Discussion:
MS-MPPE encryption required flag disable?
(too old to reply)
t***@gmail.com
2008-08-07 21:06:38 UTC
Permalink
Hey there,

I am troubleshooting a RADIUS auth problem between IAS and a
Fortigate. Fortinet has not been able to help and says the problem is
on the server.

We've both done some packet sniffing and we see the primary difference
between my server and their server is that mine is sending the flag
that MS-MPPE is required.

Is there a way to turn that off to narrow out this as being the
problem?

Cheers,

m
S. Pidgorny <MVP>
2008-08-09 00:12:14 UTC
Permalink
Please elaborate?
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by t***@gmail.com
Hey there,
I am troubleshooting a RADIUS auth problem between IAS and a
Fortigate. Fortinet has not been able to help and says the problem is
on the server.
We've both done some packet sniffing and we see the primary difference
between my server and their server is that mine is sending the flag
that MS-MPPE is required.
Is there a way to turn that off to narrow out this as being the
problem?
Cheers,
m
t***@gmail.com
2008-08-11 12:08:56 UTC
Permalink
Post by S. Pidgorny <MVP>
Please elaborate?
I'd like to, but I am unsure what to provide you. In essence, when
looking at packets sent from the 2003 Server running IAS, a flag for
MS-MPPE encryption required (2, I believe) is sent to the RADIUS
client (Fortigate 60a). Configured on a stock 2003 Server running IAS,
that flag does not appear in the IAS response. I am unsure how to turn
off the MS-MPPE encryption requirement. If you would like to see the
actual packet trace, I can post it.

Cheers,

Mike...

Loading...