> -----Original Message----- > From: 3APA3A [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 02, 2003 5:27 AM > To: Eliot Gable > Subject: Re: MS-CHAPv2 + MySQL + group authtype failure > > Dear Eliot Gable, > > Make sure shared secret configured for NAS and password entered by > client are valid. Check cleartext and MS-CHAP (v1) authentication. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This almost works. The server responds with an accept packet, but the NAS does not like the response and sends the client a reject packet. What I am seeing is two separate(?) errors on the NAS (a roamnode that Josh Howlett designed; output at the bottom)...
<snip> WARNING: Malformed RADIUS packet from host 208.244.163.17: Vendor specific attributes do not exactly fill Vendor-Specific <snip> modcall: group authorize returns ok auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Delaying request 2 for 1 seconds <snip>
My vendor specific tag is set in my SQL table:
mysql> select * from radgroupreply; +----+-----------+-----------------+----+-------------------------+----- -+ | id | GroupName | Attribute | op | Value | prio | +----+-----------+-----------------+----+-------------------------+----- -+ | 1 | 56/56 | Framed-MTU | := | 1500 | 0 | | 2 | 56/56 | Service-Type | := | Framed | 0 | | 3 | 56/56 | Framed-Protocol | := | PPP | 0 | | 4 | 56/56 | Vendor-Specific | := | homenode.greatlakes.net | 0 | +----+-----------+-----------------+----+-------------------------+----- -+
Heh, you need to put the actual vendor Attribute name, no Vendor-Specific there.
-Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless! \ Director, Engineering | @ @ | \ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\------------------------------------------------------ \ Wholesale Internet Services - http://www.megapop.net
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html