Have been searching everywhere but can’t find a solution. Running L2tp server with ms-chap v2 authentication. I would like to use external radius server provider which supports PEAP with ms chap v2 passwords OR EAP-TTLS-PAP (ideal solution) for authentication. With both of them mikrotik doesn’t seem to work (or at least I can’t seem to find how to set it up). I’ve found few references on how to do wireless or dot1x but there is nothing for ppp service. It seems that mschapv2 hash simply gets passed through to the radius without the peap encryption. Could someone advise on the following:
- Can ppp service have an option like wireless to choose eap method? (passthrough, PEAP, EAP-TTLS-PAP)?
- Any workaround if #1 is not possible/not available/not planned for near future? Can I somehow add PEAP encapsulation manually to the mikrotik communication with external radius server?
Thank you.
-Oleg