Here is an exert
from running radiusd -X. When I configure to except CHAP only,
authentication works great. How do I setup to allow MS-CHAP? I see
where the failure occurs, but I do not understand the why.
Additional
information:
radiusd: FreeRADIUS
Version 0.3, for host i686-pc-linux-gnu, built on Oct 16 2001 at
17:07:19
I compiled this last
night with the lastest download.
rad_recv: Access-Request packet from host
192.168.1.1:1645, id=46,
length=132
NAS-IP-Address = 192.168.1.1
NAS-Port = 2
NAS-Port-Type = Virtual
User-Name = "user"
MS-CHAP-Challenge = 0x10126adf2c34ff7
MS-CHAP-Response = 0x2c0100000000000000000000000000000000000000000000000049adsfasd337dab27336c5883801cb4154eea73912ef
Service-Type = Framed-User
Framed-Protocol = PPP
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "suffix" returns ok
users: Matched randyp at 12
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type MS-CHAP
auth: No Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Sending Access-Reject of id 46 to 192.168.1.1:1645
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 46 with timestamp 3bcf3f77
NAS-IP-Address = 192.168.1.1
NAS-Port = 2
NAS-Port-Type = Virtual
User-Name = "user"
MS-CHAP-Challenge = 0x10126adf2c34ff7
MS-CHAP-Response = 0x2c0100000000000000000000000000000000000000000000000049adsfasd337dab27336c5883801cb4154eea73912ef
Service-Type = Framed-User
Framed-Protocol = PPP
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "suffix" returns ok
users: Matched randyp at 12
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type MS-CHAP
auth: No Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Sending Access-Reject of id 46 to 192.168.1.1:1645
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 46 with timestamp 3bcf3f77
--> Randy