Use MS RAS as RADIUS client, FreeRADIUS got no User-Password

Cui Jeffrey jeffreycui at hotmail.com
Mon Dec 11 23:49:44 CET 2006 

Hello everyone, 
I am newbie to FreeRADIUS. Using Windows RAS (VPN server) as RADIUS client, 
but from output, I can see that there is no User-Password field in request 
from RAS at all, I am using rlm_jradius inside freeradius to forward 
username/password to my own authentication program. 
Only found one post about this issue, someone suggested to put mschap in 
conf file, but I am sure it's there already. Do I need to change anything 
on RAS side? I am using freeradius 1.1.2.
Anybody can help me out? 
Thank you in advance 
Jeffrey 


rad_recv: Access-Request packet from host 192.168.2.151:1382, id=8, 
length=289 
       Acct-Session-Id = "108" 
       NAS-IP-Address = 192.168.2.151 
       Service-Type = Framed-User 
       Framed-Protocol = PPP 
       NAS-Port = 129 
       MS-RAS-Vendor = 311 
       MS-RAS-Version = "MSRASV5.20" 
       NAS-Port-Type = Virtual 
       Tunnel-Type:0 = PPTP 
       Tunnel-Medium-Type:0 = IP 
       Calling-Station-Id = "10.11.14.105" 
       Tunnel-Client-Endpoint:0 = "10.11.14.105" 
       Microsoft-Attr-35 = 0x4d5352415356352e3030 
       Microsoft-Attr-34 = 0x4d535241532d312d4a454646324b 
       User-Name = "dvmh00000055 at DVVPN.COM" 
       MS-CHAP-Challenge = 0xe6e76c750472fb5879986d8b8e75df6e 
       MS-CHAP2-Response = 
0x0000f21eb6c0b591297af094964bb6e9417c0000000000000000f990636a5a5237f4c3456225c9c475b07004e32cb758fdf2 


