[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: How to implement two possible passwords? (one for PEAP
From:       "Ivan Kalik" <tnt () kalik ! net>
Date:       2008-04-30 22:25:21
Message-ID: GPwzkKns.1209594321.1617280.tnt () kalik ! co ! yu
[Download RAW message or body]

>From ldap to radius? Probably not. But you can configure TLS encryption
between ldap and radius servers in ldap {} module.

Ivan Kalik
Kalik Informatika ISP


Dana 30/4/2008, "Sergio Belkin" <sebelk@gmail.com> piše:

>Sorry I sent by mistake the earlier message, Thank Ivan now is working
>using that mapping in ldap.attrmap with both PEAP and TTLS. Now my
>question is: is radiusPassword send over network encrypted?
>
>thanks in advance!
>
>
>>  Just map radiusPassword to Cleartext-Password and peap will ignore the
>>  encrypted userPassword and use Cleartext-Password. So, no extra virtual
>>  servers needed. In your ldap.attrmap it's mapped to clrtxtPassword.
>>
>>
>>  >>  >ldap.attrmap
>>  >>  >checkItem       $GENERIC$                       radiusCheckItem
>>  >>  >replyItem       $GENERIC$                       radiusReplyItem
>>  >>  >checkItem   Cleartext-Password       clrtxtPassword
>>  >>  >checkItem       User-Password                   userPassword
>>
>>  -
>>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>
>
>
>
>--
>--
>Open Kairos http://www.openkairos.com
>Watch More TV http://sebelk.blogspot.com
>Sergio Belkin -
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

[prev in list] [next in list] [prev in thread] [next in thread]