Dear [EMAIL PROTECTED],
This log shows successful authentication from both sides. It looks
something is wrong with your NAS (for example client tries to use MPPE
and NAS fails to support it).
--Thursday, February 20, 2003, 12:34:28 PM, you wrote to
[EMAIL PROTECTED]:
var> Thank you for your answer, but it didn't help me.
var> So I want to detail my configuration to you
var> 1. My NAS is a Mikrotik, last version 2.6.10
var> 2. If I try to authenticate from win2000, winXP or Linux with users from
var> radius (password stored in mysql in clear text) , mschap returns OK and the
var> users logs in.
var> 3. If I try to authenticate from win98se with users from radius,
var> mschap (password stored in mysql in clear text) returns OK and win98se says:
var> the computer you're dayling in does not suport the data encription
var> requirements specified.
var> 4. If I try to authenticate from winXP, win98se or Linux with users from
var> Mikrotik, mschap returns OK and the users logs in.
var> 5. My radius configuration is:
var> mschap {
var> authtype = MS-CHAP
var> use_mppe = yes
var> require_encryption = no
var> require_strong = no
var> }
var> authorize {
var> sql
var> chap
var> mschap
var> files
var> }
var> authenticate {
var> authtype CHAP {
var> chap
var> }
var> authtype MS-CHAP {
var> mschap
var> }
var> }
var> 6. My radius debug for a failing attempting to log from win98se is:
var> As you can see mschap return OK, but the user doesn't logs in
var> rad_recv: Access-Request packet from host 192.168.250.20:1047, id=66, length=181
var> Thread 1 assigned request 0
var> SMUX connect try 1
var> Thread 1 handling request 0, (1 handled so far)
var> Service-Type = Framed-User
var> Framed-Protocol = PPP
var> NAS-Identifier = "MikroTik"
var> NAS-Port-Type = Ethernet
var> Calling-Station-Id = "00:D0:09:85:81:9C"
var> Called-Station-Id = "service1"
var> NAS-Port-Id = "ether1"
var> User-Name = "victor"
var> MS-CHAP2-Response =
var>
0x81008bd69f59e65d59c4c5f11c31fafdc1c40000000000000000fd80c174db91b4b92eebf9a3ae762824eee13e50660f520b
var> MS-CHAP-Challenge = 0x2846e077175f48d97b1213b66f469f1f
var> NAS-IP-Address = 192.168.250.20
var> modcall: entering group authorize
var> rad_check_password: Found Auth-Type MS-CHAP
var> auth: type "MS-CHAP"
var> modcall: entering group authtype
var> rlm_mschap: doing MS-CHAPv2 with NT-Password
var> Login OK: [victor] (from client mikrotik port 0 cli 00:D0:09:85:81:9C)
var> Sending Access-Accept of id 66 to 192.168.250.20:1047
var> Framed-IP-Address == 80.97.25.107
var> Acct-Status-Type = Start
var> Framed-Protocol = PPP
var> Framed-Compression = None
var> MS-CHAP2-Success =
var>
0x81533d38323241413635453236384644353135323932454143343141353036394237423844303042313535
var> MS-MPPE-Recv-Key =
var> 0xc5c2edf244b7466a17bbf1ef13e1ed09cbd01603315a08bd50057ea3c763917bdc97
var> MS-MPPE-Send-Key =
var> 0xc5c1797050dee33951e26db5d724f11b08084e842294b3ca58611eb1106ede825087
var> MS-MPPE-Encryption-Policy = 0x00000001
var> MS-MPPE-Encryption-Types = 0x00000006
var> Thread 2 handling request 1, (1 handled so far)
var> Service-Type = Framed-User
var> Framed-Protocol = PPP
var> NAS-Identifier = "MikroTik"
var> Acct-Session-Id = "544"
var> User-Name = "victor"
var> Acct-Authentic = RADIUS
var> Framed-IP-Address = 80.97.25.107
var> Class = 0x
var> NAS-Port-Type = Ethernet
var> NAS-Port-Id = "ether1"
var> Calling-Station-Id = "00:D0:09:85:81:9C"
var> Called-Station-Id = "service1"
var> Acct-Status-Type = Start
var> NAS-IP-Address = 192.168.250.20
var> 7. My win98se is patch with dun. His log for raspppoe says:
var> 02-17-2031 11:17:06.32 - Microsoft Dial Up Adapter log opened.
