On 01/18/2011 05:19 PM, Michael Shoemaker wrote: > We are trying to get authentication with an alvarion wireless unit that > is sending mschapv2 encrypted passwords through a eap-ttls tunnel. > > I can get the eap-ttls tunnel built and can see the attempts to request > the mschapv2 but am not sure where our hangup is.
I have a couple of suggestions below. If they do not work, reply with your configuration file (no secrets) and log file that shows the failing requests. > What needs to be done to be able to get local authentication on the > radiator server using AuthBy DBFILE (DB_File) > > The db was built using a plaintext file then converted using the > builddbm script. Did you use -t option with builddbm? If you did not, then you should remove "DBType DB_FILE" from the config. By default builddbm creates a AnyDBM_File which is also the default value for DBType. > <Handler TunnelledByTTLS=1> > > <AuthBy DBFILE> > Filename /etc/raddb.proxy/dbm/users.db > DBType DB_File Check if this is really the correct value. > </AuthBy> > this gets me to the point of doing the ttls tunnel, then it passes the > mschap stuff to the authby dbfile... but I am not sure how to unencrypt > the pw to check vs the db file. If the DBType check will not help, then the problems with password check should be visible in the log. Thanks! Heikki Vatiainen -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
