Definite Auth-Type via SQL-DB

dump at gmx.info dump at gmx.info
Mon May 2 21:00:36 CEST 2016


Dear list.

I'm using freeradius 2.2.5 on Debian-Jessie.

I would like to limit the accepted authentication types to TTLS-PAP, as
I'm using SHA1-PWs stored in a MySQL-DB. As described on

http://deployingradius.com/documents/configuration/auth_type.html

using `Auth-Type' in sites-available/inner-tunnel or default to
generally reject mschap and chap is not recommended. Instead an entry in
the users file (or radcheck table) should be used.

The problem is for me, that the example describes the acception of
MSCHAP only, but I didn't succeed in adapting it for accepting PAP only.

How is this possible to reject any authentication attempt except PAP?

For advanced: How generally switch of PEAP?

Many thanks in advance
and best regards

Jens



More information about the Freeradius-Users mailing list