Hi. I have a need to implement mschapv2 so that I can use the password expiration feature of the cisco client/vpn concentrator 3000 series.
The problem is, I have no idea how to do this and I can't seem to find what I need on google, and Cisco refuses to help or give me any info... I have a fairly elaborate setup now (thanks to cisco's marketing promises)... I have all of my users in a central LDAP database with a web front end. I currently use xtradius to authenticate the vpn device because it allowed me to write auth scripts in perl. A second instance of radius runs also as an LDAP gateway for dialup auth. The cisco client/device support password expiration via mschapv2 like so: client ----> username/password ---> vpn device ---> radius (NT Server) radius (NT Server) ---> (some attribute) ---> vpn device ---> client (opens dialog for password change) client ----> (password change attributes) ---> vpn device ---> radius (NT Server) The way I want this to look is like so: client ----> username/password ---> vpn device ---> radius --> LDAP (determines expired password) LDAP --> radius ---> (some attribute) ---> vpn device ---> client (opens dialog for password change) client ----> (password change attributes) ---> vpn device ---> radius --> LDAP (password is changed) Is there anyone that knows how to do this or can point me to some good info on how to use the mschapv2 attributes? Additional info: radius/ldap servers: 2xsparc v100, solaris 9 ldap: sun ONE directory v5.1 Thanks. -Jon This message contains information from Equifax Inc. which may be confidential and privileged. If you are not an intended recipient, please refrain from any disclosure, copying, distribution or use of this information and note that such actions are prohibited. If you have received this transmission in error, please notify by e-mail [EMAIL PROTECTED] === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
