[pptp-server] Hacked MS-Chap-V2 into Cistron and pppd - But need more

[TechServ]

Hi Folks,

I have a radiusclient callout from a _hacked_ ppp2.3.10 that gets
successfully authenticated by a _hacked_ ICradius(cistron+mysql) server
using the MS-Chap-v2 authentication goodies. This is truly an ugly hack
that I would not even show myself at this time. I know little about
radius and pppd at this level, and now realize I need to send accouting
info (start/stop) to be 
_more_ correct.

My goal is as I presented before:

. I would like to have remote linux boxes that are used to allow my
users to authenticate to. This would be via pptpd
. the user would always get the same IP, be given rules and QoS
bandwidth settings.
. the home(central) box would open access using ipchains only to
resources they are allowed to access.

Basically stated, users authenticate to the network, instead of to a
resource. Access is centrally dished out.

My hopes were to use a radiusd server at the home machine, connect to
remote linux boxes securely using VTUN. Run pptpd at thos sites, using a
special pppd which uses the central home box to chap authenticate users.
Then ip-up rules at the remote boxes per user, and add the
routes/rules/QoS locally with some call out from the radiusd server.

So I am curious if I am the single person out there interested in this
type of secure network? Or is there already an accepted way to implement
this? Or is there other work under way to which I could participate in?

If nothing else, is there a good FAQ/HowTo that would show me how I am
_supose_ to code a radius client access? The radiusclient sources exist,
but I feel I am coding without enough background. Is there an acceptable
way to call-out from radiusd, or is that not anything that radiusd's
should do? Possibly I must hack on Xtradius?

thanks for any help anyone is willing to provide,
JES