All, I would like Radiator to do the following.
When Radiator gets PEAP-EAP-CHAPv2 radius packets, Radiator proxies to IAS on Windows 2003 server. When Radiator gets EAP-TTLS-PAP packets, Radiator authenticate via Authby PAM using pam_smb. I have to do this setup because we need to authenticate against NTLM. I can do NTLM authentication with EAP-TTLS since I can use plaintext PAP, but I cannot do NTLM authentication with PEAP-EAP-CHAPv2 since it uses encrypted passwords. I got working both Radius proxy with PEAP-EAP-CHAPv2 and AuthBy PAM with EAP-TTLS-PAP separately. But when I try to combine both packets together, I am not getting it to work. Either one or the other fails authentication. I have tried using AuthByPolicy and list both AuthBy clauses but it does not seem to work. I am wondering if there is a way to check radius packets beforehand and send them to the appropriate AuthBy clause. The first request packet uses code 1 instead of 25 (PEAP) or 21 (EAP-TTLS) and it seems to make it difficult to differenticate. I appreciate any help. Thank you. Ken Kawakubo === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.