Can someone please advice ? Thanks,
--- Jack J <[EMAIL PROTECTED]> wrote: > > Kevin, > > I am trying to use MSCHAPv2 w/ PEAP against AD > using FreeRADIUS. > Could you please shed some light/pointers on > how to configure this ? > > Thanks, > > --- Kevin C Miller <[EMAIL PROTECTED]> wrote: > > > Does anyone know if wireless authentication > (LEAP, > > PEAP, EAP, TLS, TTLS) > > > is possible using freeradius authenticating to > > Windows AD without having > > > to enter usernames or any user information on > the > > freeradius box? I am > > > still not sure why it cannot use the LDAPS > > connection that I have working > > > from freeradius to Windows AD for simple > > authentication. Am I the only > > > one trying to accomplish this task? > > > > I haven't done this specifically, but you should > > first try to narrow down > > the EAP types you are considering. TLS, for > example, > > will require a client > > certificate. TTLS will require a third-party > client > > for Windows. > > > > I would look at MS-CHAPv2 with PEAP. Given your AD > > you should have the > > necessary hashes to make this work. > > > > What I have done is use the SecureW2 client with > > TTLS-PAP to authenticate > > against a KDC. In this case PAP is necessary to > > transport the password to > > the server, as the password is required to verify > > the Kerberos credentials. > > > > -Kevin > > > > - > > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > __________________________________ > Do you Yahoo!? > Yahoo! Small Business $15K Web Design Giveaway > http://promotions.yahoo.com/design_giveaway/ > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __________________________________ Do you Yahoo!? Yahoo! Small Business $15K Web Design Giveaway http://promotions.yahoo.com/design_giveaway/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
