from:"Tekán Dávid"

MSCHAPv2 use_tunneling_reply problem

2013-10-11 Thread Tekán Dávid

Hi all!

I have a problem with users using the anonymous identity field during
connecting.
It turned out that for privacy reasons it is hidden outside of the
tunnel. I found that by setting use_tunneling_reply to yes i can
transfer the inner username outside of the tunnel, and the correct
(not anonymous) username will appear in the accounting records. I've
uncommented even the update outer.reply... part in the
sites-enabled/inner-tunnel file. Unfortunatelly it does not work.
Is there anything else, what i need to do to get it work? I use
coovachilli for nas.

Thanks for you help, all the best

Dávid
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

MSCHAPv2 authentication failure

2013-07-23 Thread Tekán Dávid

Hi All!

I'm trying to set up a radius server to guide our users network usage.
We have wifi as well, so i want to expand it to the wifi as well
(using WPA2 Enterprise). To autenticate users connecting the network
by ethernet cable, i use the latest coovachilli.
I've set up radius and coovachilli on an arch linux successfully,
except this wifi thing.
Don't want to store cleartext password, so i created for every user an
NT-Password as well beyond the MD5-Password, and it appears in the sql
database as well (also checked the queries when it queries the
rad_check table, it's there in the response as well).
Even so i can not authenticate through the wifi. I get the following
error message:

[mschapv2] +- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured.  Cannot create LM-Password.
[mschap] No Cleartext-Password configured.  Cannot create NT-Password.
[mschap] Creating challenge hash with username: tekan
[mschap] Client is using MS-CHAPv2 for tekan, we need NT-Password
[mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect

(where tekan is my username)

Thanks for all the help.

David

Here is the debug output:

FreeRADIUS Version 2.2.0, for host i686-pc-linux-gnu, built on May 29
2013 at 13:37:32
Copyright (C) 1999-2012 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/proxy.conf
including configuration file /etc/raddb/clients.conf
including files in directory /etc/raddb/modules/
including configuration file /etc/raddb/modules/rediswho
including configuration file /etc/raddb/modules/always
including configuration file /etc/raddb/modules/soh
including configuration file /etc/raddb/modules/unix
including configuration file /etc/raddb/modules/realm
including configuration file /etc/raddb/modules/expiration
including configuration file /etc/raddb/modules/chap
including configuration file /etc/raddb/modules/policy
including configuration file /etc/raddb/modules/mac2vlan
including configuration file /etc/raddb/modules/logintime
including configuration file /etc/raddb/modules/files
including configuration file /etc/raddb/modules/etc_group
including configuration file /etc/raddb/modules/cache
including configuration file /etc/raddb/modules/pam
including configuration file /etc/raddb/modules/echo
including configuration file /etc/raddb/modules/ldap
including configuration file /etc/raddb/modules/attr_rewrite
including configuration file /etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /etc/raddb/modules/digest
including configuration file /etc/raddb/modules/radrelay
including configuration file /etc/raddb/modules/ntlm_auth
including configuration file /etc/raddb/modules/detail.example.com
including configuration file /etc/raddb/modules/cui
including configuration file /etc/raddb/modules/attr_filter
including configuration file /etc/raddb/modules/wimax
including configuration file /etc/raddb/modules/sql_log
including configuration file /etc/raddb/modules/expr
including configuration file /etc/raddb/modules/linelog
including configuration file /etc/raddb/modules/passwd
including configuration file /etc/raddb/modules/counter
including configuration file /etc/raddb/modules/ippool
including configuration file /etc/raddb/modules/replicate
including configuration file /etc/raddb/modules/otp
including configuration file /etc/raddb/modules/perl
including configuration file /etc/raddb/modules/detail.log
including configuration file /etc/raddb/modules/acct_unique
including configuration file /etc/raddb/modules/krb5
including configuration file /etc/raddb/modules/exec
including configuration file /etc/raddb/modules/radutmp
including configuration file /etc/raddb/modules/opendirectory
including configuration file /etc/raddb/modules/dhcp_sqlippool
including configuration file /etc/raddb/sql/mysql/ippool-dhcp.conf
including configuration file /etc/raddb/modules/mac2ip
including configuration file /etc/raddb/modules/mschap
including configuration file /etc/raddb/modules/sradutmp
including configuration file /etc/raddb/modules/pap
including configuration file /etc/raddb/modules/detail
including configuration file /etc/raddb/modules/smsotp
including configuration file /etc/raddb/modules/checkval
including configuration file /etc/raddb/modules/inner-eap
including configuration file /etc/raddb/modules/redis
including configuration file /etc/raddb/modules/dynamic_clients
including configuration file /etc/raddb/modules/smbpasswd
including configuration file /etc/raddb/modules/preprocess
including configuration file /etc/raddb/eap.conf
including configuration file /etc/raddb/sql.conf
including configuration file

MSCHAPv2 use_tunneling_reply problem

MSCHAPv2 authentication failure

2 matches

Site Navigation

Mail list logo

Footer information