Dear Guy Warner, Authentication fails because of username or password mismatch. It may be if packet is corrupted, if realm is not stripped from username or password contains non-ASCII characters.
--Wednesday, March 26, 2003, 7:10:32 PM, you wrote to [EMAIL PROTECTED]: GW> Hi GW> I am trying to set up a Freeradius 0.8.1 server to authenticate users with GW> MS Chap v2. The information about each user is obtained from an LDAP server. GW> The requests for authentication are being received via a proxy server. GW> The problem is that all requests to authenticate a user result in GW> rlm_mschap: Nothing in the packet I recognise: Rejecting the user GW> The mschap section of radiusd.conf is as follows GW> mschap { GW> authtype = MS-CHAP GW> use_mppe = yes GW> require_encryption = yes GW> require_strong = yes GW> } GW> The output from radiusd in debug mode contains the following GW> rad_recv: Access-Request packet from host <omitted>:1814, id=3, GW> length=172 GW> MS-CHAP-Challenge = 0x18192e70aa5f3989b735ced1b471afd2 GW> MS-CHAP2-Response = GW> 0x0100613e878f3075d4825db25f99da79dac300000000000000002d620d49a20f637cae65f3 GW> 05c09460bdc1c3047ab43476f5 GW> User-Name = "[EMAIL PROTECTED]" GW> NAS-IP-Address = <omitted> GW> NAS-Identifier = <omitted> GW> Service-Type = Framed-User GW> Framed-Protocol = PPP GW> Proxy-State = 0x313630 GW> ...... GW> Debug: modcall: entering group authtype GW> Debug: rlm_mschap: doing MS-CHAPv2 with NT-Password GW> Debug: rlm_mschap: Authentication failed GW> Debug: rlm_mschap: Nothing in the packet I recognise: Rejecting the GW> user GW> Debug: modcall[authenticate]: module "mschap" returns reject GW> The username is stripped of the domain since usernames are storred on the GW> LDAP server in the short form. GW> Any suggestions on how to fix this problem would be gratefully received. If GW> I have not provided sufficient information to diagnose the error then please GW> let me know and I will send more information. GW> Thanks in advance GW> Guy Warner GW> - GW> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ~/ZARAZA ÝÍÈÀÊàì - ïî ìîðäå! (Ëåì) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html