"Jennifer Mehl" <[EMAIL PROTECTED]> wrote: > We are going to implement a wireless LAN and will be using Cisco LEAP > and an existing LDAP directory for authentication to the internal piece > of the wireless network. LEAP requires an MD4 (MS-CHAP) password for > authentication.
Yuck. FreeRADIUS doesn't have LEAP yet, otherwise you could toss Funk completely. ... > | (RADIUS proxy) > FreeRADIUS > (local password file with LDAP username and MS-CHAP password. This > info would be written to the file by a special script invoked when a > user changes their password on our password change web page.) FreeRADIUS can do that, so long as the LEAP packets aren't proxied to it. > Alternatively, if FreeRADIUS can pull the MS-CHAP passwords directly > from LDAP and pass them on to Funk SBR for the LEAP conversation, that > would be fine too. That's generally a bad idea, and I doubt Funk supports doing it. But for less than the price of buying Funk's server, you could probably pay somone to implement LEAP in FreeRADIUS. You could then have a *real* RADIUS server with complete source. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
