Drew Weaver <[EMAIL PROTECTED]> wrote: > Now, 99% of my users use PAP, and authenticate via the SYSTEM > method, this works excellent. However it seems that anyone who has a > password listed in the users file automatically 'requires' CHAP, is there a > way to make it 'allow CHAP if it has a password in users, but not REQUIRE > chap?'
I don't see how it "requires" chap. The server is set up to *allow* the user to use CHAP, if there's a plain-text password available. But nothing in the server *requires* chap. I would suggest reading the debug output of the server. It will tell you why CHAP is being used. > The doom account is basically getting all of the attributes of the DEFAULT > account... but it should be using its own account specific attributes. Which is what you told it to do: > DEFAULT Auth-Type = System > Fall-Through = "1", ... > I have the default entry listed at the top of the file. See the docs. The Fall-Through attribute tells it to continue processing the "users" file, where it then finds the "Doom" entry. Look at the sample "users" file. There's a reason the DEFAULTS are listed at the bottom. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
