Thanks, Thomas
-- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.5.7 - Release Date: 3/1/2005
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I am in the process of setting up a Samba PDC. All user info is
stored in LDAP. All users also have a matching SHAA hashed UNIX
password that is also stored in LDAP. I have all of that set up and it's
working fine. The other thing that I want to do is allow users to use
this username and password for VPN access. It is currently configured to
use PAP (in a test scenario) and seems to work well, however I am
concerned about password encryption between the RADIUS client and RADIUS
server and was hoping someone could offer an alternaitve or advice. Our
current setup consists of our main firewall running l2tpd and openswan.
RADIUS, LDAP, and Samba are all running on a seperate server. When using
PAP, the password is sent in clear text. The password is sent through
the VPN to the firewall, so it's never exposed to the internet but
passwords must be encrypted even when sent inside our LAN. I would like
to use mschap v2, but it seems that it will not work with LDAP, is this
correct? If I cannot use mschap v2, is there another way to encrypt the
passwords or use some sort of challenge authentication?
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- Re: freeradius and LDAP Thomas Simmons
- Re: freeradius and LDAP Alan DeKok
- Re: freeradius and LDAP Beast
