Hi Mike, I have given the 3.1 patch a shot but to no effect. The relevant part of my config file is:
<AuthBy DYNADDRESS> Identifier myIPADDRESSauth Allocator mySQLallocator AddToReply Class = %{Reply:Framed-IP-Address} PoolHint %{Reply:PoolHint} MapAttribute yiaddr, Framed-IP-Address MapAttribute subnetmask, Framed-IP-Netmask StripFromReply PoolHint DefaultSimultaneousUse 1 AutoMPPEKeys # policy = 4 (40bit), 2 (128bit), 6 (any) AddToReply MS-MPPE-Encryption-Policy = 2, MS-MPPE-Encryption-Types = 4 </AuthBy> I have also tried adding MS-MPPE-Send-Key and MS-MPPE-Recv-Key to the "AddToReply" clause above with various combinations of MS-MPPE-Encryption-Policy and MS-MPPE-Encryption-Types. Okay, is there anyone on the list that has got this to work please :-) Also, about my other problem, is there anyway to conditionally remove a Reply attribute from the access acccept packet before it is sent? The functional word is "conditionally" Simply stated, after selecting the users record from the database, checking the passwords etc, stripping say the Framed-IP-Address attribute off if it is from say the "192.168.10.x" block. OR alternatively, dynanically changing the PoolHint attribute based on the NAS sending the request? Regards, Tunde I. ----- Original Message ----- From: "Mike McCauley" <[EMAIL PROTECTED]> To: "Hugh Irvine" <[EMAIL PROTECTED]>; "Ayotunde Itayemi" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, August 02, 2002 1:43 AM Subject: Re: Radiator and Windows Encryption > Hello Tunde, > > On Fri, 2 Aug 2002 10:15, Hugh Irvine wrote: > > Hello Tunde - > > > > We have many customers using Windows 2000 and we have many customers > > using Patton RAS, however I don't know if anyone is using both together. > > > > As for the MPPE questions, I have copied Mike on this mail for his > > comments. > > There are some recent patches to the AutoMPPEKeys feature in the Radiator 3.1 > area. They extend AputoMPPEKeys to MSCHAP V2, and also fix an > interoperability problem. These have been tested to be working correctly now > by a number of people. > > Cheers. > > > > > regards > > > > Hugh > > > > On Friday, August 2, 2002, at 12:48 AM, Ayotunde Itayemi wrote: > > > Hi Hugh, Hi All, > > > > > > Please, a straight forward question to everybody: > > > > > > 1. Is there anyone on this mailing list using Radiator and Windows 2000 > > > servers? > > > 2. Is there anyone on this mailing list using Radiator and Patton NASes? > > > > > > If yes to any of the questions above, has anyone implemented RADIUS > > > authentication > > > with MPPE encryption (or any other encryption)? > > > > > > > > > (Hugh) Also, "someone" I mailed suggested that it is likely radiator > > > isn't sending the proper > > > MPPE keys to the Windows box (reason for not doing encryption or being > > > able to connect > > > when client requires encryption) > > > > > > Regards, > > > Tunde Itayemi. > > > > > -- > Mike McCauley [EMAIL PROTECTED] > Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW > 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au > Phone +61 3 9598-0985 Fax +61 3 9598-0955 > > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc > on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc > > > === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.