On ons, 2008-11-12 at 21:45 -0600, Johnson, S wrote:
I'm trying to get the squid_radius_auth working and have tried to
manually connect to my Microsoft radius server. I cannot get an ok
for a response when manually testing the connection. Although, I can
see the attempts in my Microsoft radius server log so I know I'm
hitting it. I have a feeling it's my configuration in my Microsoft
radius server. I've dug around and cannot find any articles on the
setup for the radius server side; just the squid side (which again I
think is working ok). Does anyone have information on this or
suggestions to try?
There isn't very much. The RADIUS server need to be configured to accept
normal obfuscated plain-text authentication as defined in the RADIUS
protocol specifications (Access-Request with the User-Password
attribute), and both need to be configured with the same shared secret.
squid_radius_auth does not support syntesized CHAP-MD5 authentication.
Contributions adding such support is welcome which may make it easier to
interoperate with some RADIUS servers but probably not MS AD.. (what I
mean is squid_radius_auth calculating a CHAP response based on the
received plain-text credentials)
Regards
Henrik
signature.asc
Description: This is a digitally signed message part
