(RADIATOR) How to return the challenge with "AuthBy OPIE"?

Hugh Irvine hugh at open.com.au
Thu Nov 4 16:40:45 CST 2004


Hi Ken -

_Sigh_

Now that you mention this I remember that I helped someone else with 
this same problem earlier this year.

I'll ask Mike to put something in the FAQ for future reference.

regards

Hugh


On 5 Nov 2004, at 07:34, Ken Bell wrote:

> Hello Mike and Hugh,
>
> Here's the end to this saga ..
>
> FW-1 requires that an arbitrary "State" attribute be returned by
> the RADIUS server if it is to display a challenge returned by the
> server.  So I added to the "AuthBy OPIE" stanza:
>
>      AddToReplyIfNotExist State="0"
>
> After restarting Radiator, the FW-1 login authentication works as
> it should, presenting the OPIE challenge and then accepting the
> valid OTP.
>
> Thank you very much for your help.
>
>                                                   Ken
> -- 
> Ken Bell :: kenbell at panix.com   :: (212) 475-4976 (voice)
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list