I have a Wolverine VPN (www.coyotelinux.com) attempting to authenticate against FreeRadius. I have installed Wolverine and it works ok with local authentication. I have FreeRadius installed on another box. I uncommented out user steve in the users file for testing. I can get a positive authentications when using Radping. If I try to authenticate steve via Wolverine (where another box trys to start a pptp session through wolverine using steve as the userid with password) it fails. The dump of the two conversations is below. Any ideas are way appreciated.
Wolverine is 192.168.0.2 FreeRadius is 192.168.0.3 My workstation with NTRadPing is 192.168.0.125 Thanks GT Here is the Trace, I put in my comments surounded by plus(+) signs: [root@wfcRadiusSql01 raddb]# radiusd -sfxxyz -l stdout Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /etc/raddb/proxy.conf Config: including file: /etc/raddb/clients.conf Config: including file: /etc/raddb/snmp.conf Config: including file: /etc/raddb/sql.conf main: prefix = "/usr/local" main: localstatedir = "/var" main: logdir = "/var/log/radius" main: libdir = "/usr/local/lib" main: radacctdir = "/var/log/radius/radacct" main: hostname_lookups = no read_config_files: reading dictionary read_config_files: reading clients read_config_files: reading realms read_config_files: reading naslist main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = "/var/run/radiusd/radiusd.pid" main: user = "(null)" main: group = "(null)" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 security: max_attributes = 200 security: reject_delay = 1 main: debug_level = 0 read_config_files: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded System unix: cache = yes unix: passwd = "/etc/passwd" unix: shadow = "/etc/shadow" unix: group = "/etc/group" unix: radwtmp = "/var/log/radius/radwtmp" unix: usegroup = no unix: cache_reload = 600 HASH: Reinitializing hash structures and lists for caching... HASH: user root found in hashtable bucket 11726 HASH: user bin found in hashtable bucket 86651 HASH: user daemon found in hashtable bucket 11668 HASH: user adm found in hashtable bucket 26466 HASH: user lp found in hashtable bucket 54068 HASH: user sync found in hashtable bucket 42895 HASH: user shutdown found in hashtable bucket 71746 HASH: user halt found in hashtable bucket 7481 HASH: user mail found in hashtable bucket 79471 HASH: user news found in hashtable bucket 5375 HASH: user uucp found in hashtable bucket 38541 HASH: user operator found in hashtable bucket 21748 HASH: user games found in hashtable bucket 47657 HASH: user gopher found in hashtable bucket 47357 HASH: user ftp found in hashtable bucket 56226 HASH: user nobody found in hashtable bucket 99723 HASH: user ntp found in hashtable bucket 21418 HASH: user rpc found in hashtable bucket 72373 HASH: user vcsa found in hashtable bucket 25959 HASH: user nscd found in hashtable bucket 36306 HASH: user sshd found in hashtable bucket 71560 HASH: user rpm found in hashtable bucket 72383 HASH: user mailnull found in hashtable bucket 78086 HASH: user smmsp found in hashtable bucket 13600 HASH: user rpcuser found in hashtable bucket 552 HASH: user nfsnobody found in hashtable bucket 51830 HASH: user pcap found in hashtable bucket 55326 HASH: user xfs found in hashtable bucket 17213 HASH: user named found in hashtable bucket 7729 HASH: user gdm found in hashtable bucket 50360 HASH: user postgres found in hashtable bucket 19301 HASH: user apache found in hashtable bucket 26582 HASH: user postfix found in hashtable bucket 23093 HASH: user squid found in hashtable bucket 62826 HASH: user webalizer found in hashtable bucket 3037 HASH: user mysql found in hashtable bucket 46314 HASH: user glynn found in hashtable bucket 57940 HASH: Stored 37 entries from /etc/passwd HASH: Stored 47 entries from /etc/group Module: Instantiated unix (unix) Module: Loaded preprocess preprocess: huntgroups = "/etc/raddb/huntgroups" preprocess: hints = "/etc/raddb/hints" preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded realm realm: format = "suffix" realm: delimiter = "@" Module: Instantiated realm (suffix) Module: Loaded files files: usersfile = "/etc/raddb/users" files: acctusersfile = "/etc/raddb/acct_users" files: compat = "no" Module: Instantiated files (files) Module: Loaded detail detail: detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail" detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (detail) Module: Loaded radutmp radutmp: filename = "/var/log/radius/radutmp" radutmp: username = "%{User-Name}" radutmp: perm = 384 radutmp: callerid = yes Module: Instantiated radutmp (radutmp) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ This is where it succeeds from ntRadPing ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp. Ready to process requests. rad_recv: Access-Request packet from host 192.168.0.125:4538, id=1, length=45 User-Name = "steve" User-Password = "\333z\233\276\246\303\301\026\0029\241\367\003\322\027\305" modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_realm: Looking up realm NULL for User-Name = "steve" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched steve at 80 modcall[authorize]: module "files" returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type Local auth: type Local auth: user supplied User-Password matches local User-Password Sending Access-Accept of id 1 to 192.168.0.125:4538 Service-Type = Framed-User Framed-Protocol = PPP Framed-IP-Address = 172.16.3.33 Framed-IP-Netmask = 255.255.255.0 Framed-Routing = Broadcast-Listen Framed-Filter-Id = "std.ppp" Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 1 with timestamp 3dad7ad6 Nothing to do. Sleeping until we see a request. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ This is where it fails with wolverine ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ rad_recv: Access-Request packet from host 192.168.0.2:32768, id=18, length=121 Service-Type = Framed-User Framed-Protocol = PPP User-Name = "steve" MS-CHAP-Challenge = 0x76ee9496439d61f78db9a181d987ee42 MS-CHAP2-Response = 0x01003f787372c0ca0cd11f4b8291f102aa8f00000000000000003bca104ab18c2d6800d746 815be19f8e1167e96f523b927f modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_realm: Looking up realm NULL for User-Name = "steve" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched steve at 80 modcall[authorize]: module "files" returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type Local auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Delaying request 1 for 1 seconds Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 18 to 192.168.0.2:32768 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 18 with timestamp 3dad7ae7 Nothing to do. Sleeping until we see a request. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html