I have the same issue - was there a solution? (I know this is an old topic, but, someone...?)
I am trying to use RADIUS at my VPN Server to authenticate to ROPII.
That is, my setup: Client(Win7VPN)----> VPN_ROUTER(VYATTA)--->RADIUS SERVER (ROPII)
I am using the Windows 7 VPN client, and using L2TP with IPSEC. The IPSEC link is connecting, securing my connection. I have the L2TP Authentication mode set to use PAP, and am sending
Username@domain.com in the Username field, and password+OTP in the password field.
Via the ROPII logs, I can see that the request is being received by the ROPII server, but the OTP is being truncated - max length of password+OTP is exactly 48 characters - any additional characters are not being received, and hence, the OTP validation is failing.
I have the ROPII machine correctly validating the OTP's when sent to it via a pGina login, but I am trying to set it up so that I can incorporate the OTP into the VPN connection, and remove the need for pGina. I am using Ipsec/L2TP so that IPSEC encrypts the transmission first, so I can use PAP to send the passwords in clear text (so that the OTP is not altered in transmission) without compromising my security.
It is all working, except that, because the OTP is being truncated, I cannot succeed in having the OTP validated by ROPII.
Does anyone know what it is that is truncating my password+OTP to 48 characters? Is it the MSWindows VPN client? The RADIUS protocol? ROPII (surely not!) ?
I suspect the client, however I can find no documentation suggesting a limit on password length, and Adam, (who started this post) has (had?) the same issue with OpenVPN - so, maybe the client is innocent after all?
I am
this close to a great solution, and this truncation issue is infuriating...
Login
FAQ
Search
.
