> Josh Howlett <[EMAIL PROTECTED]> wrote:
> > What is the status of encrypted attribute support in Freeradius at the
> > moment? It appears to be broken - has anyone had similar problems?
>
> WHICH encrypted attribute? There's more than one, and there are a
> number of different encryption schemes.
Sorry for the lack of specificity; I am rather new to RADIUS!
My precise problem is this. I have a Microsoft IAS W2K server and a NAS
with a Freeradius proxy in the middle:
IAS <--> Freeradius <--> NAS
The NAS authenticates clients using MSCHAP-v2 and also provides
encryption using MPPE. The NAS can authenticate and retrieve the MPPE
keys via RADIUS from the W2K box without any problems. However, if the
RADIUS transaction is performed via the Freeradius proxy, the NAS
reports problems with de-crypting the MPPE attributes:
decrypt_attr_style_1: bogus decrypted length 89
decrypt_attr_style_1: bogus decrypted length -37
Hence, I can authenticate correctly but not retrieve the MPPE keys when
Freeradius is acting as proxy.
I hope this is clear?
thanks, josh.
------------------------------------------------------------
Josh Howlett, Networking & Digital Communications,
Information Systems & Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED]
------------------------------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
