Hi Nick, I've extensively tested the communications between the Windows Server Network Policy Server and the Guacamole RADIUS module on CentOS using: CentOS Minimal ISO, release 7.6.1810 (Core) Java 1.8.0 (java-1.8.0-openjdk-1.8.0.191.b12-1.el7_6.x86_64) Tomcat 8.5.38 gcc compiler version 7.3.0 (in more detail: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/Guacamole-1-0-0-with-Radius-and-MySQL-Step-by-step-for-Linux-newbies-td4748.html )
In this environment the only successful authentication combination I've been able to get working between the RADIUS module and Windows Server Network Policy Server is PAP. In the catalina.out log the other combinations show either authentication failed messages or internal error messages, and sometimes an MD4 not available message. MD4 seems to be required for CHAP, MSCHAPv1 and MSCHAPv2. In addition, it appears that the more secure compound tunnels that NPS uses (for example, EAP-TLS) all still need CHAP in one form or another. MD4 is no longer included in the JDK hence anything requiring a variation of CHAP fails. Is there any way that I can include MD4 in my JDK or in the build of the RADIUS module ? Thanks. -David -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
