I've change it to /usr/bin/ntlm_auth ( found from locate ntlm )<br>but still same error.<br>What I must add to users file to test my radius from radtest or vpn client?<br><br>sorry for bothering I'm too newbie.<br>
<br><div><span class="gmail_quote">On 10/16/07, <b class="gmail_sendername"><a href="mailto:tnt@kalik.co.yu">tnt@kalik.co.yu</a></b> <<a href="mailto:tnt@kalik.co.yu">tnt@kalik.co.yu</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Well path to ntlm_auth obviously isn't /path/to/ntlm_auth.<br><br>Ivan Kalik<br>Kalik Informatika ISP<br><br><br>Dana 16/10/2007, "hadi golestani" <<a href="mailto:hadi.golestani@gmail.com">hadi.golestani@gmail.com
</a>> piše:<br><br>>hi,<br>>I've installed poptop and freeradius well and both are working,<br>>but when I try to connect from a vpn connection or even radtest some error<br>>occured.<br>>what I need to add to
users.conf for a simple radtest connection or a vpn<br>>client?<br>><br>>it's the output of debug mode for vpn client, some thing like this has been<br>>printed for radtest also:<br>><br>><br>>rad_recv: Access-Request packet from host
<a href="http://127.0.0.1:32770">127.0.0.1:32770</a>, id=30, length=132<br>><br>> Service-Type = Framed-User<br>> Framed-Protocol = PPP<br>> User-Name = "root"<br>> MS-CHAP-Challenge = 0x4d1a9b1028ef83957754c83ce0f55e01
<br>> MS-CHAP2-Response =<br>>0x9e000d1394f73d58cc731cd6cf58de7cb74f00000000000000008c6daec89825fb28b90bb60b737fb683a4a80f6252935547<br>><br>> NAS-IP-Address = <a href="http://127.0.0.1">127.0.0.1
</a><br>> NAS-Port = 0<br>> Processing the authorize section of radiusd.conf<br>>modcall: entering group authorize for request 11<br>> modcall[authorize]: module "preprocess" returns ok for request 11
<br>> modcall[authorize]: module "chap" returns noop for request 11<br>> rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap'<br>> modcall[authorize]: module "mschap" returns ok for request 11
<br>> rlm_realm: No '@' in User-Name = "root", looking up realm NULL<br>> rlm_realm: No such realm "NULL"<br>> modcall[authorize]: module "suffix" returns noop for request 11
<br>> rlm_eap: No EAP-Message, not doing EAP<br>> modcall[authorize]: module "eap" returns noop for request 11<br>> users: Matched entry DEFAULT at line 152<br>> users: Matched entry DEFAULT at line 171
<br>> users: Matched entry DEFAULT at line 183<br>> modcall[authorize]: module "files" returns ok for request 11<br>>modcall: leaving group authorize (returns ok) for request 11<br>> rad_check_password: Found Auth-Type MS-CHAP
<br>>auth: type "MS-CHAP"<br>> Processing the authenticate section of radiusd.conf<br>>modcall: entering group MS-CHAP for request 11<br>> rlm_mschap: No User-Password configured. Cannot create LM-Password.
<br>> rlm_mschap: No User-Password configured. Cannot create NT-Password.<br>> rlm_mschap: Told to do MS-CHAPv2 for root with NT-Password<br>>radius_xlat: Running registered xlat function of module mschap for string
<br>>'Challenge'<br>> mschap2: 4d<br>>radius_xlat: Running registered xlat function of module mschap for string<br>>'NT-Response'<br>>radius_xlat: '/path/to/ntlm_auth --request-nt-key --username=root
<br>>--challenge=f1090a99b916ef69<br>>--nt-response=8c6daec89825fb28b90bb60b737fb683a4a80f6252935547'<br>>Exec-Program: /path/to/ntlm_auth --request-nt-key --username=root<br>>--challenge=f1090a99b916ef69<br>
>--nt-response=8c6daec89825fb28b90bb60b737fb683a4a80f6252935547<br>>Exec-Program output: Exec-Program: FAILED to execute /path/to/ntlm_auth: No<br>>such file or directory<br>>Exec-Program-Wait: plaintext: Exec-Program: FAILED to execute
<br>>/path/to/ntlm_auth: No such file or directory<br>>Exec-Program: returned: 1<br>> rlm_mschap: External script failed.<br>> rlm_mschap: FAILED: MS-CHAP2-Response is incorrect<br>> modcall[authenticate]: module "mschap" returns reject for request 11
<br>>modcall: leaving group MS-CHAP (returns reject) for request 11<br>>auth: Failed to validate the user.<br>>Delaying request 11 for 1 seconds<br>>Finished request 11<br>>Going to the next request<br>>--- Walking the entire request list ---
<br>>Waking up in 1 seconds...<br>>--- Walking the entire request list ---<br>>Waking up in 1 seconds...<br>>--- Walking the entire request list ---<br>>Sending Access-Reject of id 30 to <a href="http://127.0.0.1">
127.0.0.1</a> port 32770<br>>Waking up in 4 seconds...<br>>--- Walking the entire request list ---<br>>Cleaning up request 11 ID 30 with timestamp 47152198<br>>Nothing to do. Sleeping until we see a request.<br>
><br>><br><br>-<br>List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a><br></blockquote></div><br>