On 20 Mar 02, at 16:33, Alan DeKok wrote: > > Sending Access-Request of id 1 to 194.88.160.4:7002 > > User-Name = "bsd" > > CHAP-Password = > > "\001%\261\337V3C\201\200z\230\376\323b\222\271\357" > ... > > CHAP-Challenge = > > "\203\270\245\364\r\212\372/\247\212X\277\006_\215\031" > > CHAP-Challenge = > > "\203\270\245\364\r\212\372/\247\212X\277\006_\215\031" > > Hmm... two CHAP-Challenge attributes aren't good. > > > rad_recv: Access-Reject packet from host 194.88.160.4:7002, > > id=1, length=20 > > Home server says invalid user: [bsd/<CHAP-Password>] (from nas > > max60 port 17 cli > > Well, that's definitive. Find out why the home server is rejecting > the user. That will help you track down what's happening. > > But off of the top of my head, I'd say having two CHAP challenges in > the packet isn't a good thing.
hm, that may be the problem. But how can i influcence that? If i do radtest to my home-server i get an Access-Accept. If i setup my NAS to directly ask the home-server it works also, even with CHAP. If i use the GRIC-radiusd as a proxy, which we are running until today, it works also with PAP and CHAP. With freeradius as proxy it works only with PAP, but not with chap anymore. So i'm sure that Freeradius is the problem. But how can i influcence the chap-challenges sent as above. Or is that a bug? Sorry, i'm no programmer, so a look into the source doesn't help me really. Is that a bug or can i do anything? Thanks and regards, Bernd ____________________________________________________________ Bernd Sontheimer phone +49 7361 93810 Sontheimer Datentechnik GmbH fax +49 7361 938181 Ulmer Str. 130 e-Mail [EMAIL PROTECTED] 73431 Aalen, Germany http://www.sdt.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
