search

jimdigriz / freeradius-oauth2-perl

FreeRADIUS OAuth2 (OpenID Connect) using rlm_perl
GNU Affero General Public License v3.0
127 stars 35 forks source link

<EAP MSCHAPV2 #26

Closed AfBrainPlus closed 2 years ago

AfBrainPlus commented 2 years ago

How can I get the system to work with MSCHAPV2?

jimdigriz commented 2 years ago

From literally the second paragraph of the readme...

you must use EAP-TTLS/PAP

You can't, also why would you want to? MSCHAPv2 is practically no more secure than PAP.

AfBrainPlus commented 2 years ago

It’s needed for our VPN on Ubiquiti UniFi Udm Pro

http://www.facebook.com/brain.plus.training

Yours sincerely / Med venlig hilsen Asger Frisgård QA Specialist and IT administrator

(+45) 53 63 02 89

BRAIN+ A/S Købmagergade 53, third floor DK-1150 Copenhagen K

www.brain-plus.com www.twitter.com/TheBrainPlus www.facebook.com/brain.plus.traininghttp://www.facebook.com/brain.plus.training https://aka.ms/o0ukef

Fra: Alexander Clouter @.> Sendt: Monday, June 13, 2022 10:28:51 PM Til: jimdigriz/freeradius-oauth2-perl @.> Cc: Asger Frisgård @.>; Author @.> Emne: Re: [jimdigriz/freeradius-oauth2-perl] <EAP MSCHAPV2 (Issue #26)

From literally the second paragraph of the readme...

you must use EAP-TTLS/PAPhttps://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FExtensible_Authentication_Protocol%23EAP_Tunneled_Transport_Layer_Security_(EAP-TTLS)&data=05%7C01%7Caf%40brain-plus.com%7Ccf74492c750b4088201008da4d7b5493%7Cf2f9babfec61480d81d3c163d28ca06a%7C0%7C0%7C637907489339429350%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=8MWw1tYw5QhrFFJ5dPEdlGGb0Tb26NI%2FdADAqi3chXg%3D&reserved=0

You can't, also why would you want to? MSCHAPv2 is practically no more secure than PAP.

— Reply to this email directly, view it on GitHubhttps://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fjimdigriz%2Ffreeradius-oauth2-perl%2Fissues%2F26%23issuecomment-1154396609&data=05%7C01%7Caf%40brain-plus.com%7Ccf74492c750b4088201008da4d7b5493%7Cf2f9babfec61480d81d3c163d28ca06a%7C0%7C0%7C637907489339429350%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=RAgT3yCWMgx1BHVYNU2u3UiRHnj6TOVNn0jnlh82ajw%3D&reserved=0, or unsubscribehttps://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAY2CTKMZZELVRJV2CRENRCTVO6KYHANCNFSM5YVC2DNA&data=05%7C01%7Caf%40brain-plus.com%7Ccf74492c750b4088201008da4d7b5493%7Cf2f9babfec61480d81d3c163d28ca06a%7C0%7C0%7C637907489339429350%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=GcV%2FV7hiOGX24RSZj60H0WxMGBwnwEFVEwedV1mhRug%3D&reserved=0. You are receiving this because you authored the thread.Message ID: @.***>

jimdigriz commented 2 years ago

You probably should speak to Ubiquiti on how to make their VPN work with PAP, you did pay them for the equipment and support. Good luck!