>
> > Wed Mar 20 15:35:57 2002 : Auth: Login incorrect:
> > [{ed: whatever username -sko}/<CHAP-Password>] (from nas
> > UNKNOWN-NAS port 0 cli 8475061520)
> >
> > If I use just User-Password, this works like a dream. Any suggetions?
>
> Don't use CHAP.
Ok, well the UUNET docs states that I can use PAP or CHAP. Here's what
their doc says about it though:
Althought the REseller may not be using CHAP, they must configure their
RADIUS server to respond to a CHAP request by requesting PAP
authentication after declining CHAP. This is done during the LCP phase of
creating a PPP session.
Is this doable in freeradius?
> From what I recall, the LDAP module tries to authenticate to the
> LDAP server, usin g the username/password supplied in the packet.
> Therefore, it needs access to the plain-text password, as it's telling
> you.
Running freeradius in debug mode, this is indeed what the LDAP module is
doing. After reading through the section of the FAQ you pointed out, and
the "Interoperation wi� PAP and CHAP" section of RFC2138 I'm starting to
understand what the deal is.
Thanks,
-Shawn
>
> The alternative is to use a DB which stores the password in clear text.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
Shawn K. O'Shea
Sr. Unix Administrator
DSL.net, Inc.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