var> 02-17-2031 11:17:06.32 - Server type is PPP (Point to Point Protocol).
var> 02-17-2031 11:17:06.32 - FSA : Software compression disabled.
var> 02-17-2031 11:17:06.32 - FSA : Protocol not bound - skipping control
var> protocol 803f (NBFCP).
var> 02-17-2031 11:17:06.32 - FSA : Adding Control Protocol 8021 (IPCP) to
var> control protocol chain.
var> 02-17-2031 11:17:06.32 - FSA : Protocol not bound - skipping control
var> protocol 802b (IPXCP).
var> 02-17-2031 11:17:06.32 - FSA : Adding Control Protocol c029 (CallbackCP) to
var> control protocol chain.
var> 02-17-2031 11:17:06.32 - FSA : Encrypted Password required.
var> 02-17-2031 11:17:06.32 - FSA : Encrypted Password required.
var> 02-17-2031 11:17:06.32 - FSA : Adding Control Protocol c223 (CHAP) to
var> control protocol chain.
var> 02-17-2031 11:17:06.32 - FSA : Adding Control Protocol c021 (LCP) to control
var> protocol chain.
var> 02-17-2031 11:17:06.32 - LCP : Callback negotiation enabled.
var> 02-17-2031 11:17:06.32 - LCP : Layer started.
var> 02-17-2031 11:17:06.32 - PPP : Transmitting Control Packet of length: 19
var> 02-17-2031 11:17:06.32 - Data 0000: c0 21 01 01 00 11 05 06 | .!......
var> 02-17-2031 11:17:06.32 - Data 0008: 00 08 48 9d 07 02 08 02 | ..H.....
var> 02-17-2031 11:17:06.32 - Data 0010: 0d 03 06 00 00 00 00 00 | ........
var> 02-17-2031 11:17:06.32 - PPP : Received Control Packet of length: 21
var> 02-17-2031 11:17:06.32 - Data 0000: c0 21 01 01 00 13 03 05 | .!......
var> 02-17-2031 11:17:06.32 - Data 0008: c2 23 81 01 04 05 d4 05 | .#......
var> 02-17-2031 11:17:06.32 - Data 0010: 06 05 7e f8 5f 00 00 00 | ..~._...
var> 02-17-2031 11:17:06.32 - LCP : Received and accepted authentication protocol
var> c223 (CHAP).
var> 02-17-2031 11:17:06.32 - LCP : Received and accepted MRU of 1492.
var> 02-17-2031 11:17:06.32 - LCP : Received and accepted magic number 57ef85f.
var> 02-17-2031 11:17:06.32 - PPP : Transmitting Control Packet of length: 21
var> 02-17-2031 11:17:06.32 - Data 0000: c0 21 02 01 00 13 03 05 | .!......
var> 02-17-2031 11:17:06.32 - Data 0008: c2 23 81 01 04 05 d4 05 | .#......
var> 02-17-2031 11:17:06.32 - Data 0010: 06 05 7e f8 5f 00 00 00 | ..~._...
var> 02-17-2031 11:17:06.32 - PPP : Received Control Packet of length: 13
var> 02-17-2031 11:17:06.32 - Data 0000: c0 21 04 01 00 0b 0d 03 | .!......
var> 02-17-2031 11:17:06.32 - Data 0008: 06 07 02 08 02 00 00 00 | ........
var> 02-17-2031 11:17:06.32 - LCP : Received configure reject for callback
var> control protocol option.
var> 02-17-2031 11:17:06.32 - LCP : Received corrupted configure reject for option 7.
var> 02-17-2031 11:17:09.31 - PPP : Transmitting Control Packet of length: 16
var> 02-17-2031 11:17:09.31 - Data 0000: c0 21 01 02 00 0e 05 06 | .!......
