Hi, Iam trying to understand CHALLENGE RESPONSE behaviour. I have tried to use CHAP protocol and issued the following. echo 'User-Name="userX"'; echo 'CHAP-Password="stealme"' | /usr/local/bin/radclient -x 192.168.11.94:1812 auth testing12
It gives me the following error: User-Name="userX" Sending Access-Request of id 184 to 192.168.11.94 port 1812 CHAP-Password = 0xb83e2e295a4a0d3edddbfbb3a37058ff7a rad_recv: Access-Reject packet from host 192.168.11.94:1812, id=184, length=20 The radius server gives the following messages, please help me rad_recv: Access-Request packet from host 192.168.11.94:33116, id=184, length=39 CHAP-Password = 0xb83e2e295a4a0d3edddbfbb3a37058ff7a Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 rlm_chap: Setting 'Auth-Type := CHAP' modcall[authorize]: module "chap" returns ok for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: Proxy reply, or no User-Name. Ignoring. modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry DEFAULT at line 153 modcall[authorize]: module "files" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type CHAP auth: type "CHAP" Processing the authenticate section of radiusd.conf modcall: entering group CHAP for request 0 rlm_chap: Attribute "User-Name" is required for authentication. modcall[authenticate]: module "chap" returns invalid for request 0 modcall: leaving group CHAP (returns invalid) for request 0 auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 184 to 192.168.11.94 port 33116 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 184 with timestamp 4857b5ab Nothing to do. Sleeping until we see a request. Regards, pavan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html