[ previous ] [ next ] [ threads ]
 
 From:  Pete Klein <petek1827 at yahoo dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  PPTP, NT Server, MultiTech Radius and PAP
 Date:  Sat, 3 Mar 2007 00:10:09 -0800 (PST)
Hi,

I am interested in using MultiTech's Radius Server
running on an old NT4 Server box to authenticate my
PPTP requests.  I have everything up and running and
for the most part it works fine.  

However I would like to have the Radius Server use the
NT User Database instead of having to manually enter
each user in Radius Server's own "users" text file. 
According to MultiTech's manual this is possible but I
am unable to get this to work.  

I suspect that the problem is because the Radius
Server can only us PAP as an authentication method
when it uses the NT User Database.  The following is
from MultiTech's manual:

"Note: Only PAP authentication is possible using this
technique. CHAP AUTHENTICATION IS NOT POSSIBLE WITH NT
USER DATABASE."

However based on a previous post (26 Jan 2004), Manuel
stated that Monowall PPTP only uses CHAP for
authentication.

"- What authentication protocol is used on Monowall (
CHAP (M$) or PAP) ?

MD5 CHAP and MS CHAP v1 and v2. I think I'll turn off
MSCHAPv1 in future releases though, because it is also
considered insecure. PAP is plaintext and as such it's
always off."

Is there a way to turn PAP back on?  

Also, is this an issue with the Captive Portal as
well?

Thanks much,

Pete



 
____________________________________________________________________________________
Finding fabulous fares is fun.  
Let Yahoo! FareChase search your favorite travel sites to find flight and hotel bargains.
http://farechase.yahoo.com/promo-generic-14795097