var> 02-17-2031 11:17:09.31 - Data 0008: 00 08 48 9d 07 02 08 02 | ..H.....
var> 02-17-2031 11:17:09.31 - PPP : Received Control Packet of length: 10
var> 02-17-2031 11:17:09.31 - Data 0000: c0 21 04 02 00 08 07 02 | .!......
var> 02-17-2031 11:17:09.31 - Data 0008: 08 02 00 00 00 00 00 00 | ........
var> 02-17-2031 11:17:09.31 - LCP : Received configure reject for protocol field
var> compression option.
var> 02-17-2031 11:17:09.31 - LCP : Received configure reject for address field
var> compression option.
var> 02-17-2031 11:17:09.31 - PPP : Transmitting Control Packet of length: 12
var> 02-17-2031 11:17:09.31 - Data 0000: c0 21 01 03 00 0a 05 06 | .!......
var> 02-17-2031 11:17:09.31 - Data 0008: 00 08 48 9d 00 00 00 00 | ..H.....
var> 02-17-2031 11:17:09.31 - PPP : Received Control Packet of length: 21
var> 02-17-2031 11:17:09.31 - Data 0000: c0 21 01 01 00 13 03 05 | .!......
var> 02-17-2031 11:17:09.31 - Data 0008: c2 23 81 01 04 05 d4 05 | .#......
var> 02-17-2031 11:17:09.31 - Data 0010: 06 05 7e f8 5f 00 00 00 | ..~._...
var> 02-17-2031 11:17:09.31 - LCP : Received and accepted authentication protocol
var> c223 (CHAP).
var> 02-17-2031 11:17:09.31 - LCP : Received and accepted MRU of 1492.
var> 02-17-2031 11:17:09.31 - LCP : Received and accepted magic number 57ef85f.
var> 02-17-2031 11:17:09.31 - PPP : Transmitting Control Packet of length: 21
var> 02-17-2031 11:17:09.31 - Data 0000: c0 21 02 01 00 13 03 05 | .!......
var> 02-17-2031 11:17:09.31 - Data 0008: c2 23 81 01 04 05 d4 05 | .#......
var> 02-17-2031 11:17:09.31 - Data 0010: 06 05 7e f8 5f 00 00 00 | ..~._...
var> 02-17-2031 11:17:09.31 - PPP : Received Control Packet of length: 12
var> 02-17-2031 11:17:09.31 - Data 0000: c0 21 02 03 00 0a 05 06 | .!......
var> 02-17-2031 11:17:09.31 - Data 0008: 00 08 48 9d 00 00 00 00 | ..H.....
var> 02-17-2031 11:17:09.31 - LCP : Layer up.
var> 02-17-2031 11:17:09.31 - CHAP : Layer started.
var> 02-17-2031 11:17:09.32 - PPP : Received Control Packet of length: 31
var> 02-17-2031 11:17:09.32 - Data 0000: c2 23 01 01 00 1d 10 aa | .#...�..
var> 02-17-2031 11:17:09.32 - Data 0008: 2f 83 2d fe 0f f1 98 8c | /.-.....
var> 02-17-2031 11:17:09.32 - Data 0010: ec 15 52 17 3e de aa 4d | .�R�>..M
var> 02-17-2031 11:17:09.32 - Data 0018: 69 6b 72 6f 54 69 6b 00 | ikroTik.
var> 02-17-2031 11:17:09.32 - PPP : Transmitting Control Packet of length: 62
var> 02-17-2031 11:17:09.32 - Data 0000: c2 23 02 01 00 3c 31 6a | .#...<1j
var> 02-17-2031 11:17:09.32 - Data 0008: d0 64 65 00 1e c3 f3 ab | .de.�...
var> 02-17-2031 11:17:09.32 - Data 0010: 83 0d 06 fd 91 30 25 00 | .....0%.
