Hi all
We have a strange propmlem with our RADIUS Server.
I'm not the RADIUS expert and take over this Server and configuration...
:-(
From time to time the users are not able to login, sometime it works and
sometime it works only from 1 or 2 accesspopints (we have 10
accesspoints).
Ok, I solved the problem. The PEAP of freeRadius 1.0.1 on solaris cannot work correctly.
after I upgraded the server to 1.0.5, it is working.
Jie
On 12/14/05, Jie Yang [EMAIL PROTECTED] wrote:
Hi,
I removed @domain, but still the same error.
I also run an AEGIS v.2.0.5 (a very old version
Jie Yang wrote:
Hi, All,
When I tried to develop PEAP at client side, i found I am always rejected by
the server. The following is the log. what might be wrong?
You almost certainly need to strip the @domain off the username before
mschap sees it - the username is used in calculating the
Hi,
I removed @domain, but still the same error.
I also run an AEGIS v.2.0.5 (a very old version though) with same supplicant configuration, which also gave me the same error. It seems to me there might be something wrong at the server side. But I don't know where. my freeradius version is
Hi, All,
When I tried todevelop PEAP at client side, i found I am always rejected by the server. The following is the log. what might be wrong?
my server config? thanks,
Jie
Tue Dec 13 19:17:04 2005 : Debug: users: Matched [EMAIL PROTECTED].com at 53
Tue Dec 13 19:17:04 2005 : Debug:
have you tried a non
mschapv2 authentication? try a basic authentication with NTradping to make
sure
The password is read
correctly when you are not doing mschapv2.
I think you set the password
incorrectly in the users file.
Ron.
http://www.positive-logic.net
and results in the rlm_mschap:
FAILED: MS-CHAP2-Response is incorrect
message. However, a pairfind function call in rlm_mschap
does return a VALUE_PAIR of PW_Password type with my password, which is
configured in the users file as well as on the XP SP2 supplicant.
I am not sure if this this VALUE_PAIR
Title: rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
Continuing my quest to integrate freeradius with Active Directory here goes another problem!
Did anyone already had this problem?
rlm_ldap: - authorize
rlm_ldap: performing user authorization for hugo.sousa
radius_xlat
: No User-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for hugo.sousa with NT-Password
rlm_mschap: FAILED: No NT/LM-Password. Cannot perform
authentication.
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
modcall[authenticate]: module mschap returns
.
rlm_mschap: No User-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for hugo.sousa with NT-Password
rlm_mschap: FAILED: No NT/LM-Password. Cannot perform
authentication.
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
modcall[authenticate
Hugo Sousa [EMAIL PROTECTED] wrote:
Are you talking about this:
#ntlm_auth = /path/to/ntlm_auth --request-nt-key
--username=%{Stripped-User-Name:-%{User-Name:-None}}
--challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}
Yes.
There is no other way to perform
: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: sexta-feira, 10 de Setembro de 2004 19:10
To: [EMAIL PROTECTED]
Subject: Re: rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
Hugo Sousa [EMAIL PROTECTED] wrote:
Are you talking about this:
#ntlm_auth = /path
Hugo Sousa [EMAIL PROTECTED] wrote:
But if the domain controller uses LDAP, why do we have to use LDAP and after
that ntlm_auth ???
Because Active Directory isn't LDAP in the same way that other LDAP
servers are LDAP.
You can't get NT-Passwords from AD, you can get it from other LDAP
DeKok
Sent: sexta-feira, 10 de Setembro de 2004 19:21
To: [EMAIL PROTECTED]
Subject: Re: rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
Hugo Sousa [EMAIL PROTECTED] wrote:
But if the domain controller uses LDAP, why do we have to use LDAP and
after that ntlm_auth ???
Because Active
Hugo Sousa [EMAIL PROTECTED] wrote:
Does that mean that I don't need to use the LDAP modules on FreeRadius and
use only the ntlm_auth? Is is enough?
That depends on what you're trying to do.
If you're not storing user information in LDAP, you don't need to
run LDAP.
Alan DeKok.
-
: sexta-feira, 10 de Setembro de 2004 19:51
To: [EMAIL PROTECTED]
Subject: Re: rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
Hugo Sousa [EMAIL PROTECTED] wrote:
Does that mean that I don't need to use the LDAP modules on FreeRadius
and use only the ntlm_auth? Is is enough?
That depends
://www.netsystems.pt
Portugal
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: sexta-feira, 10 de Setembro de 2004 19:51
To: [EMAIL PROTECTED]
Subject: Re: rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
Hugo Sousa [EMAIL PROTECTED] wrote
17 matches
Mail list logo