Christophe Saillard <[EMAIL PROTECTED]> wrote:
> When I do not set Auth-Type TTLS/PAP works with users stored in the
> "users" files, PEAP/Ms-chap-v2 works with users from LDAP storage,
> but TTLS/PAP from LDAP doesn't work....

  And the debug log would tell you why.  The FAQ also mentions
something about statements like "it doesn't work".

  Without looking at your configuration, I can tell that you've
probably stored the passwords as NT-Passwords, so MS-CHAP works, but
PAP doesn't.  This isn't an issue for TTLS or PEAP, as it's
completely independent of them.

  The rlm_pap module could be updated to compare PAP passwords from
the packet with NT-Passwords retrieved from somewhere else.  This
could probably go into 1.0.0, as there are a few other issues with
building on certain platforms.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to