.com
Thu Jul 24 13:00:27 CEST 2014
Hello,
We are configuring EAP-GTC in our FreeRADIUS environment (please note that SAS is our authentication server):
[cid:image003.png at 01CFA747.9F2173C0]
[cid:image004.png at 01CFA747.9F2173C0]
[cid:image006.png at 01CFA747.9F2173C0] [cid:image008.png at 01CFA747.9F2173C0] [cid:image010.png at 01CFA747.9F2173C0] [cid:image012.png at 01CFA747.9F2173C0] [cid:image010.png at 01CFA747.9F2173C0] [cid:image014.png at 01CFA747.9F2173C0] [cid:image016.png at 01CFA747.9F2173C0] [cid:image019.png at 01CFA747.9F2173C0] [cid:image021.png at 01CFA747.9F2173C0] [cid:image023.png at 01CFA747.9F2173C0] [cid:image025.png at 01CFA747.9F2173C0] [cid:image027.png at 01CFA747.9F2173C0] [cid:image029.png at 01CFA747.9F2173C0]
Our questions are:
1) Do you happen to know how do we obtain the plain password provided in the first Access Response message? Currently we attempt to access the active directory by running an external execution program. This means we need to get the password attribute via freeRadius attributes/environment. If we fail to find a way to get the password information from freeRadius environment then we would consider changing our design by writing a freeRadius code module.
2) The PEAP (which is actually a freeRadius instance) is currently configured is to work to proxy all access requests. This is done by setting the "users" configuration file redirect every incoming access request (DEFAULT FreeRADIUS-Proxied-to == 127.0.0.1, Proxy-to-Realm := DEFAULT). Do you know if there is way to apply redirection upon demand (in our case we would like to handle the first access request locally by verifying the username and password against the AD and redirect only the second access request, containing the user's OTP).
3) The OTP in the second access request is provided as a plain text (over ssl). Is there any way we proxy it to freeRadius agent in a secure way (e.g. MSCHAP2)?
4) Do you have any good references for freeRadius configuration docs?
Regards,
Yariv Levavi
SafeNet's Integration Team
The information contained in this electronic mail transmission
may be privileged and confidential, and therefore, protected
from disclosure. If you have received this communication in
error, please notify us immediately by replying to this
message and deleting it from your computer without copying
or disclosing it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.emz
Type: application/octet-stream
Size: 1983 bytes
Desc: image001.emz
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0010.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.emz
Type: application/octet-stream
Size: 2327 bytes
Desc: image002.emz
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0011.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 756 bytes
Desc: image003.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0019.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 997 bytes
Desc: image004.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0020.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.emz
Type: application/octet-stream
Size: 2225 bytes
Desc: image005.emz
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0012.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 921 bytes
Desc: image006.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0021.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.emz
Type: application/octet-stream
Size: 1860 bytes
Desc: image007.emz
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0013.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image008.png
Type: image/png
Size: 592 bytes
Desc: image008.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0022.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image009.png
Type: image/png
Size: 263 bytes
Desc: image009.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0023.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image010.png
Type: image/png
Size: 650 bytes
Desc: image010.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0024.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image011.emz
Type: application/octet-stream
Size: 2834 bytes
Desc: image011.emz
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0014.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image012.png
Type: image/png
Size: 1149 bytes
Desc: image012.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0025.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image013.emz
Type: application/octet-stream
Size: 1917 bytes
Desc: image013.emz
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0015.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image014.png
Type: image/png
Size: 782 bytes
Desc: image014.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0026.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image015.png
Type: image/png
Size: 262 bytes
Desc: image015.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0027.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image016.png
Type: image/png
Size: 681 bytes
Desc: image016.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0028.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image017.png
Type: image/png
Size: 427 bytes
Desc: image017.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0029.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image018.emz
Type: application/octet-stream
Size: 2381 bytes
Desc: image018.emz
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0016.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image019.png
Type: image/png
Size: 1092 bytes
Desc: image019.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0030.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image020.png
Type: image/png
Size: 288 bytes
Desc: image020.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0031.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image021.png
Type: image/png
Size: 722 bytes
Desc: image021.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0032.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image022.emz
Type: application/octet-stream
Size: 2204 bytes
Desc: image022.emz
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0017.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image023.png
Type: image/png
Size: 927 bytes
Desc: image023.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0033.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image024.emz
Type: application/octet-stream
Size: 2394 bytes
Desc: image024.emz
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0018.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image025.png
Type: image/png
Size: 1022 bytes
Desc: image025.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0034.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image026.emz
Type: application/octet-stream
Size: 2431 bytes
Desc: image026.emz
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0019.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image027.png
Type: image/png
Size: 820 bytes
Desc: image027.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0035.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image028.png
Type: image/png
Size: 275 bytes
Desc: image028.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0036.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image029.png
Type: image/png
Size: 668 bytes
Desc: image029.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140724/2f2ecb35/attachment-0037.png>
More information about the Freeradius-Users
mailing list