Sorry people, when I first started writing this letter, I wasn't going to
bother you all with details of having to steal the ip address of the old
server to test it. Today, when I finished the letter, I told that little
story at the end.
-Original Message-
From: Lists @ Apted Tech. [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 22, 2003 5:36 PM
To: [EMAIL PROTECTED]
Subject: pap question
I have set up Freeradius 0.8.1 on a basic RedHat 8.0 install to replace
several windows radius servers we run right now. Freeradius auths off of a
mysql database using cleartext passwords so that CHAP may be used. We
resell DSL lines through a larger ISP who proxies the auths to our radius
servers using pap. After I got all the username/passwords and group
attributes put into the sql database, I had the ISP start proxying the
requests to the new box running freeradius, and this is what showed up in
the logs:
... Auth: Login incorrect:
[username/\007\323\002m2\227\035b%\346\211\234\036\342\233a] (from client
theclient port 0)
The server proxying these requests is using PAP, the encryption_scheme =
clear in radiusd.conf, and I know the PAP module is loading just before the
CHAP module does. I know that I could run the server in debug mode to see
exactly what is going on, but its a live box that is handling all auths for
my company now (except DSL :) and my superiors will not let me take it down,
restart, etc at all. The larger ISP who proxies these requests to us is
notoriously hard to get a hold of for issues like testing a new radius
server (sometimes it takes over a week just hear back from them). To test
the new system, I had to actually take the old windows RADIUS server down
(after making sure the clients/secrets and username/password information was
on the new box also) and steal it's ip address. So I'm hoping somebody may
have an idea on what is going on. Thanks all.
-Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html