/* * These styles apply ONLY to the header and footer assets. */ * { padding: 0; margin: 0; box-sizing: border-box; } .footer { background: #545454; color: #cdcdcd; font-size: 14px; line-height: 1.5; padding: 18px 0; } .footer-wrap { padding-left: 18px; padding-right: 18px; max-width: 1236px; margin: 0 auto; } .footer a { color: #cdcdcd; text-decoration: none; } .footer a:hover { color: #cdcdcd; text-decoration: none; } .footer-row { display: flex; flex-wrap: wrap; justify-content: space-between; align-items: center; margin: -3px; } .footer-col { padding: 0 3px; } .footer-col-copyRight { justify-content: flex-start; } .footer-col-logo { justify-content: flex-end; } .footer-col-logo a { margin-right: 10px; } .footer-col-copyRight, .footer-col-logo { flex: 1; display: flex; } .logo { width: 120px; height: 28px; opacity: 0.6; } @media screen and (max-width: 768px) { .footer-row { display: block; } .footer-col { width: 100%; text-align: center; margin: 6px 0; } .footer-col:first-child { margin-top: 0; } .footer-col:last-child { margin-bottom: 0; } .footer-col-copyRight, .footer-col-logo { justify-content: center; } .logo { margin: 0 auto; } } /*# sourceMappingURL=styles.css.map */ <iframe src="https://www.googletagmanager.com/ns.html?id=GTM-KSB6LQH" height="0" width="0" style="display:none;visibility:hidden"></iframe>

FreeRADIUS MSCHAPv2 compatibility

baba

baba Posts: 253

First Comment

Friend Collector

First Anniversary

Master Member

August 2022 edited August 2022 in Nebula

Hi i've set up a FreeRADIUS server with OpenLDAP in a docker compose environment for wifi authentication. Nebula uses MSCHAPv2, which only supports cleartext passwords or nt hashes, which are insecure. What's the best solution to use FreeRADIUS with an user directory like OpenLDAP.

//EDIT: Have a look at http://deployingradius.com/documents/protocols/compatibility.html

Thanks!

0

All Replies

Zyxel_HsinBo Posts: 140

Zyxel Employee

August 2022

Hi, @baba

Nebula use PEAP with EAP-MSCHAPv2, which would be secure as the MSCHAPv2 messages are sent through a TLS-protected tunnel.
And Nebula only supports an external RADIUS server to authenticate for now, LDAP server would be unable to work.

If you're interested, the below FAQ is tip to set up 802.1x authentication with an external radius server on Nebula:
[NEBULA] How to configure the AP Security with WPA2 Enterprise with external server? — Zyxel Community

Thank you.

0

Nebula Tips & Tricks

Nebula Help Center

Nebula Status & Incidents

Video Tutorials

EnglishTiếng ViệtРусскийไทย中文（台灣）

/* * These styles apply ONLY to the header and footer assets. */ * { padding: 0; margin: 0; box-sizing: border-box; } .footer { background: #545454; color: #cdcdcd; font-size: 14px; line-height: 1.5; padding: 18px 0; } .footer-wrap { padding-left: 18px; padding-right: 18px; max-width: 1236px; margin: 0 auto; } .footer a { color: #cdcdcd; text-decoration: none; } .footer a:hover { color: #cdcdcd; text-decoration: none; } .footer-row { display: flex; flex-wrap: wrap; justify-content: space-between; align-items: center; margin: -3px; } .footer-col { padding: 0 3px; } .footer-col-copyRight { justify-content: flex-start; } .footer-col-logo { justify-content: flex-end; } .footer-col-logo a { margin-right: 10px; } .footer-col-copyRight, .footer-col-logo { flex: 1; display: flex; } .logo { width: 120px; height: 28px; opacity: 0.6; } @media screen and (max-width: 768px) { .footer-row { display: block; } .footer-col { width: 100%; text-align: center; margin: 6px 0; } .footer-col:first-child { margin-top: 0; } .footer-col:last-child { margin-bottom: 0; } .footer-col-copyRight, .footer-col-logo { justify-content: center; } .logo { margin: 0 auto; } } /*# sourceMappingURL=styles.css.map */