<span class="gmail_quote"></span>I've add that line and comment ntlm line but still some error( tnx god it's not the same error)<br><br>my radtest syntax:<br>radtest root rootpassword localhost.localdomain 1645 testing123
<br><br><span style="font-weight: bold;">
modcall[authorize]: module "files" returns ok for request 4</span><br style="font-weight: bold;"><span style="font-weight: bold;">rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this.
</span><br style="font-weight: bold;"><span style="font-weight: bold;"> modcall[authorize]: module "pap" returns noop for request 4</span><br style="font-weight: bold;"><span style="font-weight: bold;">modcall: leaving group authorize (returns ok) for request 4
</span><br style="font-weight: bold;"><span style="font-weight: bold;"> rad_check_password: Found Auth-Type System</span><br style="font-weight: bold;"><span style="font-weight: bold;">auth: type "System"</span>
<span class="q"><br style="font-weight: bold;"><span style="font-weight: bold;"> Processing the authenticate section of radiusd.conf</span><br style="font-weight: bold;"></span><span style="font-weight: bold;">modcall: entering group authenticate for request 4
</span><br style="font-weight: bold;"><span style="font-weight: bold;">rlm_unix: [root]: <span style="color: rgb(255, 0, 0);">invalid password</span></span><br style="font-weight: bold;"><br><br><font size="4"><span style="font-weight: bold;">
i've attached radius.conf and users and output of debug mode for both radtest and vpn client.</span></font><div><span class="e" id="q_115ac963a1714755_3"><br><br><div><span class="gmail_quote"><br><br>On 10/16/07, <b class="gmail_sendername">
<a href="mailto:tnt@kalik.co.yu" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
tnt@kalik.co.yu</a></b> <<a href="mailto:tnt@kalik.co.yu" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">tnt@kalik.co.yu</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
You have obviously done some work on breaking the server configuration.<br>Put mschap{} section back the way it was (with ntlm_auth line commented<br>out). You don't need *any* changes to the default configuration if you
<br>are using users file. Put this in users file:<br><br>root Clertext-Password := "rootpassword"<br><br>Radtest will work and so will mschap (VPN).<br><br>Ivan Kalik<br>Kalik Informatika ISP<br><br><br>Dana 16/10/2007, "hadi golestani" <
<a href="mailto:hadi.golestani@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">hadi.golestani@gmail.com</a>> piše:<br><br>>I've change it to /usr/bin/ntlm_auth ( found from locate ntlm )
<br>>but still same error.<br>>What I must add to users file to test my radius from radtest or vpn client?
<br>><br>>sorry for bothering I'm too newbie.<br>><br>>On 10/16/07, <a href="mailto:tnt@kalik.co.yu" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">tnt@kalik.co.yu</a> <<a href="mailto:tnt@kalik.co.yu" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
tnt@kalik.co.yu</a>> wrote:<br>>><br>>> Well path to ntlm_auth obviously isn't /path/to/ntlm_auth.
<br>>><br>>> Ivan Kalik<br>>> Kalik Informatika ISP<br>>><br>>><br>>> Dana 16/10/2007, "hadi golestani" <<a href="mailto:hadi.golestani@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
hadi.golestani@gmail.com</a>
> pi�e:<br>>><br>>> >hi,<br>>> >I've installed poptop and freeradius well and both are working,<br>>> >but when I try to connect from a vpn connection or even radtest some
<br>>> error<br>>> >occured.<br>>> >what I need to add to users.conf for a simple radtest connection or a vpn<br>>> >client?<br>>> ><br>>> >it's the output of debug mode for vpn client, some thing like this has
<br>>> been<br>>> >printed for radtest also:<br>>> ><br>>> ><br>>> >rad_recv: Access-Request packet from host <a href="http://127.0.0.1:32770" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
127.0.0.1:32770</a>, id=30,<br>>> length=132
