"N Murugaiyan" <[EMAIL PROTECTED]> wrote: > I made an access-request with User-Name and CHAP-Password written in a > file with the radclient The server authenticated successfully against > the corresponding Password entry. This means the request has simulated a > NAS-Client's CHAP request and successfully authenticated right?
Yes. > Then in what case is the Challenge/Response used. Read the RADIUS RFC. The challenge use is part of the radius packet. > And I guess rlm_chap module is provided to do the same. And how do I > configure the server to issue challenges (with messages > Access-Challenge)? For CHAP, you don't. It's wrong, and you *can't* configure it to issue challenges. For other authentication mechanisms, see rlm_x99_token. It does x9.9 challenge-response authentication. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
