Thank you for your answer, but it didn't help me.
So I want to detail my configuration to you
1. My NAS is a Mikrotik, last version 2.6.10
2. If I try to authenticate from win2000, winXP or Linux with users from
radius (password stored in mysql in clear text) , mschap returns OK and the
users logs in.
3. If I try to authenticate from win98se with users from radius,
mschap (password stored in mysql in clear text) returns OK and win98se says:
the computer you're dayling in does not suport the data encription
requirements specified.
4. If I try to authenticate from winXP, win98se or Linux with users from
Mikrotik, mschap returns OK and the users logs in.
5. My radius configuration is:
mschap {
authtype = MS-CHAP
use_mppe = yes
require_encryption = no
require_strong = no
}
authorize {
sql
chap
mschap
files
}
authenticate {
authtype CHAP {
chap
}
authtype MS-CHAP {
mschap
}
}
6. My radius debug for a failing attempting to log from win98se is:
As you can see mschap return OK, but the user doesn't logs in
rad_recv: Access-Request packet from host 192.168.250.20:1047, id=66, length=181
Thread 1 assigned request 0
SMUX connect try 1
Thread 1 handling request 0, (1 handled so far)
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Identifier = "MikroTik"
NAS-Port-Type = Ethernet
Calling-Station-Id = "00:D0:09:85:81:9C"
Called-Station-Id = "service1"
NAS-Port-Id = "ether1"
User-Name = "victor"
MS-CHAP2-Response =
0x81008bd69f59e65d59c4c5f11c31fafdc1c40000000000000000fd80c174db91b4b92eebf9a3ae762824eee13e50660f520b
MS-CHAP-Challenge = 0x2846e077175f48d97b1213b66f469f1f
NAS-IP-Address = 192.168.250.20
modcall: entering group authorize
rad_check_password: Found Auth-Type MS-CHAP
auth: type "MS-CHAP"
modcall: entering group authtype
rlm_mschap: doing MS-CHAPv2 with NT-Password
Login OK: [victor] (from client mikrotik port 0 cli 00:D0:09:85:81:9C)
Sending Access-Accept of id 66 to 192.168.250.20:1047
Framed-IP-Address == 80.97.25.107
Acct-Status-Type = Start
Framed-Protocol = PPP
Framed-Compression = None
MS-CHAP2-Success =
0x81533d38323241413635453236384644353135323932454143343141353036394237423844303042313535
MS-MPPE-Recv-Key =
0xc5c2edf244b7466a17bbf1ef13e1ed09cbd01603315a08bd50057ea3c763917bdc97
MS-MPPE-Send-Key =
0xc5c1797050dee33951e26db5d724f11b08084e842294b3ca58611eb1106ede825087
MS-MPPE-Encryption-Policy = 0x00000001
MS-MPPE-Encryption-Types = 0x00000006
Thread 2 handling request 1, (1 handled so far)
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Identifier = "MikroTik"
Acct-Session-Id = "544"
User-Name = "victor"
Acct-Authentic = RADIUS
Framed-IP-Address = 80.97.25.107
Class = 0x
NAS-Port-Type = Ethernet
NAS-Port-Id = "ether1"
Calling-Station-Id = "00:D0:09:85:81:9C"
Called-Station-Id = "service1"
Acct-Status-Type = Start
NAS-IP-Address = 192.168.250.20
7. My win98se is patch with dun. His log for raspppoe says:
02-17-2031 11:17:06.32 - Microsoft Dial Up Adapter log opened.
02-17-2031 11:17:06.32 - Server type is PPP (Point to Point Protocol).
02-17-2031 11:17:06.32 - FSA : Software compression disabled.
02-17-2031 11:17:06.32 - FSA : Protocol not bound - skipping control
protocol 803f (NBFCP).
02-17-2031 11:17:06.32 - FSA : Adding Control Protocol 8021 (IPCP) to
control protocol chain.
02-17-2031 11:17:06.32 - FSA : Protocol not bound - skipping control
protocol 802b (IPXCP).
02-17-2031 11:17:06.32 - FSA : Adding Control Protocol c029 (CallbackCP) to
control protocol chain.
02-17-2031 11:17:06.32 - FSA : Encrypted Password required.
02-17-2031 11:17:06.32 - FSA : Encrypted Password required.
02-17-2031 11:17:06.32 - FSA : Adding Control Protocol c223 (CHAP) to
control protocol chain.
02-17-2031 11:17:06.32 - FSA : Adding Control Protocol c021 (LCP) to control
protocol chain.
02-17-2031 11:17:06.32 - LCP : Callback negotiation enabled.
02-17-2031 11:17:06.32 - LCP : Layer started.
