> > Read the *rest* of the debug log, including the part where it prints > > out the attributes in the Access-Request, and none of them are MS-CHAP. > > > What Auth Type would I use for the following? > > rad_recv: Access-Request packet from host 127.0.0.1:32771, id=210, length=54 > Service-Type = Framed-User > Framed-Protocol = PPP > User-Name = "keith_xp" > NAS-IP-Address = 192.168.1.150 > NAS-Port = 0 >
using -chap -mschap -mschap-v2 in the pptpd options file and changing the Auth-Type to Accept. FreeRadius accepts the request and accounting begins So pptpd, pppd and freeradius work as long as I do not try to authenticate. Using +chap -mschap -mschap-v2 in the pptpd options file causes a failure with CHAP and changing the Auth-Type to Local. causes a failure with CHAP. radtest works. CHAP does not. My current guess/test is the radius plugin is failing to get/set the password. Any pointers appreciated. My current assumptions 1. The Kernel for Suse 8.1 will work without modification (I assumed this for SuSe 9.0 and it is correct for 9.0 ) I do not currently know how to test for this and I really want to avoid compiling a new kernel, (the target machine is 1000km away) I am prepared to drop encyption as all I want from the system is the accounting functions. 2. The source for radiusclient 0.3.2 from Suse will work with Suse pppd 2.4.2 This is the current assumption that I will test by removing the radiusclient and installing Suse binaries from Suse 8.1. 3. CHAP uses the password from /etc/shadow Pruned Log Follows for pppd. Jun 16 17:55:13 kbri-comms pppd[17207]: Plugin radius.so loaded. Jun 16 17:55:13 kbri-comms pppd[17207]: RADIUS plugin initialized. Jun 16 17:55:13 kbri-comms pppd[17207]: pppd 2.4.2 started by root, uid 0 Jun 16 17:55:13 kbri-comms pppd[17207]: using channel 100 Jun 16 17:55:13 kbri-comms pppd[17207]: Using interface ppp0 <cut note="following line may be relevant"/> Jun 16 17:55:13 kbri-comms pptpd[17206]: GRE: Bad checksum from pppd. <cut note="following line may be relevant, why is the name reference kbri-comms (The name of the machine) "/> Jun 16 17:55:16 kbri-comms pppd[17207]: sent [CHAP Challenge id=0x43 <a02158198d975ca8eabe710acfe16d46>, name = "kbri-comms"] <cut note="here the name for CHAP is as the user request"/> Jun 16 17:55:16 kbri-comms pppd[17207]: rcvd [CHAP Response id=0x43 <4a4198eeb36edfebfeef64f0dbebf0bf0000000000000000579c54ba7392c283fa566306189 e229a735573d1fd1bb0dd00>, name = "keith_xp"] <cut note="rc_avpair_new: unknown attribute 11 ??"/> Jun 16 17:55:16 kbri-comms pppd[17207]: rc_avpair_new: unknown attribute 11 Jun 16 17:55:16 kbri-comms pppd[17207]: rc_avpair_new: unknown attribute 25 Jun 16 17:55:16 kbri-comms pppd[17207]: Jun 16 17:55:16 kbri-comms pppd[17207]: Peer keith_xp failed CHAP authentication - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html