hi alan, thanks for your help. i use ubuntu as radius server all configuration file is under /etc/freeradius/*
as client i use winxp wired without certificate. just EAP-MSCHAP v2 as authentication method. in my users file i put one user like this: ############################## linatest Auth-Type = CHAP , Cleartext-Password := "linagora" Service-Type = Framed-User ############################ in my radiusd.conf: ############## modules { files { usersfile = ${confdir}/users acctusersfile = ${confdir}/acct_users preproxy_usersfile = ${confdir}/preproxy_users compat = no } chap { authtype = CHAP } ... } authorize { preprocess chap files } authenticate { Auth-Type CHAP{ chap } } ############## in result of freeradius -X , I got: rad_recv: Access-Request packet from host 192.168.20.253 port 1645, id=118, length=131 User-Name = "linatest" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1A-A1-64-BB-1A" Calling-Station-Id = "00-18-8B-B5-26-B7" EAP-Message = 0x0202000d016c696e6174657374 Message-Authenticator = 0x4e31158d9f8be4943a213e992598bdf6 NAS-Port = 50024 NAS-Port-Type = Ethernet NAS-IP-Address = 192.168.20.253 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop [files] users: Matched entry linatest at line 89 ++[files] returns ok Found Auth-Type = CHAP +- entering group CHAP {...} [chap] rlm_chap: Attribute "CHAP-Password" is required for authentication. ++[chap] returns invalid Failed to authenticate the user. Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 118 to 192.168.20.253 port 1645 Service-Type = Framed-User Waking up in 4.9 seconds. Cleaning up request 0 ID 118 with timestamp +20 Ready to process requests. So my asking help is: how can i authenticate my client? which "CHAP-Password" ? thanks for your help
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html