02-17-2031 11:17:06.32 - PPP : Transmitting Control Packet of length: 19
02-17-2031 11:17:06.32 - Data 0000: c0 21 01 01 00 11 05 06 | .!......
02-17-2031 11:17:06.32 - Data 0008: 00 08 48 9d 07 02 08 02 | ..H.....
02-17-2031 11:17:06.32 - Data 0010: 0d 03 06 00 00 00 00 00 | ........
02-17-2031 11:17:06.32 - PPP : Received Control Packet of length: 21
02-17-2031 11:17:06.32 - Data 0000: c0 21 01 01 00 13 03 05 | .!......
02-17-2031 11:17:06.32 - Data 0008: c2 23 81 01 04 05 d4 05 | .#......
02-17-2031 11:17:06.32 - Data 0010: 06 05 7e f8 5f 00 00 00 | ..~._...
02-17-2031 11:17:06.32 - LCP : Received and accepted authentication protocol
c223 (CHAP).
02-17-2031 11:17:06.32 - LCP : Received and accepted MRU of 1492.
02-17-2031 11:17:06.32 - LCP : Received and accepted magic number 57ef85f.
02-17-2031 11:17:06.32 - PPP : Transmitting Control Packet of length: 21
02-17-2031 11:17:06.32 - Data 0000: c0 21 02 01 00 13 03 05 | .!......
02-17-2031 11:17:06.32 - Data 0008: c2 23 81 01 04 05 d4 05 | .#......
02-17-2031 11:17:06.32 - Data 0010: 06 05 7e f8 5f 00 00 00 | ..~._...
02-17-2031 11:17:06.32 - PPP : Received Control Packet of length: 13
02-17-2031 11:17:06.32 - Data 0000: c0 21 04 01 00 0b 0d 03 | .!......
02-17-2031 11:17:06.32 - Data 0008: 06 07 02 08 02 00 00 00 | ........
02-17-2031 11:17:06.32 - LCP : Received configure reject for callback
control protocol option.
02-17-2031 11:17:06.32 - LCP : Received corrupted configure reject for option 7.
02-17-2031 11:17:09.31 - PPP : Transmitting Control Packet of length: 16
02-17-2031 11:17:09.31 - Data 0000: c0 21 01 02 00 0e 05 06 | .!......
02-17-2031 11:17:09.31 - Data 0008: 00 08 48 9d 07 02 08 02 | ..H.....
02-17-2031 11:17:09.31 - PPP : Received Control Packet of length: 10
02-17-2031 11:17:09.31 - Data 0000: c0 21 04 02 00 08 07 02 | .!......
02-17-2031 11:17:09.31 - Data 0008: 08 02 00 00 00 00 00 00 | ........
02-17-2031 11:17:09.31 - LCP : Received configure reject for protocol field
compression option.
02-17-2031 11:17:09.31 - LCP : Received configure reject for address field
compression option.
02-17-2031 11:17:09.31 - PPP : Transmitting Control Packet of length: 12
02-17-2031 11:17:09.31 - Data 0000: c0 21 01 03 00 0a 05 06 | .!......
02-17-2031 11:17:09.31 - Data 0008: 00 08 48 9d 00 00 00 00 | ..H.....
02-17-2031 11:17:09.31 - PPP : Received Control Packet of length: 21
02-17-2031 11:17:09.31 - Data 0000: c0 21 01 01 00 13 03 05 | .!......
02-17-2031 11:17:09.31 - Data 0008: c2 23 81 01 04 05 d4 05 | .#......
02-17-2031 11:17:09.31 - Data 0010: 06 05 7e f8 5f 00 00 00 | ..~._...
02-17-2031 11:17:09.31 - LCP : Received and accepted authentication protocol
c223 (CHAP).
02-17-2031 11:17:09.31 - LCP : Received and accepted MRU of 1492.
02-17-2031 11:17:09.31 - LCP : Received and accepted magic number 57ef85f.
02-17-2031 11:17:09.31 - PPP : Transmitting Control Packet of length: 21
02-17-2031 11:17:09.31 - Data 0000: c0 21 02 01 00 13 03 05 | .!......
02-17-2031 11:17:09.31 - Data 0008: c2 23 81 01 04 05 d4 05 | .#......
02-17-2031 11:17:09.31 - Data 0010: 06 05 7e f8 5f 00 00 00 | ..~._...
02-17-2031 11:17:09.31 - PPP : Received Control Packet of length: 12
02-17-2031 11:17:09.31 - Data 0000: c0 21 02 03 00 0a 05 06 | .!......
02-17-2031 11:17:09.31 - Data 0008: 00 08 48 9d 00 00 00 00 | ..H.....
02-17-2031 11:17:09.31 - LCP : Layer up.
02-17-2031 11:17:09.31 - CHAP : Layer started.
