DilipSimha.N.M wrote:
hi,
is there any simple tool(other than jradius) which can be used as radius
client and which can be used to test
mschap authentication??
if so, please give the packet contents for radius client and the users
file check-items.
1. run FreeRadius in debugging mode
2. perform a successful MS-CHAP authentication with a "real" client
3. copy the following info from the FreeRadius debugging output:
User-Name = "user"
MS-CHAP-Challenge = 0xBYTES
MS-CHAP2-Response = 0xBYTES
4. with that info, create a file containing a radius request:
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "user"
MS-CHAP-Challenge = 0xBYTES
MS-CHAP2-Response = 0xBYTES
Calling-Station-Id = "something"
NAS-IP-Address = 192.168.1.2
NAS-Port = 1
5. run the command "radclient -s -f $FILE $HOST auth $SECRET"
The radius server will authenticate that request every time. Since the
challenge from a real NAS is essentially random there is only a low (but
not zero) risk in having the info in a file.
You may need to edit your users file to disable things such as IP
address pool assignment or such, but it will basically work fine. Such
editing is dependent on your local configuration.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
