Re: Need Help setting up config
"Randy Perryman" <[EMAIL PROTECTED]> wrote: > How do I setup FreeRadius to authenticat MS-Chap across a Cisco 2620 VPN > using pptp? Upgrade to the latest CVS version. Version 0.3 had problems which made it unable to do MS-CHAP authentication. Then, in the 'users' file, do: DEFAULT Auth-Type := MS-CHAP, ... ... and it should work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More Informaiton: Need Help setting up config:
Title: Message Here is an exert from running radiusd -X. When I configure to except CHAP only, authentication works great. How do I setup to allow MS-CHAP? I see where the failure occurs, but I do not understand the why. Additional information: radiusd: FreeRADIUS Version 0.3, for host i686-pc-linux-gnu, built on Oct 16 2001 at 17:07:19 I compiled this last night with the lastest download. rad_recv: Access-Request packet from host 192.168.1.1:1645, id=46, length=132 NAS-IP-Address = 192.168.1.1 NAS-Port = 2 NAS-Port-Type = Virtual User-Name = "user" MS-CHAP-Challenge = 0x10126adf2c34ff7 MS-CHAP-Response = 0x2c0149adsfasd337dab27336c5883801cb4154eea73912ef Service-Type = Framed-User Framed-Protocol = PPPmodcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "suffix" returns ok users: Matched randyp at 12 modcall[authorize]: module "files" returns okmodcall: group authorize returns ok rad_check_password: Found Auth-Type MS-CHAPauth: No Password or CHAP-Password attribute in the requestauth: Failed to validate the user.Sending Access-Reject of id 46 to 192.168.1.1:1645Finished request 1Going to the next request--- Walking the entire request list ---Waking up in 6 seconds...--- Walking the entire request list ---Cleaning up request 1 ID 46 with timestamp 3bcf3f77 --> Randy
Re: More Informaiton: Need Help setting up config:
"Randy Perryman" <[EMAIL PROTECTED]> wrote: > Here is an exert from running radiusd -X. When I configure to except > CHAP only, authentication works great. How do I setup to allow MS-CHAP? > I see where the failure occurs, but I do not understand the why. Ok... > radiusd: FreeRADIUS Version 0.3, for host i686-pc-linux-gnu, built on > Oct 16 2001 at 17:07:19 > I compiled this last night with the lastest download. You'll need to grab the latest CVS snapshot, it has some fixes which allows MS-CHAP to work better. > modcall: group authorize returns ok > rad_check_password: Found Auth-Type MS-CHAP > auth: No Password or CHAP-Password attribute in the request > auth: Failed to validate the user. And if you look at the list of attribute, there is only MS-CHAP-Challenge, and MS-CHAP-Response. So the 0.3 version of FreeRADIUS won't like it. Grab the latest CVS snapshot. That should work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need Help setting up config
Title: Message I just can't find the answer. How do I setup FreeRadius to authenticat MS-Chap across a Cisco 2620 VPN using pptp? I have setup the router to FreeRadius to authenticate for logging onto the console, but I can't get it to authenticate passwords. thanks --> Randy
