Re: 1.0.1 + MPPE

Fri, 18 Feb 2005 01:21:23 -0800 

>>>>> "Alan" == Alan DeKok <[EMAIL PROTECTED]> writes:

 >> ok by MS-CHAPv2, but MPPE doesn't work, cisco's debug say: "MPPC:
 >> no encryption keys available, disabling optional MPPE". Could
 >> someone say me, what's wrong?

 Alan>   Without the debug log, no, we can't.

Here is it:

rad_recv: Access-Request packet from host 217.107.252.39:1645, id=195, 
length=163
        Framed-Protocol = PPP
        User-Name = "volga"
        MS-CHAP-Challenge = 0x56097f617f039daee1abae53fc7b69fb
        MS-CHAP2-Response = 
0x0200a644021227513c361df1e02d9b1ec2d70000000000000000de119b3c2d3e67a08c4a6d8488bb8f30abb2ac5e95ce5875
        NAS-Port-Type = Virtual
        Cisco-NAS-Port = "Uniq-Sess-ID1017"
        NAS-Port = 1017
        Service-Type = Framed-User
        NAS-IP-Address = 217.107.252.39
rad_lowerpair:  User-Name now 'volga'
rad_rmspace_pair:  User-Name now 'volga'
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 29
  modcall[authorize]: module "preprocess" returns ok for request 29
  modcall[authorize]: module "chap" returns noop for request 29
  rlm_mschap: Found MS-CHAP attributes.  Setting 'Auth-Type  = MS-CHAP'
  modcall[authorize]: module "mschap" returns ok for request 29
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 29
    users: Matched volga at 946
    users: Matched DEFAULT at 106
  modcall[authorize]: module "files" returns ok for request 29
modcall: group authorize returns ok for request 29
  rad_check_password:  Found Auth-Type MS-CHAP
auth: type "MS-CHAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 29
  rlm_mschap: Told to do MS-CHAPv2 for volga with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
  modcall[authenticate]: module "mschap" returns ok for request 29
modcall: group Auth-Type returns ok for request 29
Login OK: [volga] (from client vpn-1 port 1017)
Sending Access-Accept of id 195 to 217.107.252.39:1645
        Framed-Filter-Id += "billing.in"
        Session-Timeout = 900
        Framed-IP-Address = 255.255.255.254
        Framed-Protocol = PPP
        Service-Type = Framed-User
        MS-CHAP2-Success = 
0x02533d41303645424441343636424543364533363931414345413945313042383830363432443634463545
        MS-MPPE-Recv-Key = 0xacf70aae5a8f00777af15a1b6fe0606d
        MS-MPPE-Send-Key = 0x90a47bd168ebfc11af4d29b85443494d
        MS-MPPE-Encryption-Policy = 0x00000001
        MS-MPPE-Encryption-Types = 0x00000006
Finished request 29

And cisco again said: "MPPC: no encryption keys available, disabling
optional MPPE".

-- 
DSS5-RIPE DSS-RIPN 2:550/[EMAIL PROTECTED] 2:550/[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] http://neva.vlink.ru/~dsh/

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to