This is what the instructions for this NAS say: The only essential design feature is this: when a user authenticates against a localnode, a Vendor-Specific attribute (with a vendor code of "4363" and attribute number of "5") containing a string of the name of the user's RNET must be returned to the localnode and homenode.
It gives an example of how to do it under IAS for Win2k, but I'm not familiar with IAS. -----Original Message----- From: Chris Parker [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2003 2:08 PM To: [EMAIL PROTECTED] Subject: RE: MS-CHAPv2 + MySQL + group authtype failure At 12:58 PM 12/2/2003, Eliot Gable wrote: > > -----Original Message----- > > From: 3APA3A [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, December 02, 2003 5:27 AM > > To: Eliot Gable > > Subject: Re: MS-CHAPv2 + MySQL + group authtype failure > > > > Dear Eliot Gable, > > > > Make sure shared secret configured for NAS and password entered >by > > client are valid. Check cleartext and MS-CHAP (v1) authentication. > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > >This almost works. The server responds with an accept packet, but the >NAS does not like the response and sends the client a reject packet. >What I am seeing is two separate(?) errors on the NAS (a roamnode that >Josh Howlett designed; output at the bottom)... > ><snip> >WARNING: Malformed RADIUS packet from host 208.244.163.17: Vendor >specific attributes do not exactly fill Vendor-Specific ><snip> >modcall: group authorize returns ok >auth: No authenticate method (Auth-Type) configuration found for the >request: Rejecting the user >auth: Failed to validate the user. >Delaying request 2 for 1 seconds ><snip> > >My vendor specific tag is set in my SQL table: > >mysql> select * from radgroupreply; >+----+-----------+-----------------+----+-------------------------+----- >-+ >| id | GroupName | Attribute | op | Value | prio >| >+----+-----------+-----------------+----+-------------------------+----- >-+ >| 1 | 56/56 | Framed-MTU | := | 1500 | 0 >| >| 2 | 56/56 | Service-Type | := | Framed | 0 >| >| 3 | 56/56 | Framed-Protocol | := | PPP | 0 >| >| 4 | 56/56 | Vendor-Specific | := | homenode.greatlakes.net | 0 >| >+----+-----------+-----------------+----+-------------------------+----- >-+ Heh, you need to put the actual vendor Attribute name, no Vendor-Specific there. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless! \ Director, Engineering | @ @ | \ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\------------------------------------------------------ \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
