Try this again, I hope someone can answer these or at least shed some light.
Been trying to do PAP authentication with the crypt'd password stored in mysql. We, unfortunately have to do PAP. This has been done for the most part and works, but I had to go against what deployingradius.com said w/regards to using Auth-Type as I have not found an alternative that seems to work right. I'm using stock radiusd.conf that comes with 1.1.2, except proxy is set to no. To make this work I added a user to radcheck with a crypt'd password: +----+------------+----------------+----+---------------+ | id | UserName | Attribute | op | Value | +----+------------+----------------+----+---------------+ | 1 | bob | Password | == | test | | 4 | tester | Crypt-Password | == | gmxwp4dfOcHAI | +----+------------+----------------+----+---------------+ In radgroupcheck: +----+-----------+-----------+----+-------+ | id | GroupName | Attribute | op | Value | +----+-----------+-----------+----+-------+ | 1 | default | Auth-Type | := | PAP | | 2 | admin | Auth-Type | := | PAP | +----+-----------+-----------+----+-------+ In radgroupreply: +----+-----------+--------------------+----+---------------------+------+ | id | GroupName | Attribute | op | Value | prio | +----+-----------+--------------------+----+---------------------+------+ | 1 | default | Service-Type | := | Framed-User | 0 | | 2 | default | Framed-Protocol | := | PPP | 0 | | 3 | default | Framed-Compression | := | Van-Jacobsen-TCP-IP | 0 | | 4 | default | Framed-MTU | := | 1500 | 0 | | 5 | admin | Service-Type | := | Administrative-User | 0 | | 6 | default | Framed-Routing | := | None | 0 | | 7 | default | Framed-IP-Netmask | := | 255.255.255.255 | 0 | +----+-----------+--------------------+----+---------------------+------+ and the usergroup table: +----+------------+-----------+ | id | UserName | GroupName | +----+------------+-----------+ | 5 | bob | admin | | 10 | tester | default | +----+------------+-----------+ With this setup user tester can dialup, login and setup a ppp connection and it works. The one main issue is that the user has to be both in the usergroup table and the radcheck table for this to work. Is there a way to just have the username in just radcheck for example? What is needed to setup a default profile for all users to authenticate via PAP w/o having to set auth-type=pap? Is that possible? Thanks for any replies. Keith - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
