[ previous ] [ next ] [ threads ]
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Giordano Zambelli <giordano dot zambelli at besafe dot it>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Captive Portal Authentication
 Date:  Mon, 27 Sep 2004 18:26:36 +0200
On 27.09.2004 17:48 +0200, Giordano Zambelli wrote:

> i'm trying to use  Captive Portal with external Radius to
> authenticate my users.
> When I look the radius log, I notice that the authentication
> protocol is PAP.
> Is there a possibility to use another authentication protocol to
> encrypt user name and password?

Contrary to what you may think, the password is not transmitted in
plaintext between m0n0wall and the RADIUS server, but instead the
RADIUS authentication protocol is employed, which utilizes MD5 in
very weird ways. See
/usr/local/captiveportal/radius_authentication.inc and RFC 2865.

- Manuel