[ previous ] [ next ] [ threads ]
 
 From:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
 To:  "slamp slamp" <slackamp at gmail dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] PECL RADIUS authentication against IAS
 Date:  Mon, 2 Jan 2006 20:35:29 +0100 
Radius communication between server and client isn't 'clear-text'

 

If you want best practice open up a VPN between your m0n0wall and the
VPN server (that is what is recommended by WISPr)

 

J.

 

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be

________________________________

Van: slamp slamp [mailto:slackamp at gmail dot com] 
Verzonden: maandag 2 januari 2006 20:07
Aan: Jonathan De Graeve
Onderwerp: Re: [m0n0wall] PECL RADIUS authentication against IAS

 

well PAP is not really secure and to me the point of using captive
portal is to prevent unauthorized users access to the internet. here is
my take on it, "it's like making long passwords and use ftp when you can
use scp/sftp to transfer files" 

On 1/2/06, Jonathan De Graeve <Jonathan dot De dot Graeve at imelda dot be> wrote:

>http://pecl.php.net/package-changelog.php?package=radius&release=1.2.4
and
>it states that it supports MS-CHAPv1 and MS-CHAPv2. well in my case, 
only
>PAP works with my m0n0wall setup.

It can use these authentication mechanism but it isn't implemented in
the images.

Actually, it was but left out afterwards since we didn't implemented an
option in the GUI to specify which one you want to use (but this could
easily be programmed)

Why would you need these extra authentication mechanisms?

J.

--
Jonathan De Graeve
Network/System Administrator 
Imelda vzw
Informatica Dienst
+32 15/50.52.98
jonathan dot de dot graeve at imelda dot be

---------
Always read the manual for the correct way to do things because the 
number of incorrect ways to do things is almost infinite
---------
-----Oorspronkelijk bericht-----
Van: slamp slamp [mailto:slackamp at gmail dot com]
Verzonden: maandag 2 januari 2006 4:09 
Aan: m0n0wall at lists dot m0n0 dot ch
Onderwerp: [m0n0wall] PECL RADIUS authentication against IAS

I have just upgraded my firmware to *1.21 and saw in the changelog the
following:

*improved RADIUS authentication using PHP's built-in PECL RADIUS support

does this mean that the radius support in m0n0wall has better
authentication
type?

i was looking at this site (not sure if this is the one m0n0wall is 
using)
http://pecl.php.net/package-changelog.php?package=radius&release=1.2.4
and
it states that it supports MS-CHAPv1 and MS-CHAPv2. well in my case, 
only
PAP works with my m0n0wall setup.

thanks for any clarification.