No User-Password or CHAP-Password attribute in the request

omega bk omegabk at gmail.com
Wed Mar 3 11:50:57 CET 2010


hi alan, thanks for your help.

i use ubuntu as radius server
all configuration file is under /etc/freeradius/*

as client i use winxp wired without certificate. just EAP-MSCHAP v2 as
authentication method.

in my users file i put one user like this:
##############################
linatest        Auth-Type = CHAP , Cleartext-Password := "linagora"
                Service-Type = Framed-User
############################

in my radiusd.conf:
##############
modules {
             files {
                          usersfile = ${confdir}/users
                           acctusersfile = ${confdir}/acct_users
                           preproxy_usersfile = ${confdir}/preproxy_users
                          compat = no
               }

                 chap {
                        authtype = CHAP
               }
...

}

authorize {
        preprocess
        chap
        files
}

authenticate {
        Auth-Type CHAP{
                chap
        }
}

##############
in result of freeradius -X , I got:

rad_recv: Access-Request packet from host 192.168.20.253 port 1645, id=118,
length=131
    User-Name = "linatest"
    Service-Type = Framed-User
    Framed-MTU = 1500
    Called-Station-Id = "00-1A-A1-64-BB-1A"
    Calling-Station-Id = "00-18-8B-B5-26-B7"
    EAP-Message = 0x0202000d016c696e6174657374
    Message-Authenticator = 0x4e31158d9f8be4943a213e992598bdf6
    NAS-Port = 50024
    NAS-Port-Type = Ethernet
    NAS-IP-Address = 192.168.20.253
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[files] users: Matched entry linatest at line 89
++[files] returns ok
Found Auth-Type = CHAP
+- entering group CHAP {...}
[chap] rlm_chap: Attribute "CHAP-Password" is required for authentication.
++[chap] returns invalid
Failed to authenticate the user.
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 118 to 192.168.20.253 port 1645
    Service-Type = Framed-User
Waking up in 4.9 seconds.
Cleaning up request 0 ID 118 with timestamp +20
Ready to process requests.


So my asking help is:

how can i authenticate my client?
which "CHAP-Password" ?

thanks for your help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100303/5721817a/attachment.html>


More information about the Freeradius-Users mailing list