Date: Mon, 08 Jun 1998 13:24:50 +0200 From: "IBS / Andre Oppermann" <andre@pipeline.ch> To: Andreas Klemm <aklemm@hightek.com> Cc: isp@FreeBSD.ORG Subject: Re: how does PPP CHAP work ? Message-ID: <357BCA02.2F008019@pipeline.ch> References: <19980608115605.21479@hightek.com> <357BB8B1.55C43D5@pipeline.ch> <19980608125031.00463@hightek.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Andreas Klemm wrote: > > On Mon, Jun 08, 1998 at 12:10:57PM +0200, IBS / Andre Oppermann wrote: > > Andreas Klemm wrote: > > No. You have two problems: > > Three ? ;-) Hmm... sometimes I'm a sales person... > > 1. PAP passwords are in clear text > > > > 2. CHAP is not CHAP, there is one CHAP standard and MS-CHAP > > Please read the discussion in Brians newest userland-ppp > > > > 3. CHAP passwords need special handling on the RADIUS server > > (Challenge Handshake Auth Protocol) > > Which special handling on the Radius Server ? Could you please > be more verbose on this ? http://www.merit.edu/aaa/docs/radius-desc.txt http://www.merit.edu/aaa/docs/rfc2138.txt @2.2 > > > A collegue of mine claims, that it would'nt be possible, because > > > CHAP would use a two way handshake, that means, our access router > > > would have to authenticate itself with username and password on > > > the client access router. > > > > No, that depends on your configuration. > > On the access server or radius or both ? On the RADIUS server. -- Andre Oppermann CEO / Geschaeftsfuehrer Internet Business Solutions Ltd. (AG) Hardstrasse 235, 8005 Zurich, Switzerland Fon +41 1 277 75 75 / Fax +41 1 277 75 77 http://www.pipeline.ch ibs@pipeline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?357BCA02.2F008019>