(RADIATOR) unix shadow - radiator - win2003 vpn auth?

Hugh Irvine hugh at open.com.au
Thu Dec 22 19:23:07 CST 2005 

Hello Dick -

If you are using PAP (or TTLS-PAP) then your passwords can be stored  
in any format you wish.

The error shown below indicates something amiss with the radius reply  
attributes in the access accept.

Perhaps you could send me a copy of your configuration file and a  
trace 4 debug from Radiator showing what is happening?

Could you also please send me a URL for the VPN server documentation  
- specifically the RADIUS configuration?

regards

Hugh


On 23 Dec 2005, at 00:04, Dick Visser wrote:

> Hi All
>
> We have a Debian server (with local user accounts) that runs  
> Radiator. Our Cisco AP1200's use this server to autenticate  
> wireless 802.1X users.
> Radiator uses the shadow file to check the passwords.
>
> We also have a Windows 2003 server that is used as VPN server.
>
> I have some trouble setting this up, and have no idea how to  
> configure it.
>
> Users seems to authenticate only when PAP is selected, and that  
> forces "No Encryption" on the Windows box, which is not what I want.
> When using PAP, the authentication seems to work OK (I get access  
> granted from the Radiator server), but then my VPN client comes up  
> with:
>
> Error 795: The Tunnel Type Radius atttribute for this user is not  
> correct.
>
> Does anybody have a similar config running?
>
> Thanks,
>
>
> -- 
>   *    ***     Dick Visser         TIENHUIS Networking
>  **   *   *    Touwbaan 68             P: +31206843731
>   *   * ***    1018 HS Amsterdam       F: +31208641420
>   *   * * *    The Netherlands         M: +31622698108
>   *   **  *    IP-phone (SIP)/email:  dick at tienhuis.nl
>   *   *   *    PGP-key: http://www.tienhuis.nl/gpg.txt
>   *   *   *    Webcam: http://www.tienhuis.nl/cam2.asx
>  ***   ***
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list