ists.freeradius.org
[mailto:freeradius-users-bounces+martin.ubank=uwe.ac...@lists.freeradius.org]
On Behalf Of Alan Buxey
Sent: 17 October 2011 09:21
To: FreeRadius users mailing list
Subject: Re: Configuring FreeRADIUS to use ntlm_auth for MS-CHAP
Hi,
> Thanks for that.
> I had left some pre
Hi,
> Thanks for that.
> I had left some previous versions of files in the modules directory not
> knowing that they are still active.
> Moving them to another location progressed me to the following error:
yes, FreeRADIUS will read ALL files in sites-enabled/ and ALL files in modules/
directory
us.org
[mailto:freeradius-users-bounces+martin.ubank=uwe.ac...@lists.freeradius.org]
On Behalf Of James J J Hooper
Sent: 14 October 2011 18:29
To: freeradius-users@lists.freeradius.org
Subject: Re: Configuring FreeRADIUS to use ntlm_auth for MS-CHAP
On 14/10/2011 16:13, Martin Ubank wrote:
> Here’s the
On 14/10/2011 16:13, Martin Ubank wrote:
Here’s the full output from ‘radiusd –X’:
The bit at the top that tells us what radiusd has read from the config
files is missing.
It's not executing ntlm_auth by the looks of what you posted, so you need
to look at why. The first bit of radiusd -X w
>
> I can see from the 'radiusd -X' output that FreeRadius is not using MS-CHAP
> correctly:
>
>
> [eap] processing type mschapv2
> [mschapv2] +- entering group MS-CHAP {...}
> [mschap] No Cleartext-Password configured. Cannot create LM-Password.
> [mschap] No Cleartext-Password configured.
started to configure FreeRadius with AD and successfully tested it to use
ntlm_auth.
I've got to the final stage "Configuring FreeRADIUS to use ntlm_auth for
MS-CHAP" in the deployment process.
This stage says:
1) "... delete the testing entry used above from the users f
Pedro Alves wrote:
> Already search in here but the two info pages I find are broken:
> http://www.impossiblereflex.com/8021x/eap-tls-HOWTO.htm
> http://www.hep.phys.soton.ac.uk/~jhe/documents/WPA-Authentication+RADIUS-HOW
> TO.html
>
> How can I do this ?
Read http://freeradius.org/doc/
Thi
Pedro Alves wrote:
> But Windows XP and Vista Supplicant can't authenticate, always have "Sending
> Access-Challenge"
>
> What is the best Samba version to communicate with Win2008 server Standard
> R2 (Active Directory) ?
http://deployingradius.com
Follow the HOWTOs on the main page for get
es
-Original Message-
From: freeradius-users-bounces+pedrojmalves=gmail@lists.freeradius.org
[mailto:freeradius-users-bounces+pedrojmalves=gmail@lists.freeradius.org
] On Behalf Of Alan DeKok
Sent: sexta-feira, 30 de Abril de 2010 8:58
To: FreeRadius users mailing list
Subject
s-users-bounces+pedrojmalves=gmail@lists.freeradius.org
[mailto:freeradius-users-bounces+pedrojmalves=gmail@lists.freeradius.org
] On Behalf Of Alan DeKok
Sent: sexta-feira, 30 de Abril de 2010 8:58
To: FreeRadius users mailing list
Subject: Re: Configuring FreeRADIUS to use ntlm_auth for MS-CH
unces+pedrojmalves=gmail@lists.freeradius.org
] On Behalf Of Alan DeKok
Sent: sexta-feira, 30 de Abril de 2010 8:58
To: FreeRadius users mailing list
Subject: Re: Configuring FreeRADIUS to use ntlm_auth for MS-CHAP
Pedro Alves wrote:
> Using JRadiusSimulator to test and receive "Sending
Pedro Alves wrote:
> Using JRadiusSimulator to test and receive "Sending Access-Accept" :)
>
> But when i use a client AP Cisco Aironet 1121, only users from "files" can
> connect, users on AD dont.
...
> Sending Access-Challenge of id 110 to 10.1.3.17 port 1645
> EAP-Message =
> 0x01
4a11970822f6475488c4
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 110 to 10.1.3.17 port 1645
EAP-Message =
0x011c004a1900170301003faca645f76e5aff8c761515bd9d8c3213f7e06d164a58508ec372
6451efcaa894181735f73811912c526d93579a32e2887690f78fb267de6af4
-feira, 28 de Abril de 2010 20:59
To: FreeRadius users mailing list
Subject: Re: Configuring FreeRADIUS to use ntlm_auth for MS-CHAP
Pedro Alves wrote:
> This is the test with AD user:
>
> AP#test aaa group radius userad userpass new-code
> Trying to authenticate with Servergroup r
Pedro Alves wrote:
> This is the test with AD user:
>
> AP#test aaa group radius userad userpass new-code
> Trying to authenticate with Servergroup radius
> User rejected
>
> rad_recv: Access-Request packet from host xx.xx.xx.xx port 1645, id=175,
> length=52
> User-Password = "userpas
[mailto:freeradius-users-bounces+pedrojmalves=gmail@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: quarta-feira, 28 de Abril de 2010 16:40
To: FreeRadius users mailing list
Subject: Re: Configuring FreeRADIUS to use ntlm_auth for MS-CHAP
Pedro Alves wrote:
> User define in user “fil
Pedro Alves wrote:
> User define in user “files” work fine, but user on AD don’t.
>
> In freeradius using the test bellow, I can access users on AD.
Have you followed the "Active Directory" howto on
http://deployingradius.com?
> r...@mhvrad01:/usr/local/etc/raddb# radiusd -X
...
> Ready to pro
> Why is not working ntlm_auth for ms-chap ?
It would be easier to answer your question if you included the debug output for
a rejected request as opposed to just the startup messages..
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
After edit mschap file module by uncommented line containing ntlm_auth =, i
used a AP Cisco client from freeradius to test with "test aaa group radius
user userpass new-code"
User define in user "files" work fine, but user on AD don't.
In freeradius using the test bellow, I can access users
19 matches
Mail list logo
