(RADIATOR) SNMP agent, CHAP and Radiator
Hugh Irvine
hugh at open.com.au
Fri Feb 22 17:13:33 CST 2002
Hello Tunde -
On Fri, 22 Feb 2002 21:35, Tunde Itayemi wrote:
> Hi All,
> Please I have some questions.
> 1. I haven't been able to configure the SNMP agent section of the
> radius.cfg file. the default is:
> SNMP
> <SNMPAgent>
> rocommunity RadiatorCommunity
> Port 162
> </SNMPAgent>
> I have a RedHat 7.2 system (server installation).
> I have taken a look at the snmp configuration file (/etc/snmp/snmpd.conf)
> but can't make head or tail of what modifications to make. If I start
> radiator with the default config, it complians of the "community" entry in
> the radius.cfg file.
>
Have you installed the SNMP_session module? Section 6.14 in the Radiator 2.19
reference manual ("doc/ref.html").
> 2. Radiator/CHAP/PAP and NASes
> I work for an ISP and we are trying to "migrate" away from Windows 2000
> server as our authentication patform. For now, I have radiator installed on
> a RedHat 7.2 system configured to authenticate against a remote Oracle
> database. My problem is as below. The database contains plaintext user
> passwords. If my users configure their dialups to use CHAP, would I still
> be able to authenticate them correctly? Currently, the Windows 2000 server
> is "properly" configured - under the security tab, when you select RAS
> properties, I have selected PAP alone as the authentication method. a. Now,
> assume the dialup $ VPN connections on my client machines are set up with
> CHAP/MSCHAP, do I need to make any changes?
No - as long as you have have cleartext passwords in your database, PAP,
CHAP, MS-CHAP are all handled automatically.
> b. The RAS->Properties->Security->Authentication method->PAP/EAP/CHAP
> etc setting - does it imply the exchange of password data between Win2K and
> Radiator OR user and Win2K OR ALL three?
>
I am not sure what you are referring to here.
> My desired objective is to allow my dialup clients to configure their
> systems to use CHAP, while I keep my Oracle database with user passwords as
> plain text.
>
As long as the passwords in the database are plain text, you can use whatever
authentication method you like.
regards
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list