IMHO this question should be on freeradius-users, so moving it there. On Sun, Apr 1, 2012 at 8:30 AM, Oliver <oli...@anonsphere.com> wrote: > Hi everybody, > > I use FreeRADIUS Version 2.1.10 on Debian with OpenVPN and > xl2tp/openswan and the rlm_sql module. I want to use the user password > in a sql query in dialup.conf. This works fine with ssh and openvpn > logins but not with mschapv2. I don't know if the password is really not > submitted or just not replaced in the sql query.
in mschapv2, the the client doesn't send user's cleartext password. > > Is there a simple way to make this work? For that purpose, you need user's cleartext password. Which means you can't use chap (or any of its variants). Only use PAP, TTLS-PAP, or EAP-GTC. Or change the way your system works so you don't need user's cleartext password. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html