02-17-2031 11:17:09.32 - PPP : Received Control Packet of length: 31
02-17-2031 11:17:09.32 - Data 0000: c2 23 01 01 00 1d 10 aa | .#...�..
02-17-2031 11:17:09.32 - Data 0008: 2f 83 2d fe 0f f1 98 8c | /.-.....
02-17-2031 11:17:09.32 - Data 0010: ec 15 52 17 3e de aa 4d | .�R�>..M
02-17-2031 11:17:09.32 - Data 0018: 69 6b 72 6f 54 69 6b 00 | ikroTik.
02-17-2031 11:17:09.32 - PPP : Transmitting Control Packet of length: 62
02-17-2031 11:17:09.32 - Data 0000: c2 23 02 01 00 3c 31 6a | .#...<1j
02-17-2031 11:17:09.32 - Data 0008: d0 64 65 00 1e c3 f3 ab | .de.�...
02-17-2031 11:17:09.32 - Data 0010: 83 0d 06 fd 91 30 25 00 | .....0%.
02-17-2031 11:17:09.32 - Data 0018: 00 00 00 00 00 00 00 54 | .......T
02-17-2031 11:17:09.32 - Data 0020: 86 ae 7b 6f 60 9e fd 3c | ..{o`..<
02-17-2031 11:17:09.32 - Data 0028: 52 e1 eb 1b 48 ca 31 5a | R..�H.1Z
02-17-2031 11:17:09.32 - Data 0030: a6 40 f2 34 ec cd 58 04 | [email protected].
02-17-2031 11:17:09.32 - Data 0038: 76 69 63 74 6f 72 00 00 | victor..
02-17-2031 11:17:09.33 - PPP : Received Control Packet of length: 49
02-17-2031 11:17:09.33 - Data 0000: c2 23 03 01 00 2f 81 53 | .#.../.S
02-17-2031 11:17:09.33 - Data 0008: 3d 33 30 33 38 45 44 30 | =3038ED0
02-17-2031 11:17:09.33 - Data 0010: 39 44 41 42 35 46 44 46 | 9DAB5FDF
02-17-2031 11:17:09.33 - Data 0018: 32 39 33 34 37 37 46 45 | 293477FE
02-17-2031 11:17:09.33 - Data 0020: 46 32 32 36 38 30 42 31 | F22680B1
02-17-2031 11:17:09.33 - Data 0028: 36 30 45 33 32 43 41 39 | 60E32CA9
02-17-2031 11:17:09.33 - Data 0030: 32 00 00 00 00 00 00 00 | 2.......
02-17-2031 11:17:09.33 - CHAP : Login was successful.
02-17-2031 11:17:09.34 - Remote access driver is shutting down.
02-17-2031 11:17:09.34 - CRC Errors 0
02-17-2031 11:17:09.34 - Timeout Errors 0
02-17-2031 11:17:09.34 - Alignment Errors 0
02-17-2031 11:17:09.34 - Overrun Errors 0
02-17-2031 11:17:09.34 - Framing Errors 0
02-17-2031 11:17:09.34 - Buffer Overrun Errors 0
02-17-2031 11:17:09.34 - Incomplete Packets 0
02-17-2031 11:17:09.34 - Bytes Received 171
02-17-2031 11:17:09.34 - Bytes Transmittted 163
02-17-2031 11:17:09.34 - Frames Received 7
02-17-2031 11:17:09.34 - Frames Transmitted 6
02-17-2031 11:17:09.34 - LCP : Layer down.
02-17-2031 11:17:09.34 - PPP : Transmitting Control Packet of length: 6
02-17-2031 11:17:09.34 - Data 0000: c0 21 05 04 00 04 00 00 | .!......
02-17-2031 11:17:09.35 - PPP : Received Control Packet of length: 12
02-17-2031 11:17:09.35 - Data 0000: 80 21 01 01 00 0a 03 06 | .!......
02-17-2031 11:17:09.35 - Data 0008: c0 a8 fa 14 00 00 00 00 | ........
02-17-2031 11:17:09.35 - PPP : Received Control Packet of length: 12
02-17-2031 11:17:09.35 - Data 0000: 80 fd 01 01 00 0a 12 06 | ........
02-17-2031 11:17:09.35 - Data 0008: 01 00 00 60 00 00 00 00 | ...`....
02-17-2031 11:17:09.36 - PPP : Received Control Packet of length: 6
02-17-2031 11:17:09.36 - Data 0000: c0 21 06 04 00 04 00 00 | .!......
02-17-2031 11:17:09.36 - LCP : Received terminate acknowledgement.
02-17-2031 11:17:09.36 - LCP : Layer finished.
02-17-2031 11:17:09.36 - Microsoft Dial Up Adapter log closed.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
