Hi Tim. If you want to use encryption for your ppp users you need to drop md5 hashing of your sql passwords. Just sync your old SQL database with a new one for radius only and put unencrypted passwords there. You can use md5 hashed passwords but then you will not be able to use crypto for your PPP connections. I'd suggest you to use PPPoE with MPPE128 bit encryption for both passwords and data. You will get a slight overhead on data encryption but not much really. With PPP(oE) you can easly add different bandwith limits for each of the users, set up user's static or dynamic IPs.
Cheers, YazzY On Fri, 11 Jun 2004 16:47:43 +0800 <[EMAIL PROTECTED]> wrote: > Hi everyone. > > I've tried searching google countless times but can't get the solution, so > I'm hoping you guys can help me... > > Case: I currently have 11 Cisco 350 series APs in a school, and I'd like to > move away from using MAC filters (for about 250 users so far) and use a > radius solution. The students each have access to a portal, but the > passwords are all hashed with MD5 and stored in a MSSQL database. > > Questions: Are there any authentication protocols (that can use MD5 hashed > passwords) that I could use to authenticate the wireless users? I read the > section about using PAP, but should I use it, does it mean that the > user/pass will be transmitted over the air unencrypted? I'm also hoping to > use some sort of dynamic WEP key rotation or TKIP. > > Right now when I try to configure the clients, I only see PEAP or > certificates (which I don't want to use) as methods of 802.1x > authentication, or LEAP if I use the cisco aironet client... does it mean > I'm limited to the two for authenticating wireless users? > > If I'm able to change the type of encryption used for the portal server's > password database, which type of encryption is supported by > EAP/LEAP/freeradius? > > I'm very new at network authentication/freeradius/linux, so forgive me if I > say something wrong. > > > Thanks, > Tim. > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
