(RADIATOR) ACE and callback

Miro Majcen miro at boter.net
Wed Oct 16 03:46:50 CDT 2002


MessageHI,

i am trying to authenticate user trough ACE server and then passing to flat
file for picking attributes. This works ok, but i can't get it working with
callback. Here's the description of the problem i just found on the SecureID
website:

Cause of this problem
Normally, a NAS will cache the username and PASSCODE credentials before
dialling back to the end-user. When the connection is re-made, the NAS will
re-present the cached credentials for authentication. ACE/Server will reject
the authentication attempt since any one PASSCODE can only be used once
only. Note that authentication against a password held in the ACE/Server
will work.

Solution:
Some NAS's can be reconfigured not to re-present the credentials for
authentication.

An alternative (and secure) solution to this issue is to use a toll-free
number. Once the authentication is successful, the end-user will gain access
immediately. This is more secure since the connection is the same one that
was authenticated. If dialback were made to work without reauthentication
(or using cached credentials), there is no guarantee that the new connection
is to the same end point as the one that had made the call previously.

I was wondering is anyone has been able to get callback working on Radiator
with some Cisco 36xx as a NAS and similar configuration.

Thanks !

Miro Majcen




===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list