Re: freeradius + pptp + mysql

Mon, 01 May 2006 20:32:05 -0700 

Hello,
Ok, I removed freeradius and re-installed the package. The only configuration changes I made where: 

username and password in sql.conf
Uncommented sql options in radius.conf


I also add the dictionary.mirosoft file to the /etc/radiusclient/ 
directory as I came across a document that said to do so.


I am still receiving the same error as before, in the mysql database I have:
mysql> select * from radcheck;
+----+----------+-----------+----+----------+
| id | UserName | Attribute | op | Value    |
+----+----------+-----------+----+----------+
|  1 | testuser | Password  | == | testpass |
+----+----------+-----------+----+----------+
1 row in set (0.00 sec)

mysql> select * from radgroupcheck;
+----+-----------+-----------+----+-------+
| id | GroupName | Attribute | op | Value |
+----+-----------+-----------+----+-------+
|  1 | static    | Auth-Type | := | Local |
+----+-----------+-----------+----+-------+
1 row in set (0.00 sec)

mysql> select * from usergroup;
+----+----------+-----------+
| id | UserName | GroupName |
+----+----------+-----------+
|  1 | testuser | static    |
+----+----------+-----------+

Any hints would be appreciated, thanks.

Michael



Alan DeKok wrote:

Michael Gale <[EMAIL PROTECTED]> wrote:


My client is a XP Pro laptop using MS-CHAP v2 I believe



  Nope.  It's not sending MS-CHAP in the request packet.



I have followed the documents from the following locations:
http://poptop.sourceforge.net/dox/radius_mysql.html
http://www.frontios.com/freeradius.html



  And heavily edited the standard configurations files, probably.

  Please don't. The standard configuration is there for a reason: it
works.



  modcall[authorize]: module "mschap" returns noop for request 0



  That works, at least.  The server isn't trying to do MS-CHAP.



modcall: entering group Auth-Type for request 0
  rlm_mschap: No MS-CHAP-Challenge in the request



  This only happens if you force MS-CHAP authentication.  Don't.
You've probably added entries in SQL to force "Auth-Type = MS-CHAP".
Don't.

  And the request is unhelpful:



rad_recv: Access-Request packet from host 127.0.0.1:32804, id=83, length=65
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "testuser"
        Calling-Station-Id = "10.10.0.3"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0



  There's no password or MS-CHAP attributes in it.  The request cannot
be authenticated.

    Use the standard FreeRADIUS config files.  They work.  Make pptp
send MS-CHAP attributes.

  Alan DeKok.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





















					Reply via email to