> The PAP method requires nothing. PAP states that a clear text password > is sent over the line. How it is compared against a stored password is > in your hands. > > It's the standart problem: will the hacker hijack your phone lines an > sniff clear text PAP passwords, or will he hack your servers and see > those clear text passwords required for CHAP in your database?
thanks but the problem is that I'm using the nokia p022 access controller that don't use Pap but normal radius. So in authorize I use sql but in authtntication I use local. What can I use for md5? Thanks Rob - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
