Hello,
have you tried this
CONFIGURING MULTIOTP WITH TEKRADIUS OR TEKRADIUS LT UNDER WINDOWS
TekRADIUS supports a Default Username to be used when a matching user profile cannot be found for an incoming RADIUS authentication request. So a quick and easy way is to create in the TekRADIUS Manager a User named 'Default' that belongs to the existing 'Default' Group. Then add to this Default user the following attribute : Check External-Executable C:\multitop\multiotp.exe %ietf|1% %ietf|2% -chap-challenge=%ietf|60% -chap-password=%ietf|3% -ms-chap-challenge=%msoft|11% -ms-chap-response=%msoft|1% -ms-chap2-response=%msoft|25%
Some values can go back to TekRADIUS:
a) Set the right format options for TekRADIUS: multiotp -config radius-reply-attributor="=" radius-reply-separator="crlf"
b) Set multiOTP to send back to TekRADIUS the clear (non encrypted) authentication: multiotp -config clear-otp-attribute="ietf|2"
c) Set multiOTP to send back to TekRADIUS the group of the authenticated user: multiotp -config group-attribute="ietf|11"
Source : https://github.com/multiOTP
Comments