From owner-freebsd-isp  Fri Feb 13 07:34:18 1998
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA09149
          for freebsd-isp-outgoing; Fri, 13 Feb 1998 07:34:18 -0800 (PST)
          (envelope-from owner-freebsd-isp@FreeBSD.ORG)
Received: from www3.shellnet.co.uk (www3.shellnet.co.uk [194.129.209.14])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA09082
          for <freebsd-isp@freebsd.org>; Fri, 13 Feb 1998 07:34:10 -0800 (PST)
          (envelope-from ircadmin@shellnet.co.uk)
Received: from mailhost.shellnet.co.uk (mailhost.shellnet.co.uk [194.129.209.3])
	by www3.shellnet.co.uk (8.8.7/8.8.8) with SMTP id PAA03912
	for <freebsd-isp@freebsd.org>; Fri, 13 Feb 1998 15:32:52 GMT
Received: by mailhost.shellnet.co.uk with MERCUR-SMTP/POP3-Server (v2.10) for <freebsd-isp@freebsd.org> at Fri, 13 Feb 98  15:32:43 +0000
From: "Steven Fletcher (Shellnet IRC administrator)" <ircadmin@shellnet.co.uk>
To: <freebsd-isp@FreeBSD.ORG>
Subject: RADIUS for BSDi running under FreeBSD
Date: Fri, 13 Feb 1998 15:34:51 -0000
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4
Importance: Normal
Message-Id: <98021315324314200@mailhost.shellnet.co.uk>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Dear gurus.....

I am trying swap all of my dial up users over to a RADIUS authentication
system so that we no longer need to have 150 users on our Windows NT box
(Service Pack 3 + RRAS with a Hotfix). I installed and ran Livingston RADIUS
2.0.1 for BSDi onto my FreeBSD v2-2-5 box and then proceeded to make the
following entry into my /etc/raddb/users file:

dud	Password = "dud",
	Service-Type = Framed-User,
	Framed-Protocol = PPP

Then I proceeded to configure my NT box to use the RADIUS authentcation
system (it's running RAS and allowing it to accept clear text passwords. By
dialing up with a Windows 95 computer (set to not "Require Encrypted
Passwords") we saw the NT box talking to the BSD box as follows:

Fri Feb 13 13:45:14 1998: [1270] radrecv: Request from host <NT IP> code=1,
id=2, length=82
Fri Feb 13 13:45:14 1998: [1270] User-Name = "dud"
Fri Feb 13 13:45:14 1998: [1270] CHAP-Challenge =
"Yb\201\365\301~\024\221\220Z\341\320\2058\275\001"
Fri Feb 13 13:45:14 1998: [1270] CHAP-Password = ""
Fri Feb 13 13:45:14 1998: [1270] NAS-Port = 0
Fri Feb 13 13:45:14 1998: [1270] Framed-Protocol = PPP
Fri Feb 13 13:45:14 1998: [1270] NAS-Identifier = "<NT's NetBIOS name>"
Fri Feb 13 13:45:14 1998: [1303] Sending Reject of id 2 to <NT domain name>
(<NT IP>)

And then the NT box then drops the connection.

Has anyone _ever_ got UN*X RADIUS to work with an NT client - if anyone can
help I'd be most grateful - or would it be possible for somone to forward
some configuration files ?

Thanks in Advance;

Steven Fletcher - Shellnet
ircadmin@shellnet.co.uk


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message