[PacketFence-users] PacketFence 13.1 MSCHAP NTLM Issue

Sat, 27 Jan 2024 06:20:08 -0800 

Hello, Community! I just installed PacketFence 13.1 from ISO image. I
configured it as per described in manuals and successfully joined MS AD
Domain. AD is assotiated with Default and Null Realms. Also, I set up Cisco
ASA and configured it as NAD to use as VPN Gateway. I faced a strange issue
during authentication with NTLM. It looks like something go wrong in
ntlm_auth, but I cannot find any more information other than RADIUS log:

ASA-ClientType = "L2TP\/IPsec-SSL-VPN",
ASA-TunnelGroupName = "DefaultRAGroup",
Calling-Station-Id = "217.118.64.45",
Cisco-AVPair = "audit-session-id=90d190260002000065b33e85",
Cisco-AVPair = "ip:source-ip=217.118.64.45",
Cisco-AVPair = "coa-push=true",
EAP-Message =
"0x020200531a0202004e31ab0ae27b817ca34db21fe3cdd83e878d0000000000000000b2f429f7b49e066e8bb6cbabf388aad77e6cc9810bbe04390053414b48414c494e325c496c79612e4b686974726f762d62",
EAP-Type = "MSCHAPv2",
Event-Timestamp = "Jan 26 2024 16:14:17 +11",
Framed-MTU = "1500",
Framed-Protocol = "PPP",
FreeRADIUS-Client-IP-Address = " 192.168.1.12 ",
MS-CHAP-Challenge = "0x4b54af053452db473623d2418cb4e1ac",
MS-CHAP-User-Name = "TESTAD\TestUser",
MS-CHAP2-Response =
"0x0241ab0ae27b817ca34db21fe3cdd83e878d0000000000000000b2f429f7b49e066e8bb6cbabf388aad77e6cc9810bbe0439",
Message-Authenticator = "0x0c0409247adf17ffc59e3a37d0675e2a",
Module-Failure-Message = "mschap: Program returned code (1) and output ''",
Module-Failure-Message = "mschap: External script says: ",
Module-Failure-Message = "mschap: MS-CHAP2-Response is incorrect",
NAS-IP-Address = "192.168.1.12",
NAS-Port = "131072",
NAS-Port-Type = "Virtual",
PacketFence-KeyBalanced = "c4dc2f9e07316cea9aa1a2e9d9c63cde",
PacketFence-Radius-Ip = "172.18.191.70",
Realm = "default",
Service-Type = "Framed-User",
State = "0x68a81ebc69aa04790ad37d0b9c01d70a",
Stripped-User-Name = "TestUser",
Tunnel-Client-Endpoint = "185.40.1.100",
User-Name = "TESTAD\TestUser",
User-Password = "******"

RADIUS Reply
EAP-Message = "0x04020004",
MS-CHAP-Error = " E=691 R=0 C=32efd9f7bea957edecdc0e5f6b2dd8ea V=3
M=Authentication rejected",
Message-Authenticator = "0x00000000000000000000000000000000"

Kindly anybody help me to solve the issue, or help with any information for
additional troubleshooting.

_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users














    











					Reply via email to