<br>>> ><br>>> > Service-Type = Framed-User<br>>> > Framed-Protocol = PPP<br>>> > User-Name = "root"<br>>> > MS-CHAP-Challenge = 0x4d1a9b1028ef83957754c83ce0f55e01
<br>>> > MS-CHAP2-Response =<br>>><br>>> >0x9e000d1394f73d58cc731cd6cf58de7cb74f00000000000000008c6daec89825fb28b90bb60b737fb683a4a80f6252935547<br>>> ><br>>> > NAS-IP-Address =
<a href="http://127.0.0.1" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">127.0.0.1</a><br>>> > NAS-Port = 0<br>>> > Processing the authorize section of radiusd.conf<br>>> >modcall: entering group authorize for request 11
<br>>> > modcall[authorize]: module "preprocess" returns ok for request 11
<br>>> > modcall[authorize]: module "chap" returns noop for request 11<br>>> > rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap'<br>>> > modcall[authorize]: module "mschap" returns ok for request 11
<br>>> > rlm_realm: No '@' in User-Name = "root", looking up realm NULL<br>>> > rlm_realm: No such realm "NULL"<br>>> > modcall[authorize]: module "suffix" returns noop for request 11
<br>>> > rlm_eap: No EAP-Message, not doing EAP<br>>> > modcall[authorize]: module "eap" returns noop for request 11<br>>> > users: Matched entry DEFAULT at line 152<br>>> > users: Matched entry DEFAULT at line 171
<br>>> > users: Matched entry DEFAULT at line 183<br>>> > modcall[authorize]: module "files" returns ok for request 11<br>>> >modcall: leaving group authorize (returns ok) for request 11
<br>>> > rad_check_password: Found Auth-Type MS-CHAP<br>>> >auth: type "MS-CHAP"<br>>> > Processing the authenticate section of radiusd.conf<br>>> >modcall: entering group MS-CHAP for request 11
<br>>> > rlm_mschap: No User-Password configured. Cannot create LM-Password.<br>>> > rlm_mschap: No User-Password configured. Cannot create NT-Password.<br>>> > rlm_mschap: Told to do MS-CHAPv2 for root with NT-Password
<br>>> >radius_xlat: Running registered xlat function of module mschap for string<br>>> >'Challenge'<br>>> > mschap2: 4d<br>>> >radius_xlat: Running registered xlat function of module mschap for string
<br>>> >'NT-Response'<br>>> >radius_xlat: '/path/to/ntlm_auth --request-nt-key --username=root<br>>> >--challenge=f1090a99b916ef69<br>>> >--nt-response=8c6daec89825fb28b90bb60b737fb683a4a80f6252935547'
<br>>> >Exec-Program: /path/to/ntlm_auth --request-nt-key --username=root<br>>> >--challenge=f1090a99b916ef69<br>>> >--nt-response=8c6daec89825fb28b90bb60b737fb683a4a80f6252935547<br>>> >Exec-Program output: Exec-Program: FAILED to execute /path/to/ntlm_auth:
<br>>> No<br>>> >such file or directory<br>>> >Exec-Program-Wait: plaintext: Exec-Program: FAILED to execute<br>>> >/path/to/ntlm_auth: No such file or directory<br>>> >Exec-Program: returned: 1
<br>>> > rlm_mschap: External script failed.<br>>> > rlm_mschap: FAILED: MS-CHAP2-Response is incorrect<br>>> > modcall[authenticate]: module "mschap" returns reject for request 11
<br>
>> >modcall: leaving group MS-CHAP (returns reject) for request 11<br>>> >auth: Failed to validate the user.<br>>> >Delaying request 11 for 1 seconds<br>>> >Finished request 11<br>>> >Going to the next request
<br>>> >--- Walking the entire request list ---<br>>> >Waking up in 1 seconds...<br>>> >--- Walking the entire request list ---<br>>> >Waking up in 1 seconds...<br>>> >--- Walking the entire request list ---
<br>>> >Sending Access-Reject of id 30 to <a href="http://127.0.0.1" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">127.0.0.1</a> port 32770<br>>> >Waking up in 4 seconds...<br>>> >--- Walking the entire request list ---
<br>>> >Cleaning up request 11 ID 30 with timestamp 47152198
<br>>> >Nothing to do. Sleeping until we see a request.<br>>> ><br>>> ><br>>><br>>> -<br>>> List info/subscribe/unsubscribe? See<br>>> <a href="http://www.freeradius.org/list/users.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://www.freeradius.org/list/users.html</a><br>>><br>><br>><br><br>-<br>List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://www.freeradius.org/list/users.html</a><br>
</blockquote></div><br>
</span></div><br clear="all">