Hello,
I'm wondering if any of you can assist me in setting up freeradius to
authenticate MS-Chap requests from a Cisco 2621 Router.
I have configured the users file as:
test Auth-Type:= MS-CHAP, Password == "test"
and enabled mschap under modules and under authentication in the
radiusd.conf file. I have also updated to the latest CVS version as of
10/26/01. The problem is upon receipt of connection I receive the following
debug message:
Ready to process requests.
rad_recv: Access-Request packet from host x.x.x.x:1645, id=109, length=128
NAS-IP-Address = x.x.x.x
NAS-Port = 1
NAS-Port-Type = Virtual
User-Name = "test"
MS-CHAP-Challenge = 0x6628b02356b6ecc3
MS-CHAP-Response =
0x460100000000000000000000000000000000000000000000000099ee2e957540d1cdf62761
1d9329f431a5a0d621758d891b
Service-Type = Framed-User
Framed-Protocol = PPP
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "suffix" returns ok
users: Matched test at 6
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type MS-CHAP
auth: type "MS-CHAP"
modcall: entering group authenticate
rlm_mschap: Attribute "MS-CHAP-Challenge" is required for authentication.
modcall[authenticate]: module "mschap" returns invalid
modcall: group authenticate returns invalid
auth: Failed to validate the user.
Sending Access-Reject of id 109 to x.x.x.x:1645
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 109 with timestamp 3bd9c725
Nothing to do. Sleeping until we see a request.
I apologize if this is a simple fix, but I have been unable to find any
answers as to why MS-Chap is not working properly.
Thank you for your assistance,
Matt
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
