-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>> Thibault Le Meur ha scritto: >>>> >>>> Have you setup ppp to use mschap (require-mschap-v2 option) ? Are >>>> you using the radiusclient library ? >> refuse-pap >> refuse-chap >> require-mschap >> require-mschap-v2 >> require-mppe > > > Ok so that your NAS don't have to send User-Password but a MS-CHAP challenge > instead: that's what I thought. > oooooooooook >> and in the dictonary file: >> $INCLUDE /etc/radiusclient/dictionary.microsoft >> $INCLUDE /etc/radiusclient/dictionary.ascend >> $INCLUDE /etc/radiusclient/dictionary.compat >> $INCLUDE /etc/radiusclient/dictionary.merit >> $INCLUDE /usr/share/freeradius/dictionary > > Don't write "$INCLUDE" but "INCLUDE" without the "$": this is the syntax for > radiusclient. Now.. without "$" > > >> But... whitout declaretion of Default Auth-Type in the users file: >> >> rlm_ldap: user peppeska authorized to use remote access >> rlm_ldap: ldap_release_conn: Release Id: 0 >> modcall[authorize]: module "ldap" returns ok for request 0 >> modcall: leaving group authorize (returns ok) for request 0 >> auth: No authenticate method (Auth-Type) configuration found for the >> request: Rejecting the user >> auth: Failed to validate the user. >> Login incorrect: [peppeska/<no User-Password attribute>] >> (from client localhost port 0) Delaying request 0 for 1 >> seconds Finished request 0 > > Sure, because Auth-Type must be set to MS-CHAP (automatically, don't use > Auth-Type:=): this will be the case if FR receives MS-CHAP challenge. > ooooooooooook the /etc/freeradius/users file now contain: DEFAULT Auth-Type = "MS-CHAP" Fall-Through = yes > But this can work only if radiusclient knows the MS-CHAP Radius attributes, > which is not the case for the momenet (see above the INCLUDE issue). > Well.. I try now... and....(roll of drumps): Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. NOTHING!!!! the freeradius don't recive request (uff) and: debian:~# plog Mar 21 16:13:52 debian pppd[3885]: sent [LCP TermAck id=0x2] Mar 21 16:13:52 debian pppd[3885]: rcvd [LCP TermAck id=0x2] Mar 21 16:13:52 debian pppd[3885]: Connection terminated. Mar 21 16:13:52 debian pppd[3885]: Waiting for 1 child processes... Mar 21 16:13:52 debian pppd[3885]: script /usr/sbin/pppoe -n -I eth1 - -e 2:32:c8:93:a2:15:29 -T 60 -S '', pid 3886 Mar 21 16:13:52 debian pppd[3885]: Script /usr/sbin/pppoe -n -I eth1 -e 2:32:c8:93:a2:15:29 -T 60 -S '' finished (pid 3886), status = 0x1 Mar 21 16:13:52 debian pppd[3885]: Exit. debian:~# MMM damn! why freeradius don't want work with me? P.S. without the Deafult Auth-Type in the users file...it's the same... If I put $INCLUDE instead INCLUDE... work like before... and now? - -- <<<<---------------------------------------------------------->>>> |Giuseppe Moscato aka peppeska - Linux User - no html messages---| |[EMAIL PROTECTED] - http://peppeska.altervista.org------| |Fingerprint = 90DC 05A8 2D65 BC04 BD1B 4C07 C389 434B 3201 319D| <<<<---------------------------------------------------------->>>> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGAU0RkA6hcnFZI/YRAtfvAJ4nxFC9JTgLR1FEJ6E1eyMxP/yXWwCeKDYZ sFZqyoJilQMJxh7wxCHoWyI= =ZmIX -----END PGP SIGNATURE----- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html