[Samba] authentication question: pptp tunnels for cisco vpn 3000

Andrew Bartlett abartlet at samba.org
Fri Nov 7 10:35:15 GMT 2003


On Sat, 2003-11-01 at 11:35, Justin Kreger wrote:
> I have a Cisco VPN Concentrator 3000, It has the ability to auth PPTP
> tunnels off of a WinNT Domain controler.  Well, I to use my samba3 box
> instead of a WinNT box.  I have samba3 running off of an LDAP back end. 
> Anyway, I setup the VPN Concentrator to auth off of the samba box, and
> when I test it with the test option, and it works, but when I try to
> auth a pptp tunnel, it fails saying the password is wrong.  Any ideas? 
> My vote is for the stupid concentrator to meet some thermite or a metal
> baseball batt.

Any idea what protocols it is using?  Is this a product on WinNT or
CISCO's own OS?  

I suspect it's using radius, for connection to Microsoft's RADIUS
server, but it certainly could get more interesting.  

Get a network trace, and see what's going on.  I seem to have got myself
into the VPN authentication game (see my paper at
http://hawkerc.net/staff/abartlet/comp3700/final-report.pdf for what
I've been up to), so I'm interesting in making the various combinations
here work.  I'll shortly be working on (or working with another
developer on) a plugin for FreeRADIUS to make it authenticate against an
MS domain (or a Samba domain for that matter).  

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20031107/7aa3c808/attachment.bin


More information about the samba mailing list