(RADIATOR) EAP_LEAP_MSCHAP_Convert
Ingvar Berg (LI/EAB)
ingvar.berg at ericsson.com
Wed Jan 18 09:39:21 CST 2006
> -----Original Message-----
> From: owner-radiator at open.com.au
> [mailto:owner-radiator at open.com.au] On Behalf Of Joe Honnold
> Sent: den 18 januari 2006 15:09
> To: radiator at open.com.au
> Subject: (RADIATOR) EAP_LEAP_MSCHAP_Convert
>
> I read thru the release notes for 3.14 came across the
> EAP_LEAP_MSCHAP_Convert section.
>
> "Added new parameter EAP_LEAP_MSCHAP_Convert that converts
> incoming LEAP requests to conventional Radius-MSCHAP requests
> that can then be handled locally or proxied to a remote
> Radius server that cannot handle LEAP, but which can handle
> Radius-MSCHAP. Also added example config file
> goodies/eap_leap_proxy.cfg. Requested by Michael Ting."
>
> I am interested in this as I think it may solve an issue I
> have with LEAP using LDAP authentication.
> When working on LEAP authentication I hit the limitation that
> LDAP passwords need to be stored in clear text.
> Is it possible the EAP_LEAP_MSCHAP_Convert would solve this issue?
>
> 1. LEAP request is recieved.
> 2. Radiator using EAP_LEAP_MSCHAP_Convert makes the request
> a standard Radius-MSCHAPV2 request.
> 3. The request is handled locally or passed to another
> Radiator server that does Radius-MSCHAPV2 via LDAP.
>
> What am I missing?
The problem is that MSCHAP, like any other CHAP, needs the pw in clear.
/Ingvar
> TIA
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au To
> unsubscribe, email 'majordomo at open.com.au' with 'unsubscribe
> radiator' in the body of the message.
>
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list