freeradius, problem with chap ?
Fajar A. Nugraha
list at fajar.net
Sun Dec 4 11:57:16 CET 2011
On Sun, Dec 4, 2011 at 5:49 PM, Piotr <piotr.1234 at interia.pl> wrote:
> I changed type of authentication,on cisco asa, to PAP:
> ASA(config)# sh run all | begin tunnel-group l2tp-ipsec ppp-attributes
> tunnel-group l2tp-ipsec ppp-attributes
> authentication pap
> no authentication chap
> no authentication ms-chap-v1
> no authentication ms-chap-v2
> no authentication eap-proxy
> but i don't know why i stil get on FR:
> rad_recv: Access-Request packet from host 10.62.1.1 port 1025, id=85,
> User-Name = "tom3"
> CHAP-Password = 0x01ccbbe398364421101d8b50e4cb59a46e
This is what the NAS send
> FR try to authenticate via CHAP. I don't understand this, i'm little
FR doesn't try to invent something non existent. It simply process
what the NAS sends. Ask your NAS vendor why it's still using CHAP.
More information about the Freeradius-Users