Hi. I have the following scenario:
[1]NAS <--> [2]FreeRADIUS <--> [3]IAS [1] A NAS that supports RADIUS. It sends request-packets with "User-Password" set in cleartext. [2] A FreeRADIUS server that proxies certain users (by realm) to another server (IAS). [3] An IAS (Windows RADIUS). The problem is that this server ONLY accepts ms-chap1 or ms-chap2 session. Is there a common way to bypass this problem, I cannot find any? I was thinking it would be nice to let FreeRADIUS act as an ms-chap session client on behalf of the NAS, and then in the end only send ACCEPT/DENY back to the NAS instead of proxying directly to the IAS (which denies cleartext logins). Is this possible in some way? -- Erling Paulsen - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html