[ previous ] [ next ] [ threads ]
 
 From:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
 To:  "slamp slamp" <slackamp at gmail dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] PECL RADIUS authentication against IAS
 Date:  Mon, 2 Jan 2006 20:39:01 +0100
Little typo: VPN server should be RADIUS server ;)

J.

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be
> -----Oorspronkelijk bericht-----
> Van: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> Verzonden: maandag 2 januari 2006 20:35
> Aan: slamp slamp
> CC: m0n0wall at lists dot m0n0 dot ch
> Onderwerp: RE: [m0n0wall] PECL RADIUS authentication against IAS
> 
> Radius communication between server and client isn't 'clear-text'
> 
> 
> 
> If you want best practice open up a VPN between your m0n0wall and the
> VPN server (that is what is recommended by WISPr)
> 
> 
> 
> J.
> 
> 
> 
> --
> Jonathan De Graeve
> Network/System Administrator
> Imelda vzw
> Informatica Dienst
> 015/50.52.98
> Jonathan dot de dot graeve at imelda dot be
> 
> ________________________________
> 
> Van: slamp slamp [mailto:slackamp at gmail dot com]
> Verzonden: maandag 2 januari 2006 20:07
> Aan: Jonathan De Graeve
> Onderwerp: Re: [m0n0wall] PECL RADIUS authentication against IAS
> 
> 
> 
> well PAP is not really secure and to me the point of using captive
> portal is to prevent unauthorized users access to the internet. here
is
> my take on it, "it's like making long passwords and use ftp when you
can
> use scp/sftp to transfer files"
> 
> On 1/2/06, Jonathan De Graeve <Jonathan dot De dot Graeve at imelda dot be> wrote:
> 
>
>http://pecl.php.net/package-changelog.php?package=radius&release=1.2.4
> and
> >it states that it supports MS-CHAPv1 and MS-CHAPv2. well in my case,
> only
> >PAP works with my m0n0wall setup.
> 
> It can use these authentication mechanism but it isn't implemented in
> the images.
> 
> Actually, it was but left out afterwards since we didn't implemented
an
> option in the GUI to specify which one you want to use (but this could
> easily be programmed)
> 
> Why would you need these extra authentication mechanisms?
> 
> J.
> 
> --
> Jonathan De Graeve
> Network/System Administrator
> Imelda vzw
> Informatica Dienst
> +32 15/50.52.98
> jonathan dot de dot graeve at imelda dot be
> 
> ---------
> Always read the manual for the correct way to do things because the
> number of incorrect ways to do things is almost infinite
> ---------
> -----Oorspronkelijk bericht-----
> Van: slamp slamp [mailto:slackamp at gmail dot com]
> Verzonden: maandag 2 januari 2006 4:09
> Aan: m0n0wall at lists dot m0n0 dot ch
> Onderwerp: [m0n0wall] PECL RADIUS authentication against IAS
> 
> I have just upgraded my firmware to *1.21 and saw in the changelog the
> following:
> 
> *improved RADIUS authentication using PHP's built-in PECL RADIUS
support
> 
> does this mean that the radius support in m0n0wall has better
> authentication
> type?
> 
> i was looking at this site (not sure if this is the one m0n0wall is
> using)
> http://pecl.php.net/package-changelog.php?package=radius&release=1.2.4
> and
> it states that it supports MS-CHAPv1 and MS-CHAPv2. well in my case,
> only
> PAP works with my m0n0wall setup.
> 
> thanks for any clarification.
> 
>