Re: MSCHAP vs MSCHAPv2 for VPN
At 03:43 PM 10/13/2010, Alan DeKok wrote: > Wed Oct 13 14:50:57 2010 : Debug: Exec-Program output: NT_KEY: > DDE9BB9EA12ED17BE5F358CB53EE6A8F Change the version of Samba that you're using. 3.5.5 contains a fix which addresses this issue. Thanks Alan. That server is running samba3x-3.3.8-0.52.el5_5.2 , so that's quite useful! What's interesting is that I have found a server running samba3x-3.3.8-0.52.el5_5 (separate installation, same config files, also VPN <> sonicwall) which is not exhibiting this issue. Regardless, I'll go see about finding the new samba. Rick Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MSCHAP vs MSCHAPv2 for VPN
freerad...@corwyn.net wrote: > > > Using freeradius 2.1.8, I have a sonicwall firewall that authenticates > VPN users against the freeradius server. The VPN clients are the native > MSFT VPN client. > > When the client is configured for L2TP, MS-CHAP, the client connects. > When the client is configured for L2TP MSChapv2, the client fails to > connect with an error "It was not possible to verify the identity of the > server" >... > Wed Oct 13 14:50:57 2010 : Debug: Exec-Program output: NT_KEY: > DDE9BB9EA12ED17BE5F358CB53EE6A8F Change the version of Samba that you're using. 3.5.5 contains a fix which addresses this issue. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
