Hi Tim,

On Jul 17,  1:04pm, Young, Tim wrote:
> Subject: (RADIATOR) "NAK"ing CHAP requests
> Greetings all,
>
> I am looking into a way to identify an access request coming in as CHAP and
> then immediately "NAK"ing it.
Yes, you can do that with a Handler like thisL
s:

<Handler CHAP-Password=/.+/>
        # No authby, so reject
</Handler>

But it seems to us that if you NAK that request, it will result in the user
failing to log in. We dont think your NAS will then try to renegotiate a PAP
login with the user.

Hope that helps.

Cheers.

>
> The reason for this is the ISP's that I am using have a mix of CHAP first
> then PAP and also PAP first and then CHAP in their NAS equipment.
>
> I think what is happening is that we receive the CHAP request, it can't find
> a handler so it ignores the request. We should be NAKing the CHAP and then
> the NAS will send PAP.
>
> Thanks for any help.
>
> Tim Young
> Compuware Corporation
>
>
> ===
> Archive at http://www.thesite.com.au/~radiator/
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>-- End of excerpt from Young, Tim



-- 
Mike McCauley                               [EMAIL PROTECTED]
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, 
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to