Bruce Marriner wrote: > On all examples of setting up FreeRadius with VPN configurations against AD > they all just say to basicly.. change the radiusd.conf file to turn on mppe > in the mschap section and setup winbindd so it works. But I read some place > that I also need EAP or.. PEAP to get this to work.
No. The documentation says that PEAP and Active Directory require ntlm_auth. ntlm_auth && VPN's do not require EAP or PEAP. > I’m not sure if that’s required and that’s my primary question right now? > Does anyone know the specific things I need to setup so freeradius can > authenticate via the ntlm_auth tool back to PPPD? Get ntlm_auth working from the command line. Get ntlm_auth working for a request sent via "radtest". Make sure PPPd isn't using CHAP. It should work. ... > rad_recv: Access-Request packet from host 127.0.0.1:32774, id=123, length=94 > Service-Type = Framed-User > Framed-Protocol = PPP > User-Name = "supersecretuser" > CHAP-Challenge = 0xafd50494421ab0f8cc743432bbd7000278ee8748078c2b > CHAP-Password = 0x8a3ab7e348bc7de701db2207475d474831 Make sure PPPd isn't using CHAP. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
