[pptp-server] pppd + pptp + radius

David Luyer david_luyer at pacific.net.au
Sat Mar 9 22:16:47 CST 2002 

There are two solutions.

1.  Using PAM and one of the two PAM RADIUS modules, authenticate via
    RADIUS (one module is pam-lradius, the other is in the base PAM
    distro)

    Caveat: this doesn't get static IPs from RADIUS or do accounting
            via RADIUS.

2.  Using one of the two PortSlave distributions, do authentication,
    IP address allocation, etc from RADIUS.  Combined with something
like
    gated, this can mean your users can authenticate via either the VPN
    or a dialup NAS and get the same IP address.  Accounting is also via
    RADIUS as per dialup NAS's.

    Caveat: you may need to look at the code carefully to ensure
reliable
            traffic accounting and run an exact version of pppd.  I
haven't
            ever tried using a PortSlave PPPd and adding the MSCHAP
patches.

I've done both of these at different places I've worked as well as using
a third option - authenticating via a Bay ERPCD.

David.
--
David Luyer                                     Phone:   +61 3 9674 7525
Network Development Manager    P A C I F I C    Fax:     +61 3 9699 8693
Pacific Internet (Australia)  I N T E R N E T   Mobile:  +61 4 1111 BYTE
http://www.pacific.net.au/                      NASDAQ:  PCNTF


> -----Original Message-----
> From: pptp-server-admin at lists.schulte.org 
> [mailto:pptp-server-admin at lists.schulte.org] On Behalf Of 
> Igor Maciel Macaúbas
> Sent: Sunday, 10 March 2002 2:47 AM
> To: pptp-server at lists.schulte.org
> Subject: [pptp-server] pppd + pptp + radius
> 
> 
> Hi all,
> I use a VPN Solution in my company with pppd / pptp to make 
> Windows machine
> access some restricted areas of my network.
> Since the number of users using this solution is increasing, 
> I need to make
> the VPNServer authenticate into my company radius server.
> I was looking at the internet, and didn't find a lot of 
> solutions .. so I
> need to know if it's possible, and how can I do that.
> If someone have anything that can help me, send :)
> I've been researching this question about 8 months and didn't have any
> answer.
> 
> Thanks,
> Igor
> --
> igor at br.inter.net
> 
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
> 
>

More information about the pptp-server mailing list