(RADIATOR) SNMP agent, CHAP and Radiator

[Hugh Irvine]

Hello Tunde -

On Fri, 22 Feb 2002 21:35, Tunde Itayemi wrote:
> Hi All,
> Please I have some questions.
> 1. I haven't been able to configure the SNMP agent section of the
> radius.cfg file. the default is:
> SNMP
> <SNMPAgent>
>        rocommunity     RadiatorCommunity
>        Port            162
> </SNMPAgent>
> I have a RedHat 7.2 system (server installation).
> I have taken a look at the snmp configuration file (/etc/snmp/snmpd.conf)
> but can't make head or tail of what modifications to make. If I start
> radiator with the default config, it complians of the "community" entry in
> the radius.cfg file.
>

Have you installed the SNMP_session module? Section 6.14 in the Radiator 2.19 
reference manual ("doc/ref.html").

> 2. Radiator/CHAP/PAP and NASes
> I work for an ISP and we are trying to "migrate" away from Windows 2000
> server as our authentication patform. For now, I have radiator installed on
> a RedHat 7.2 system configured to authenticate against a remote Oracle
> database. My problem is as below. The database contains plaintext user
> passwords. If my users configure their dialups to use CHAP, would I still
> be able to authenticate them correctly? Currently, the Windows 2000 server
> is "properly" configured - under the security tab, when you select RAS
> properties, I have selected PAP alone as the authentication method. a. Now,
> assume the dialup $ VPN connections on my client machines are set up with
> CHAP/MSCHAP, do I need to make any changes?

No - as long as you have have cleartext passwords in your database, PAP, 
CHAP, MS-CHAP are all handled automatically.

>     b. The RAS->Properties->Security->Authentication method->PAP/EAP/CHAP
> etc setting - does it imply the exchange of password data between Win2K and
> Radiator OR user and Win2K OR ALL three?
>

I am not sure what you are referring to here.

> My desired objective is to allow my dialup clients to configure their
> systems to use CHAP, while I keep my Oracle database with user passwords as
> plain text.
>

As long as the passwords in the database are plain text, you can use whatever 
authentication method you like.

regards

Hugh


-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.