Hi, > My new setup uses MD5 passwords in Radius, while my old config used > NT-hash. It seems now with radius-eap I have problems authenticating > against the MD5 passwords. It is using eap-mschapv2 and it seems it is > not a supported combination -
This can't work, a server verifying clients with EAP-MSCHAPv2 needs the plain password or the NT-Hash of it. Any other password hash can't work with that protocol. > Can I use other method from strongswan to authenticate against radius > server with md5 passwords? This depends on your client. If you have Windows clients, there is probably no way around EAP-MSCHAPv2 for password authentication. Our EAP-GTC plugin exchanges plain passwords, so you basically could store password with any hash, but no such method is supported by Windows clients (and I don't know about FreeRADIUS). Regards Martin _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users