Hi Hugo, You *can't* use SYSTEM passwords to authenticate using MS-CHAPv2. MS-CHAPv2 requires the AAA server to be able to obtain the clear text password (from a local file or some other source) or a password in NT-Password format. If it cannot get them, then it is unable to check that performing the hash function results in the same data as was supplied in the password from the NAS.
Therefore, you cannot use "root" as the username unless you also have a root user defined within the users file with a locally defined clear text password. Better to simply create a "test" user with a clear text password. Regards, Guy > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Hugo Sousa > Sent: 09 September 2004 16:08 > To: [EMAIL PROTECTED] > Subject: RE: rlm_eap: Handler failed in EAP/peap > > > > How can I do that in the users file? > > The root user is a Linux user. > > Btw... > > How can I redirect the users from a REALM to an LDAP server? > > > Regards > > Hugo Sousa > SysAdmin / NetworkAdmin > http://www.netsystems.pt > Portugal > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Michael Griego > Sent: quinta-feira, 9 de Setembro de 2004 16:03 > To: [EMAIL PROTECTED] > Subject: RE: rlm_eap: Handler failed in EAP/peap > > rlm_mschap: No User-Password configured. Cannot create LM-Password. > rlm_mschap: No User-Password configured. Cannot create NT-Password. > rlm_mschap: Told to do MS-CHAPv2 for root with NT-Password > rlm_mschap: FAILED: No NT/LM-Password. Cannot perform > authentication. > rlm_mschap: FAILED: MS-CHAP2-Response is incorrect > > Your problem lies in the error messages above. You need to > specify either a plain-text User-Password or an NT-Password > for the user in the users file. > > > -- > > --Mike > > ----------------------------------- > Michael Griego > Wireless LAN Project Manager > The University of Texas at Dallas > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > This e-mail is private and may be confidential and is for the intended recipient only. If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed. If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it. We use reasonable endeavours to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free. You should undertake your own virus checking. The right to monitor e-mail communications through our network is reserved by us. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
