But its working fine with wifi authentication ( I am using ntlm auth for MSCHAPv2 with LDAP) only issue is with when request come from captive portal ..I needto see why PAP request comes
On Wed, Apr 17, 2013 at 7:28 PM, Olivier Beytrison <oliv...@heliosnet.org>wrote: > On 17.04.2013 15:37, Chitrang Srivastava wrote: > > Thanks , I am trying to MSCHAPv2 (TTLS or PEAP ) or GTC with LDAP > > MSCHAPv2 with EAP-TTLS or PEAP will NOT work with LDAP. as explained > almost everywhere, and especially here : > http://deployingradius.com/documents/protocols/compatibility.html > > You need a cleartext password or a NT_Hash to authenticate with MSCHAPv2. > > Only EAP-GTC will work with LDAP if I'm not mistaken. > > And by the way, your debug output show a request using PAP. PAP and EAP > are two completly different things, which different requirements. > > > I see that rlm_ldap.c will set Auth-Type as ldap based on set_auth_type > > =yes and 3 other flags, > > tried but it didn't worked , > > I will try from scratch > > This won't change that you can't authenticate with EAP-TTLS/PEAP and > MSCHAPv2 against a LDAP directory. (Well, except if you're using Novell > eDirectory with the Central Password management, but that's another story). > > Olivier > -- > > Olivier Beytrison > Network & Security Engineer, HES-SO Fribourg > Mail: oliv...@heliosnet.org > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