       Message-Authenticator = 0x25fa1bd20b0a0f3fa273ae4fc66eb8d5 
Processing the authorize section of radiusd.conf 
modcall: entering group authorize for request 0 
modcall[authorize]: module "preprocess" returns ok for request 0 
modcall[authorize]: module "chap" returns noop for request 0 
rlm_mschap: Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap' 
modcall[authorize]: module "mschap" returns ok for request 0 
   rlm_realm: Looking up realm "DVVPN.COM" for User-Name = 
"dvmh00000055 at DVVPN.COM" 
   rlm_realm: No such realm "DVVPN.COM" 
modcall[authorize]: module "suffix" returns noop for request 0 
rlm_eap: No EAP-Message, not doing EAP 
modcall[authorize]: module "eap" returns noop for request 0 
   users: Matched entry DEFAULT at line 152 
   users: Matched entry DEFAULT at line 171 
   users: Matched entry DEFAULT at line 183 
modcall[authorize]: module "files" returns ok for request 0 
rlm_jradius: packing attribute Acct-Session-Id (type: 44; len: 3) 
rlm_jradius: packing attribute NAS-IP-Address (type: 4; len: 4) 
rlm_jradius: packing attribute Service-Type (type: 6; len: 4) 
rlm_jradius: packing attribute Framed-Protocol (type: 7; len: 4) 
rlm_jradius: packing attribute NAS-Port (type: 5; len: 4) 
rlm_jradius: packing attribute MS-RAS-Vendor (type: 20381705; len: 4) 
rlm_jradius: packing attribute MS-RAS-Version (type: 20381714; len: 10) 
rlm_jradius: packing attribute NAS-Port-Type (type: 61; len: 4) 
rlm_jradius: packing attribute Tunnel-Type (type: 64; len: 4) 
rlm_jradius: packing attribute Tunnel-Medium-Type (type: 65; len: 4) 
rlm_jradius: packing attribute Calling-Station-Id (type: 31; len: 12) 
rlm_jradius: packing attribute Tunnel-Client-Endpoint (type: 66; len: 12) 
rlm_jradius: packing attribute Microsoft-Attr-35 (type: 20381731; len: 10) 
rlm_jradius: packing attribute Microsoft-Attr-34 (type: 20381730; len: 14) 
rlm_jradius: packing attribute User-Name (type: 1; len: 22) 
rlm_jradius: packing attribute MS-CHAP-Challenge (type: 20381707; len: 16) 
rlm_jradius: packing attribute MS-CHAP2-Response (type: 20381721; len: 50) 
rlm_jradius: packing attribute Message-Authenticator (type: 80; len: 16) 
rlm_jradius: packing attribute Client-IP-Address (type: 1052; len: 4) 
rlm_jradius: packing packet with code: 1 (attr length: 429) 
rlm_jradius: packing attribute Framed-IP-Address (type: 8; len: 4) 
rlm_jradius: packing attribute Framed-MTU (type: 12; len: 4) 
rlm_jradius: packing attribute Service-Type (type: 6; len: 4) 
rlm_jradius: packing attribute Framed-Protocol (type: 7; len: 4) 
rlm_jradius: packing attribute Framed-Compression (type: 13; len: 4) 
rlm_jradius: packing packet with code: 0 (attr length: 80) 
rlm_jradius: packing attribute Auth-Type (type: 1000; len: 4) 
rlm_jradius: packing attribute Service-Type (type: 6; len: 4) 
rlm_jradius: packing attribute Framed-Protocol (type: 7; len: 4) 
rlm_jradius: sending 586 bytes to jradius server 
rlm_jradius: return code 8; receiving 2 packets 
rlm_jradius: reading packet: code=1 len=429 
rlm_jradius: reading attribute: type=44; len=3 
rlm_jradius: reading attribute: type=4; len=4 
rlm_jradius: reading attribute: type=6; len=4 
rlm_jradius: reading attribute: type=7; len=4 
rlm_jradius: reading attribute: type=5; len=4 
rlm_jradius: reading attribute: type=20381705; len=4 
rlm_jradius: reading attribute: type=20381714; len=10 
rlm_jradius: reading attribute: type=61; len=4 
rlm_jradius: reading attribute: type=64; len=4 
rlm_jradius: reading attribute: type=65; len=4 
rlm_jradius: reading attribute: type=31; len=12 
rlm_jradius: reading attribute: type=66; len=12 
rlm_jradius: reading attribute: type=20381731; len=10 
rlm_jradius: received attribute we do not recognize (type: 20381731) 
rlm_jradius: reading attribute: type=20381730; len=14 
rlm_jradius: received attribute we do not recognize (type: 20381730) 
rlm_jradius: reading attribute: type=1; len=22 
rlm_jradius: reading attribute: type=20381707; len=16 
rlm_jradius: reading attribute: type=20381721; len=50 
rlm_jradius: reading attribute: type=80; len=16 
rlm_jradius: reading attribute: type=1052; len=4 
rlm_jradius: reading packet: code=0 len=80 
rlm_jradius: reading attribute: type=8; len=4 
rlm_jradius: reading attribute: type=12; len=4 
rlm_jradius: reading attribute: type=6; len=4 
rlm_jradius: reading attribute: type=7; len=4 
rlm_jradius: reading attribute: type=13; len=4 
rlm_jradius: reading request: config_item: len=48 
rlm_jradius: reading attribute: type=1000; len=4 
rlm_jradius: reading attribute: type=6; len=4 
rlm_jradius: reading attribute: type=7; len=4 
modcall[authorize]: module "jradius" returns updated for request 0 
modcall: leaving group authorize (returns updated) for request 0 
rad_check_password:  Found Auth-Type 
auth: type "MS-CHAP" 
Processing the authenticate section of radiusd.conf 
modcall: entering group MS-CHAP for request 0 
rlm_mschap: No User-Password configured.  Cannot create LM-Password. 
