Hey guys, i force in WIndows Client to use only mschap2, but the problem continue:
- Module: Instantiated radutmp (radutmp) Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. rad_recv: Access-Request packet from host 150.162.67.254:32858, id=109, length=53 Service-Type = Framed-User Framed-Protocol = PPP User-Name = "douglas" NAS-IP-Address = 1.1.1.1 NAS-Port = 0 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "douglas", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 modcall: leaving group authorize (returns ok) for request 0 auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Login incorrect: [douglas] (from client access-vpn port 0) Delaying request 0 for 1 seconds Finished request 0 Going to the next request -- In PPTP debug show: -- Nov 27 11:35:39 epiderme pptpd[12253]: MGR: Launching /usr/sbin/pptpctrl to handle client Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: local address = 150.162.67.200 Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: remote address = 150.162.67.201 Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: pppd options file = /etc/ppp/pptpd-options Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Client 150.162.67.54 control connection started Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Received PPTP Control Message (type: 1) Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Made a START CTRL CONN RPLY packet Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: I wrote 156 bytes to the client. Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Sent packet to client Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Received PPTP Control Message (type: 7) Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Set parameters to 100000000 maxbps, 64 window size Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Made a OUT CALL RPLY packet Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Starting call (launching pppd, opening GRE) Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: pty_fd = 6 Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: tty_fd = 7 Nov 27 11:35:39 epiderme pptpd[12254]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd Nov 27 11:35:39 epiderme pptpd[12254]: CTRL (PPPD Launcher): local address = 150.162.67.200 Nov 27 11:35:39 epiderme pptpd[12254]: CTRL (PPPD Launcher): remote address = 150.162.67.201 Nov 27 11:35:39 epiderme pppd[12254]: Plugin radius.so loaded. Nov 27 11:35:39 epiderme pppd[12254]: RADIUS plugin initialized. Nov 27 11:35:39 epiderme pppd[12254]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded. Nov 27 11:35:39 epiderme pppd[12254]: pptpd-logwtmp: $Version$ Nov 27 11:35:39 epiderme pppd[12254]: pppd 2.4.4 started by root, uid 0 Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: I wrote 32 bytes to the client. Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Sent packet to client Nov 27 11:35:39 epiderme pppd[12254]: using channel 291 Nov 27 11:35:39 epiderme pppd[12254]: Using interface ppp0 Nov 27 11:35:39 epiderme pppd[12254]: Connect: ppp0 <--> /dev/pts/1 Nov 27 11:35:39 epiderme pppd[12254]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x7ba9ed09> <pcomp> <accomp>] Nov 27 11:35:39 epiderme pptpd[12253]: GRE: Bad checksum from pppd. Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Received PPTP Control Message (type: 15) Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Got a SET LINK INFO packet with standard ACCMs Nov 27 11:35:39 epiderme pptpd[12253]: GRE: accepting packet #0 Nov 27 11:35:39 epiderme pptpd[12253]: GRE: accepting packet #1 Nov 27 11:35:39 epiderme pppd[12254]: rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x2f814697> <pcomp> <accomp> <callback CBCP>] Nov 27 11:35:39 epiderme pppd[12254]: sent [LCP ConfRej id=0x0 <callback CBCP>] Nov 27 11:35:39 epiderme pppd[12254]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x7ba9ed09> <pcomp> <accomp>] Nov 27 11:35:39 epiderme pptpd[12253]: GRE: accepting packet #2 Nov 27 11:35:39 epiderme pppd[12254]: rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x2f814697> <pcomp> <accomp>] Nov 27 11:35:39 epiderme pppd[12254]: sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x2f814697> <pcomp> <accomp>] Nov 27 11:35:39 epiderme pppd[12254]: sent [LCP EchoReq id=0x0 magic=0x7ba9ed09] Nov 27 11:35:39 epiderme pppd[12254]: sent [CHAP Challenge id=0xed <f0334ca2b790e04dd584cd16234b2d12>, name = "pptpd"] Nov 27 11:35:39 epiderme pptpd[12253]: GRE: accepting packet #3 Nov 27 11:35:39 epiderme pptpd[12253]: GRE: accepting packet #4 Nov 27 11:35:39 epiderme pptpd[12253]: GRE: accepting packet #5 Nov 27 11:35:39 epiderme pppd[12254]: rcvd [LCP Ident id=0x2 magic=0x2f814697 "MSRASV5.10"] Nov 27 11:35:39 epiderme pppd[12254]: rcvd [LCP Ident id=0x3 magic=0x2f814697 "MSRAS-0-MOLAR"] Nov 27 11:35:39 epiderme pppd[12254]: rcvd [LCP Ident id=0x2 magic=0x2f814697 "MSRASV5.10"] Nov 27 11:35:39 epiderme pppd[12254]: rcvd [LCP Ident id=0x3 magic=0x2f814697 "MSRAS-0-MOLAR"] Nov 27 11:35:39 epiderme pppd[12254]: rcvd [LCP EchoRep id=0x0 magic=0x2f814697] Nov 27 11:35:39 epiderme pptpd[12253]: GRE: accepting packet #6 Nov 27 11:35:39 epiderme pppd[12254]: rcvd [CHAP Response id=0xed <4231ee0d3b4c2d2ae9cfb13528b2449a0000000000000000a70bfbedcf96842050bbf5c9ebcb329e326d29c3190e5d1a00>, name = "douglas"] Nov 27 11:35:39 epiderme pppd[12254]: rc_avpair_new: unknown attribute 11 Nov 27 11:35:39 epiderme pppd[12254]: rc_avpair_new: unknown attribute 25 Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Received PPTP Control Message (type: 15) Nov 27 11:35:39 epiderme pptpd[12253]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Nov 27 11:35:41 epiderme pptpd[12253]: GRE: accepting packet #7 Nov 27 11:35:41 epiderme pppd[12254]: Peer douglas failed CHAP authentication Nov 27 11:35:41 epiderme pppd[12254]: sent [CHAP Failure id=0xed ""] Nov 27 11:35:41 epiderme pppd[12254]: sent [LCP TermReq id=0x2 "Authentication failed"] Nov 27 11:35:41 epiderme pppd[12254]: rcvd [CHAP Response id=0xed <4231ee0d3b4c2d2ae9cfb13528b2449a0000000000000000a70bfbedcf96842050bbf5c9ebcb329e326d29c3190e5d1a00>, name = "douglas"] Nov 27 11:35:41 epiderme pppd[12254]: Discarded non-LCP packet when LCP not open Nov 27 11:35:41 epiderme pptpd[12253]: CTRL: Received PPTP Control Message (type: 15) Nov 27 11:35:41 epiderme pptpd[12253]: CTRL: Got a SET LINK INFO packet with standard ACCMs Nov 27 11:35:41 epiderme pptpd[12253]: GRE: accepting packet #8 Nov 27 11:35:41 epiderme pppd[12254]: rcvd [LCP TermAck id=0x2 "Authentication failed"] Nov 27 11:35:41 epiderme pppd[12254]: Connection terminated. Nov 27 11:35:41 epiderme pptpd[12253]: CTRL: Received PPTP Control Message (type: 12) Nov 27 11:35:41 epiderme pptpd[12253]: CTRL: Made a CALL DISCONNECT RPLY packet Nov 27 11:35:41 epiderme pptpd[12253]: CTRL: Received CALL CLR request (closing call) Nov 27 11:35:41 epiderme pptpd[12253]: CTRL: Reaping child PPP[12254] Nov 27 11:35:41 epiderme pppd[12254]: Exit. Nov 27 11:35:41 epiderme pptpd[12253]: CTRL: Client 150.162.67.54 control connection finished Nov 27 11:35:41 epiderme pptpd[12253]: CTRL: Exiting now Nov 27 11:35:41 epiderme pptpd[11948]: MGR: Reaped child 12253 -- My pptp-options: -- epiderme:/etc/ppp# cat pptpd-options lock debug name pptpd proxyarp asyncmap 0 -chap -mschap +mschap-v2 require-mppe lcp-echo-failure 30 lcp-echo-interval 5 ipcp-accept-local ipcp-accept-remote plugin radius.so radius-config-file /etc/radiusclient/radiusclient.conf -- Anyone can help me? Please ... Thanks in advanced, Douglas On Wed, Nov 26, 2008 at 7:34 PM, <[EMAIL PROTECTED]> wrote: > >if I try mschapv2 in Windons client: > > > >-- > >rad_recv: Access-Request packet from host 150.162.67.254:32839, id=46, > >length=52 > > Service-Type = Framed-User > > Framed-Protocol = PPP > > User-Name = "nobody" > > NAS-IP-Address = 1.1.1.1 > > NAS-Port = 0 > > This is not an mschap request. > > > http://wiki.freeradius.org/index.php/FreeRADIUS_Wiki:FAQ#How_do_I_make_Windows_XP_clients_use_only_PAP_.28Not_CHAP.29 > > In your case, leave only mschapv2. That will force Windows to use it (if > mschapv2 is not enabled on the pptp server connection will fail without > authentication). > > Ivan Kalik > Kalik Informatika ISP > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > -- Douglas Macedo [EMAIL PROTECTED] -- Avalia-se a inteligência de um indivíduo pela quantidade de incertezas que ele é capaz de suportar. (Immanuel Kant)
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html