----- Original Nachricht ---- Von: Stefan Winter <[EMAIL PROTECTED]> An: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Datum: 04.05.2006 13:20 Betreff: Re: ntlm_auth is not used by mschap
> Hi, > > you didn't state what problem you have right now. The logs send an Accept at > > the end, so everything looks very fine. > Was your mail just to let the world know that things work now, or do you > have > a question? > Hi, Oh sorry, my Question is, that the Authenticator, a Cisco Catalyst 3750, do not map my XP-Client into the VLAN 40 as i defined it in the users file: roka Auth-Type := MS-CHAP Tunnel-Type = VLAN, Tunnel-Medium-Type = 6, Tunnel-Private-Group-ID = 40 When the XP-Client will be authenticated via MS-CHAP, the Cisco Catalyst map my Client in VLAN 1, the default-VLAN, and NOT in VLAN 40. When i authenticate with Auth-Type := Local roka Auth-Type := Local, User-Password = "Gerti1000" Tunnel-Type = VLAN, Tunnel-Medium-Type = 6, Tunnel-Private-Group-ID = 40 it works, as you can see the output from radtest: Debian:~# radtest roka Gerti1000 localhost 1645 testing123 Sending Access-Request of id 0 to 127.0.0.1 port 1812 User-Name = "roka" User-Password = "Gerti1000" NAS-IP-Address = 255.255.255.255 NAS-Port = 1645 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=0, length=36 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "40" Here is the output from the radiusd: rad_recv: Access-Request packet from host 127.0.0.1:1024, id=72, length=56 User-Name = "roka" User-Password = "Gerti1000" NAS-IP-Address = 255.255.255.255 NAS-Port = 1645 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 13 modcall[authorize]: module "preprocess" returns ok for request 13 modcall[authorize]: module "chap" returns noop for request 13 modcall[authorize]: module "mschap" returns noop for request 13 rlm_realm: No '@' in User-Name = "roka", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 13 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 13 users: Matched entry roka at line 82 modcall[authorize]: module "files" returns ok for request 13 modcall: leaving group authorize (returns ok) for request 13 rad_check_password: Found Auth-Type Local auth: type Local auth: user supplied User-Password matches local User-Password Login OK: [roka/Gerti1000] (from client localhost port 1645) Sending Access-Accept of id 72 to 127.0.0.1 port 1024 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "40" Finished request 13 Going to the next request Thanks in advance... Robert Viel oder wenig? Schnell oder langsam? Unbegrenzt surfen + telefonieren ohne Zeit- und Volumenbegrenzung? DAS TOP ANGEBOT JETZT bei Arcor: günstig und schnell mit DSL - das All-Inclusive-Paket für clevere Doppel-Sparer, nur 44,85 inkl. DSL- und ISDN-Grundgebühr! http://www.arcor.de/rd/emf-dsl-2 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html