rlm_mschap: No User-Password configured.  Cannot create NT-Password. 
rlm_mschap: Told to do MS-CHAPv2 for dvmh00000055 at DVVPN.COM with 
NT-Password 
rlm_mschap: FAILED: No NT/LM-Password.  Cannot perform authentication. 
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect 
modcall[authenticate]: module "mschap" returns reject for request 0 
modcall: leaving group MS-CHAP (returns reject) for request 0 
auth: Failed to validate the user. 
Login incorrect: [dvmh00000055 at DVVPN.COM/<no User-Password attribute>] 
(from client jeff2003 port 129 cli 10.11.14.105) 
Found Post-Auth-Type 
Processing the post-auth section of radiusd.conf 
modcall: entering group REJECT for request 0 
rlm_jradius: packing attribute Acct-Session-Id (type: 44; len: 3) 
rlm_jradius: packing attribute NAS-IP-Address (type: 4; len: 4) 
rlm_jradius: packing attribute Service-Type (type: 6; len: 4) 
rlm_jradius: packing attribute Framed-Protocol (type: 7; len: 4) 
rlm_jradius: packing attribute NAS-Port (type: 5; len: 4) 
rlm_jradius: packing attribute MS-RAS-Vendor (type: 20381705; len: 4) 
rlm_jradius: packing attribute MS-RAS-Version (type: 20381714; len: 10) 
rlm_jradius: packing attribute NAS-Port-Type (type: 61; len: 4) 
rlm_jradius: packing attribute Tunnel-Type (type: 64; len: 4) 
rlm_jradius: packing attribute Tunnel-Medium-Type (type: 65; len: 4) 
rlm_jradius: packing attribute Calling-Station-Id (type: 31; len: 12) 
rlm_jradius: packing attribute Tunnel-Client-Endpoint (type: 66; len: 12) 
rlm_jradius: packing attribute User-Name (type: 1; len: 22) 
rlm_jradius: packing attribute MS-CHAP-Challenge (type: 20381707; len: 16) 
rlm_jradius: packing attribute MS-CHAP2-Response (type: 20381721; len: 50) 
rlm_jradius: packing attribute Message-Authenticator (type: 80; len: 16) 
rlm_jradius: packing attribute Client-IP-Address (type: 1052; len: 4) 
rlm_jradius: packing packet with code: 1 (attr length: 381) 
rlm_jradius: packing attribute Framed-IP-Address (type: 8; len: 4) 
rlm_jradius: packing attribute Framed-MTU (type: 12; len: 4) 
rlm_jradius: packing attribute Service-Type (type: 6; len: 4) 
rlm_jradius: packing attribute Framed-Protocol (type: 7; len: 4) 
rlm_jradius: packing attribute Framed-Compression (type: 13; len: 4) 
rlm_jradius: packing attribute MS-CHAP-Error (type: 20381698; len: 10) 
rlm_jradius: packing packet with code: 3 (attr length: 102) 
rlm_jradius: packing attribute Auth-Type (type: 1000; len: 4) 
rlm_jradius: packing attribute Service-Type (type: 6; len: 4) 
rlm_jradius: packing attribute Framed-Protocol (type: 7; len: 4) 
rlm_jradius: packing attribute Post-Auth-Type (type: 1014; len: 4) 
rlm_jradius: sending 576 bytes to jradius server 
rlm_jradius: return code 7; receiving 2 packets 
rlm_jradius: reading packet: code=1 len=381 
rlm_jradius: reading attribute: type=44; len=3 
rlm_jradius: reading attribute: type=4; len=4 
rlm_jradius: reading attribute: type=6; len=4 
rlm_jradius: reading attribute: type=7; len=4 
rlm_jradius: reading attribute: type=5; len=4 
rlm_jradius: reading attribute: type=20381705; len=4 
rlm_jradius: reading attribute: type=20381714; len=10 
rlm_jradius: reading attribute: type=61; len=4 
rlm_jradius: reading attribute: type=64; len=4 
rlm_jradius: reading attribute: type=65; len=4 
rlm_jradius: reading attribute: type=31; len=12 
rlm_jradius: reading attribute: type=66; len=12 
rlm_jradius: reading attribute: type=1; len=22 
rlm_jradius: reading attribute: type=20381707; len=16 
rlm_jradius: reading attribute: type=20381721; len=50 
rlm_jradius: reading attribute: type=80; len=16 
rlm_jradius: reading attribute: type=1052; len=4 
rlm_jradius: reading packet: code=3 len=102 
rlm_jradius: reading attribute: type=8; len=4 
rlm_jradius: reading attribute: type=12; len=4 
rlm_jradius: reading attribute: type=6; len=4 
rlm_jradius: reading attribute: type=7; len=4 
rlm_jradius: reading attribute: type=13; len=4 
rlm_jradius: reading attribute: type=20381698; len=10 
rlm_jradius: reading request: config_item: len=64 
rlm_jradius: reading attribute: type=1000; len=4 
rlm_jradius: reading attribute: type=6; len=4 
rlm_jradius: reading attribute: type=7; len=4 
rlm_jradius: reading attribute: type=1014; len=4 
modcall[post-auth]: module "jradius" returns noop for request 0 
modcall: leaving group REJECT (returns noop) for request 0 
Delaying request 0 for 1 seconds 
Finished request 0 
Going to the next request 
--- Walking the entire request list --- 
Waking up in 1 seconds... 
--- Walking the entire request list --- 
Sending Access-Reject of id 8 to 192.168.2.151 port 1382 
Waking up in 3 seconds... 
--- Walking the entire request list --- 
Cleaning up request 0 ID 8 with timestamp 457dbde0 
Nothing to do.  Sleeping until we see a request

_________________________________________________________________
享用世界上最大的电子邮件系统― MSN Hotmail。 http://www.hotmail.com

More information about the Freeradius-Users mailing list