[pptp-server] Radius Support
Josh Howlett
Josh.Howlett at bristol.ac.uk
Sun Nov 4 06:27:45 CST 2001
On Sat, 3 Nov 2001, Steve Langasek wrote:
> Blake,
>
> On Tue, Oct 30, 2001 at 05:32:57PM -0600, Parker Blake MIS wrote:
> > Does this daemon support user authentication against a radius database?
>
> pptpd does not do authentication, it passes that part off to pppd. If
> you have a pppd server that can authenticate (and accept IP assignments)
> from a RADIUS server, that's all you need. Note that, in order to
> support MPPE encryption in pptp, you must be able to do MSCHAPv2
> authentication over RADIUS. As far as I know, the software to do this
> does not yet exist for Unix, although I'm currently hacking on Linux
> pppd and freeradiusd to provide this support.
>
I've been looking at this myself. The closest someone has come to this
(to my knowledge) is James Maclean (also on this list) with his
crap_chap patch. This consists of a patch against pppd and XTradius.
However, IIRC, this is a bit of a dirty hack that takes some
"short-cuts" :-) (ie. MPPE keys derived at pppd rather than at radiusd).
I would be very interested in helping in this. How far have you got,
and what remains to be done?
josh.
---------------------------------------
Josh Howlett, Network Supervisor,
Networking & Digital Communications,
Information Systems & Computing,
University of Bristol, U.K.
0117 928 7850 | josh.howlett at bris.ac.uk
---------------------------------------
More information about the pptp-server
mailing list