IAS Radius MD5 support

D

Doug Griesbaum

I have an instagate-xsp firewall/vpn appliance that also
allows me to attach modems to it to allow dial-in
access. When a user VPN/Dial-in to the appliance I have
it auth against a Win2000 IAS service. When the user
VPN's in the appliance will auth to the Radius box with
MS-CHAPv2 and lets the user log into the network. If the
user dials in the appliance uses MD5-CHAP and the Radius
box will reject the same user who has access on VPN. Any
ideas. The appliance is using Rad Hat 7.3 as it's base
OS.

Thanks, Doug
 
S

Sam Salhi [MSFT]

You will need to enable Reversible Encryption on your domain
check http://www.microsoft.com/vpn for details

One piece of advice, Enable MSCHAPv2 for both (vpn&dialup), it's easier to
set up, more secure, and works great.
 
G

Guest

I have read through the information in the link below but am still having problems. I have a Windows NT 4.0 domain with with PDC and BDC. The Windows 2000 server is a member of the WinNT4.0 domain. How do I enable reversible encryption on the NT 4.0 domain to auth to the Windows2000 IAS server using MD5-CHAP

Thank
Dou

----- Sam Salhi [MSFT] wrote: ----

You will need to enable Reversible Encryption on your domai
check http://www.microsoft.com/vpn for detail

One piece of advice, Enable MSCHAPv2 for both (vpn&dialup), it's easier t
set up, more secure, and works great
 
S

Sam Salhi [MSFT]

try:
http://support.microsoft.com/default.aspx?scid=kb;us;197506



--
===========================================================
This posting is provided "AS IS" with no warranties and confers no rights
===========================================================


Doug Griesbaum said:
I have read through the information in the link below but am still having
Click to expand...
problems. I have a Windows NT 4.0 domain with with PDC and BDC. The
Windows 2000 server is a member of the WinNT4.0 domain. How do I enable
reversible encryption on the NT 4.0 domain to auth to the Windows2000 IAS
server using MD5-CHAP?
Thanks
Doug

----- Sam Salhi [MSFT] wrote: -----

You will need to enable Reversible Encryption on your domain
check http://www.microsoft.com/vpn for details

One piece of advice, Enable MSCHAPv2 for both (vpn&dialup), it's easier to
set up, more secure, and works great.

--
===========================================================
This posting is provided "AS IS" with no warranties and confers no rights
===========================================================


Doug Griesbaum said:
I have an instagate-xsp firewall/vpn appliance that also
allows me to attach modems to it to allow dial-in
access. When a user VPN/Dial-in to the appliance I have
it auth against a Win2000 IAS service. When the user
VPN's in the appliance will auth to the Radius box with
MS-CHAPv2 and lets the user log into the network. If the
user dials in the appliance uses MD5-CHAP and the Radius
box will reject the same user who has access on VPN. Any
ideas. The appliance is using Rad Hat 7.3 as it's base
OS.
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Does anyone has the experience using IAS (internet authentication service) server? 1
RADIUS, IAS, and WiFi Authentication 2
Configure IAS RADIUS to work on Cisco Devices 2
IAS RADIUS auth multiple domains 2
IAS and RADIUS Authentication 2
IAS/RADIUS error on some XPsp2 clients 1
2 Issues with Remote Desktop Incoming Connections 0
WTD: Nvidia Videocard for 4x AGP Slot 0

Top