AW: trigger an Access Challenge

Ronny Voigt Voigt at bi-web.de
Tue Feb 24 18:14:45 CET 2009


Thanks for reply. But the client that I use, only supports PAP and CHAP requests and neither of them initiates the server to send an Access Challenge. 
That is why I tried to create the challenge with the help of the perl module. Then I realized that freeradius.net unfortunatly doesn't include this module. After spending serveral hours in setting up a linux environment I'm in despair of this perl script. Perhaps somebody can tell me why it doesn't work!?

sub authenticate {
    # For debugging purposes only
    &log_request_attributes;

    if ($RAD_REQUEST{'User-Name'} =~ /^baduser/i) {
        # Reject user and tell him why
        $RAD_REPLY{'Reply-Message'} = "Denied access by rlm_perl function";
        return RLM_MODULE_REJECT;
    } else {
        # send the challenge
        $RAD_REPLY{'State'} = "challenge";
        $RAD_REPLY{'Reply-Message'} = "challenge: ";
        $RAD_CHECK{'Response-Packet-Type'} = "Access-Challenge";
        return RLM_MODULE_HANDLED;
    }
}

If I'm not completely wrong, it's the same that worked for this guy: http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg47425.html

But the server doesn't send the reply to the client (Timeout at clientside)




-----Ursprüngliche Nachricht-----
Von: freeradius-users-bounces+voigt=bi-web.de at lists.freeradius.org [mailto:freeradius-users-bounces+voigt=bi-web.de at lists.freeradius.org] Im Auftrag von tnt at kalik.net
Gesendet: Dienstag, 24. Februar 2009 00:07
An: FreeRadius users mailing list
Betreff: Re: trigger an Access Challenge

>I want to test a radius client with the freeradius server. Access
>Requests and Replies works fine, but although I searched this mailing
>list and several websites I still have no idea how to trigger an Access
>Challenge. It would be very nice, if somebody could tell me how I have
>to configure freeradius, so that it sends an access challenge to my
>client. 
>

Send a request for an authentication protocol that requires multiple
server-client exchanges (like EAP). If server needs more information
from the client it will respond with the challenge.

Ivan Kalik
Kalik Informatika ISP

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list