|
|
On Aug 2, 2006, at 9:20 AM, Phil Mayers wrote: > > > To repeat: MS-CHAP does not send a password. A correctly-formatted > MS-CHAP RADIUS request looks like this: > > User-Name = "foo" > MS-CHAP-Challenge = 0x13653164236263646... > MS-CHAP-Response = 0x2134646326236246... Yep that is what I am seeing between poptop and the client. > To verify such an MS-CHAP radius request, your radius server must have > access to one of: > > 1. the plaintext password What password? My radius server has has access only to the username/password pairs used to log in to the radius server itself. > If your radius server can genuinely only answer username/password auth > requests e.g. it only has access to unix-passwd-style crypt/md5/sha > for > your users, then you will be unable to use MS-CHAP. It's impossible. I was afraid of that. It looks like radius and MS-CHAP are closely tied together in poptop; where poptop really means pptpd + mppe + pppd. > > This is not really a poptop issue That is what I thought. This leads to another question. Can I use something other than MS-CHAP. My unalterable constraint is that I must use my radius server which uses username/password for authentication. hal ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-08/msg00021.html on line 218 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-08/msg00021.html on line 218 |