Guy, Do the LDAP server logs show anything?
josh. On Wed, 2003-03-26 at 16:10, Guy Warner wrote: > Hi > > I am trying to set up a Freeradius 0.8.1 server to authenticate users with > MS Chap v2. The information about each user is obtained from an LDAP server. > The requests for authentication are being received via a proxy server. > > The problem is that all requests to authenticate a user result in > rlm_mschap: Nothing in the packet I recognise: Rejecting the user > > The mschap section of radiusd.conf is as follows > > mschap { > authtype = MS-CHAP > use_mppe = yes > require_encryption = yes > require_strong = yes > } > > > The output from radiusd in debug mode contains the following > > rad_recv: Access-Request packet from host <omitted>:1814, id=3, > length=172 > MS-CHAP-Challenge = 0x18192e70aa5f3989b735ced1b471afd2 > MS-CHAP2-Response = > 0x0100613e878f3075d4825db25f99da79dac300000000000000002d620d49a20f637cae65f3 > 05c09460bdc1c3047ab43476f5 > User-Name = "[EMAIL PROTECTED]" > NAS-IP-Address = <omitted> > NAS-Identifier = <omitted> > Service-Type = Framed-User > Framed-Protocol = PPP > Proxy-State = 0x313630 > ...... > Debug: modcall: entering group authtype > Debug: rlm_mschap: doing MS-CHAPv2 with NT-Password > Debug: rlm_mschap: Authentication failed > Debug: rlm_mschap: Nothing in the packet I recognise: Rejecting the > user > Debug: modcall[authenticate]: module "mschap" returns reject > > > The username is stripped of the domain since usernames are storred on the > LDAP server in the short form. > > Any suggestions on how to fix this problem would be gratefully received. If > I have not provided sufficient information to diagnose the error then please > let me know and I will send more information. > > > Thanks in advance > > > Guy Warner > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ----------------------------------------------------------- Josh Howlett, Networking & Digital Communications, Information Systems & Computing, University of Bristol, U.K. 'phone: 0117 928 7850 email: [EMAIL PROTECTED] ------------------------------------------------------------ --- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html