>
> > Wed Mar 20 15:35:57 2002 : Auth: Login incorrect:
> > [{ed: whatever username -sko}/<CHAP-Password>] (from nas
> > UNKNOWN-NAS port 0 cli 8475061520)
> >
> > If I use just User-Password, this works like a dream. Any suggetions?
>
> Don't use CHAP.
Ok, well the UUNET docs states that I can use PAP or CHAP. Here's what
their doc says about it though:
Althought the REseller may not be using CHAP, they must configure their
RADIUS server to respond to a CHAP request by requesting PAP
authentication after declining CHAP. This is done during the LCP phase of
creating a PPP session.
Is this doable in freeradius?
> From what I recall, the LDAP module tries to authenticate to the
> LDAP server, usin g the username/password supplied in the packet.
> Therefore, it needs access to the plain-text password, as it's telling
> you.
Running freeradius in debug mode, this is indeed what the LDAP module is
doing. After reading through the section of the FAQ you pointed out, and
the "Interoperation wiş PAP and CHAP" section of RFC2138 I'm starting to
understand what the deal is.
Thanks,
-Shawn
>
> The alternative is to use a DB which stores the password in clear text.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
Shawn K. O'Shea
Sr. Unix Administrator
DSL.net, Inc.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
