At 03:42 PM 6/10/2002 -0400, Enesha Fairluck wrote:
>We don't have access to the cisco in this matter. I just spoke with them on
>the phone again and he assured me this is what will happen: They are
>proxying the radius auth to us. They will present us with a CHAP request,
>if that failes, their radius will fail over to PAP. However we are getting
>taht error instead, and it seems that we are, instead of ignoring their CHAP
>request, sending back an invalid password reply, or some other variant on
>Access-Reject. Is there a way to prevent it from sending that Access-Reject
>when CHAP fails?
PAP and CHAP are negotiated between the NAS and the dialup client. Radius
is not involved in the decision on which protocol is used, as it's already
been negotiated at that point.
In order to work it *MUST* be setup on the NAS as described in the previous
email. There is no other way, unless you write your own dialer software
and don't use Microsoft's DialUp Networking.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
| @ @ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
