FreeRadius-ML wrote: > Now, I'm basically re-learning everything, as the world of OpenSER + > FreeRadius is a little new to me, > and sometimes frustrates me. The amount of documentation in the configuration > files is great, but the lack > of updated examples is somewhat annoying. Even Asterisk, which is one of the > most undocumented environments > in the world, has more configuration examples available.
The majority of FreeRADIUS installations put users & password into SQL or LDAP, and then don't touch it ever again. For them, the existing examples are mostly OK. For *complex* scenarios, RADIUS quickly gets more complicated than DNS, DHCP, Web servers, and (I suspect) Asterisk. There just isn't enough space in the world to document every configuration that everyone needs. > In any case, lets go back to what we were discussing. If I understand you > correctly, on the FreeRadius side, > I only need to enable digest based authentication and authorization, define > the user in the users file - and that > should be working just fine? Yes. The entire *point* of the default configuration is to have as many authentication protocols as possible work... just by defining a user and password. See: http://deployingradius.com/documents/configuration/pap.html When 2.0 is released, defining a username & password will cause the following authentication methods to work: * PAP * CHAP * MS-CHAP * Digest * EAP-MD5 * EAP-MSCHAPv2 * Cisco LEAP * PEAP-MSCHAPv2 * PEAP-GTC * EAP-TTLS with * PAP * CHAP * MS-CHAP * EAP-MD5 * EAP-MSCHAPv2 Try *that* with any other program: "I added one line in a configuration file, and VOIP works, WiFi works, dial-up works, PPPoE works, VPN's work, for Apple, Windows, and Linux". No fighting, no fuss. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html