From owner-freebsd-isp Tue Jul 9 0:19: 9 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A83B437B400 for ; Tue, 9 Jul 2002 00:19:05 -0700 (PDT) Received: from blue.centerone.com (blue.centerone.com [204.133.183.111]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED08F43E31 for ; Tue, 9 Jul 2002 00:19:04 -0700 (PDT) (envelope-from rforsythe@centerone.com) Received: from DELIVERANCE-XP.centerone.com (hs5-ifw.wiaas.org [65.102.239.61]) by blue.centerone.com (8.9.3/8.9.3) with ESMTP id BAA25895 for ; Tue, 9 Jul 2002 01:33:57 -0600 Message-Id: <5.1.0.14.2.20020709010532.01b80e90@mail.centerone.com> X-Sender: rforsythe@mail.centerone.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Tue, 09 Jul 2002 01:19:03 -0600 To: freebsd-isp@freebsd.org From: Ralph Forsythe Subject: New list member ... and stupid radius questions Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Greetings all, I'm new to the list. And out the door I need to ask some lame questions... I am setting up a small ISP, and as my experience in the past has been under FreeBSD, I'm going with it here. I will be using a 4.6-stable (just updated yesterday) system with a digiboard and a 3com modem chassis (not important really, but just FYI). As for software, I'm planning on mgetty (current from the ports tree) handling the incoming calls. Not a real issue there, the PPP config for that is straightforward enough and has been documented a hundred times. However - I don't want to have this server authenticate from a secrets file or /etc/passwd. We have another server which will handle mail and web hosting among other tasks, and I want it to serve as a central authentication repository. I'm not hell bent on any auth protocol over another (encrypted transmission would be a big plus though) though the two I see most mentioned are RADIUS and LDAP. What I have read suggests that LDAP is a pain in the butt to make work with pppd, and RADIUS is easier; however I have seen 20 different configs for this, some people saying pppd under FreeBSD hates RADIUS, some people saying it works, and that coupled with having spent the last 5 days building servers and troubleshooting various things has my head spinning. I'm not a newbie with RADIUS but I've never set it up with pppd, so... If someone can ignore the stupidity in this and maybe point me to some resources on how to get RADIUS auth working with pppd/mgetty under FreeBSD that they know work (i.e. I have searched Google and the archives, and have seen so many different things I don't know which way to go), I would really appreciate it! Maybe I can save what little sanity I have left... :) Thanks! - Ralph Forsythe rforsythe@centerone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message