----- Original Nachricht ----
Von: Stefan Winter <[EMAIL PROTECTED]>
An: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
Datum: 04.05.2006 13:20
Betreff: Re: ntlm_auth is not used by mschap
> Hi,
>
> you didn't state what problem you have right now. The logs send an Accept at
>
> the end, so everything looks very fine.
> Was your mail just to let the world know that things work now, or do you
> have
> a question?
>
Hi,
Oh sorry, my Question is, that the Authenticator, a Cisco Catalyst 3750, do not
map my XP-Client into the VLAN 40 as i defined it in the users file:
roka Auth-Type := MS-CHAP
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 6,
Tunnel-Private-Group-ID = 40
When the XP-Client will be authenticated via MS-CHAP, the Cisco Catalyst map my
Client in VLAN 1, the default-VLAN, and NOT in VLAN 40.
When i authenticate with Auth-Type := Local
roka Auth-Type := Local, User-Password = "Gerti1000"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 6,
Tunnel-Private-Group-ID = 40
it works, as you can see the output from radtest:
Debian:~# radtest roka Gerti1000 localhost 1645 testing123
Sending Access-Request of id 0 to 127.0.0.1 port 1812
User-Name = "roka"
User-Password = "Gerti1000"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1645
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=0, length=36
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "40"
Here is the output from the radiusd:
rad_recv: Access-Request packet from host 127.0.0.1:1024, id=72, length=56
User-Name = "roka"
User-Password = "Gerti1000"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1645
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 13
modcall[authorize]: module "preprocess" returns ok for request 13
modcall[authorize]: module "chap" returns noop for request 13
modcall[authorize]: module "mschap" returns noop for request 13
rlm_realm: No '@' in User-Name = "roka", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 13
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 13
users: Matched entry roka at line 82
modcall[authorize]: module "files" returns ok for request 13
modcall: leaving group authorize (returns ok) for request 13
rad_check_password: Found Auth-Type Local
auth: type Local
auth: user supplied User-Password matches local User-Password
Login OK: [roka/Gerti1000] (from client localhost port 1645)
Sending Access-Accept of id 72 to 127.0.0.1 port 1024
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "40"
Finished request 13
Going to the next request
Thanks in advance...
Robert
Viel oder wenig? Schnell oder langsam? Unbegrenzt surfen + telefonieren
ohne Zeit- und Volumenbegrenzung? DAS TOP ANGEBOT JETZT bei Arcor: günstig
und schnell mit DSL - das All-Inclusive-Paket für clevere Doppel-Sparer,
nur 44,85 inkl. DSL- und ISDN-Grundgebühr!
http://www.arcor.de/rd/emf-dsl-2
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