var> 02-17-2031 11:17:09.32 - Data 0018: 00 00 00 00 00 00 00 54 | .......T
var> 02-17-2031 11:17:09.32 - Data 0020: 86 ae 7b 6f 60 9e fd 3c | ..{o`..<
var> 02-17-2031 11:17:09.32 - Data 0028: 52 e1 eb 1b 48 ca 31 5a | R..�H.1Z
var> 02-17-2031 11:17:09.32 - Data 0030: a6 40 f2 34 ec cd 58 04 | [email protected].
var> 02-17-2031 11:17:09.32 - Data 0038: 76 69 63 74 6f 72 00 00 | victor..
var> 02-17-2031 11:17:09.33 - PPP : Received Control Packet of length: 49
var> 02-17-2031 11:17:09.33 - Data 0000: c2 23 03 01 00 2f 81 53 | .#.../.S
var> 02-17-2031 11:17:09.33 - Data 0008: 3d 33 30 33 38 45 44 30 | =3038ED0
var> 02-17-2031 11:17:09.33 - Data 0010: 39 44 41 42 35 46 44 46 | 9DAB5FDF
var> 02-17-2031 11:17:09.33 - Data 0018: 32 39 33 34 37 37 46 45 | 293477FE
var> 02-17-2031 11:17:09.33 - Data 0020: 46 32 32 36 38 30 42 31 | F22680B1
var> 02-17-2031 11:17:09.33 - Data 0028: 36 30 45 33 32 43 41 39 | 60E32CA9
var> 02-17-2031 11:17:09.33 - Data 0030: 32 00 00 00 00 00 00 00 | 2.......
var> 02-17-2031 11:17:09.33 - CHAP : Login was successful.
var> 02-17-2031 11:17:09.34 - Remote access driver is shutting down.
var> 02-17-2031 11:17:09.34 - CRC Errors 0
var> 02-17-2031 11:17:09.34 - Timeout Errors 0
var> 02-17-2031 11:17:09.34 - Alignment Errors 0
var> 02-17-2031 11:17:09.34 - Overrun Errors 0
var> 02-17-2031 11:17:09.34 - Framing Errors 0
var> 02-17-2031 11:17:09.34 - Buffer Overrun Errors 0
var> 02-17-2031 11:17:09.34 - Incomplete Packets 0
var> 02-17-2031 11:17:09.34 - Bytes Received 171
var> 02-17-2031 11:17:09.34 - Bytes Transmittted 163
var> 02-17-2031 11:17:09.34 - Frames Received 7
var> 02-17-2031 11:17:09.34 - Frames Transmitted 6
var> 02-17-2031 11:17:09.34 - LCP : Layer down.
var> 02-17-2031 11:17:09.34 - PPP : Transmitting Control Packet of length: 6
var> 02-17-2031 11:17:09.34 - Data 0000: c0 21 05 04 00 04 00 00 | .!......
var> 02-17-2031 11:17:09.35 - PPP : Received Control Packet of length: 12
var> 02-17-2031 11:17:09.35 - Data 0000: 80 21 01 01 00 0a 03 06 | .!......
var> 02-17-2031 11:17:09.35 - Data 0008: c0 a8 fa 14 00 00 00 00 | ........
var> 02-17-2031 11:17:09.35 - PPP : Received Control Packet of length: 12
var> 02-17-2031 11:17:09.35 - Data 0000: 80 fd 01 01 00 0a 12 06 | ........
var> 02-17-2031 11:17:09.35 - Data 0008: 01 00 00 60 00 00 00 00 | ...`....
var> 02-17-2031 11:17:09.36 - PPP : Received Control Packet of length: 6
var> 02-17-2031 11:17:09.36 - Data 0000: c0 21 06 04 00 04 00 00 | .!......
var> 02-17-2031 11:17:09.36 - LCP : Received terminate acknowledgement.
var> 02-17-2031 11:17:09.36 - LCP : Layer finished.
var> 02-17-2031 11:17:09.36 - Microsoft Dial Up Adapter log closed.
var> -
var> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
~/ZARAZA
Ĺńňü ňŕě âĺđńčč Îňĺëëî, ăäĺ Äĺçäĺěîíŕ äóřčň Ěŕâđŕ. (Ëĺě)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
