Hi,
Anyone knows what i'm doing wrong?
i'm using freeradius 0.8.1
requests with mschapv1 go ok:
--
rad_recv: Access-Request packet from host 212.0.226.178:47278, id=164,
length=162
User-Name = "username"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
MS-CHAP-Challenge = 0x102db5df085d3041
MS-CHAP-Response =
0x01010000000000000000000000000000000000000000000000002d20af3dc3323e02b1ae7767485ec04c109e6c1bc4e064ab
auth: type "MS-CHAP"
modcall: entering group authtype
rlm_mschap: doing MS-CHAPv1 with NT-Password
rlm_mschap: adding MS-CHAPv1 MPPE keys
modcall[authenticate]: module "mschap" returns ok
--
but with mschapv2 i get:
--
rad_recv: Access-Request packet from host xxx, id=81, length=151
User-Name = "username"
MS-CHAP-Challenge = 0xc6fe14db8253be24aa74d4a98c09751d
MS-CHAP2-Response =
0x810021775d2e6462f07de242ac6f3c40621b0000000000000000f767122dcac60b6e81ef4b7507338ac1dbdc83a2848f2bcf
NAS-Identifier = "nasid"
NAS-Port = 176
NAS-Port-Type = Virtual
Service-Type = Authenticate-Only
-snip-
auth: type "MS-CHAP"
modcall: entering group authtype
rlm_mschap: doing MS-CHAPv2 with NT-Password
rlm_mschap: Authentication failed
rlm_mschap: Nothing in the packet I recognise: Rejecting the user
modcall[authenticate]: module "mschap" returns reject
--
radius.conf:
modules {
mschap {
authtype = MS-CHAP
use_mppe = yes
require_encryption = yes
require_strong = yes
}
}
authorize {
preprocess
chap
suffix
files
ldap {
notfound = return
}
mschap
}
authenticate {
authtype CHAP {
chap
}
authtype LDAP {
ldap
}
authtype MS-CHAP{
mschap
}
}
Grtz,
Diederik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
