<div dir="ltr">NM posted to quickly, secrets were wrong, fiddling around with <div><br></div><div>Unsupported protocol 'IPv6 Control Protovol' (0x8057) received</div><div><br></div><div>after that it should work, will definitively post it up in a howto.</div>
<div><br></div><div>Regards<br><br><div class="gmail_quote">On Wed, May 23, 2012 at 3:31 PM, Ali Jawad <span dir="ltr"><<a href="mailto:ali.jawad@splendor.net" target="_blank">ali.jawad@splendor.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi again<div>I did do some more reading and finally got radius to authenticate mschap, I am using the users file to add users for the time being and no SQL. A user can authenticate properly </div>
<div><br></div>
<div>See</div><div><br></div><div><div class="im"><div>Going to the next request</div></div><div class="im"><div>Waking up in 4.9 seconds.</div></div><div>Cleaning up request 3 ID 100 with timestamp +136</div><div>Ready to process requests.</div>
<div>rad_recv: Access-Request packet from host 127.0.0.1 port 57868, id=101, length=132</div><div class="im">
<div> Service-Type = Framed-User</div><div> Framed-Protocol = PPP</div><div> User-Name = "test"</div></div><div> MS-CHAP-Challenge = 0x65c4689b30c27f604fcca7ba1370fdba</div><div> MS-CHAP2-Response = 0x31004bfca25ae57e8617e1e2d3cebde289040000000000000000c4cd490b424b34bfa53ad8b65fb786d994c6f647dbdd001a</div>
<div class="im">
<div> NAS-IP-Address = 127.0.0.1</div><div> NAS-Port = 0</div></div><div class="im"><div># Executing section authorize from file /etc/raddb/sites-enabled/default</div><div>+- entering group authorize {...}</div>
<div>++[preprocess] returns ok</div>
<div>++[chap] returns noop</div></div><div>[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'</div><div>++[mschap] returns ok</div><div>++[digest] returns noop</div><div class="im"><div>[suffix] No '@' in User-Name = "test", looking up realm NULL</div>
<div>[suffix] No such realm "NULL"</div><div>++[suffix] returns noop</div></div><div class="im"><div>[eap] No EAP-Message, not doing EAP</div><div>++[eap] returns noop</div></div><div>[files] users: Matched entry test at line 76</div>
<div>
++[files] returns ok</div><div class="im"><div>++[expiration] returns noop</div><div>++[logintime] returns noop</div></div><div>[pap] WARNING: Auth-Type already set. Not setting to PAP</div><div>++[pap] returns noop</div>
<div>Found Auth-Type = MSCHAP</div><div class="im">
<div># Executing group from file /etc/raddb/sites-enabled/default</div></div><div>+- entering group MS-CHAP {...}</div><div>[mschap] Creating challenge hash with username: test</div><div>[mschap] Told to do MS-CHAPv2 for test with NT-Password</div>
<div>[mschap] adding MS-CHAPv2 MPPE keys</div><div>++[mschap] returns ok</div><div># Executing section post-auth from file /etc/raddb/sites-enabled/default</div><div>+- entering group post-auth {...}</div><div>++[exec] returns noop</div>
<div>Sending Access-Accept of id 101 to 127.0.0.1 port 57868</div><div class="im"><div> Service-Type = Framed-User</div><div> Framed-Protocol = PPP</div></div><div> Framed-IP-Address = 172.16.3.33</div>
<div> Framed-IP-Netmask = 255.255.255.0</div>
<div> Framed-Routing = Broadcast-Listen</div><div> Framed-Filter-Id = "std.ppp"</div><div> Framed-MTU = 1500</div><div> Framed-Compression = Van-Jacobson-TCP-IP</div><div> MS-CHAP2-Success = 0x31533d43303035333346323444353031324334354144323433334634334344343931374636363944453733</div>
<div> MS-MPPE-Recv-Key = 0x494fa970f9bb475a70b1b37179089b1d</div><div> MS-MPPE-Send-Key = 0x546cdc52da0bf3818284fe5e6c48332d</div><div> MS-MPPE-Encryption-Policy = 0x00000002</div><div> MS-MPPE-Encryption-Types = 0x00000004</div>
<div>Finished request 4.</div></div><div><br></div><div>but I get the following error on the pptpd side </div><div><br></div><div><br></div><div>May 23 13:30:01 pptp-test-100-13 pppd[7512]: rc_check_reply: received invalid reply digest from RADIUS server<br>
<br>Any input please ?</div><div><br></div><div>Regards<div><div class="h5"><br><div class="gmail_quote">On Wed, May 23, 2012 at 3:17 PM, Matthew Newton <span dir="ltr"><<a href="mailto:mcn4@leicester.ac.uk" target="_blank">mcn4@leicester.ac.uk</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>On Wed, May 23, 2012 at 02:02:02PM +0200, Alan DeKok wrote:<br>
> Matthew Newton wrote:<br>
> > I'm not sure who looks after them now, or if they are maintained.<br>
> > I've just found radiusclient-ng, which looks more recent, but have<br>
> > no experience of it.<br>
> ><br>
> > But this is all mildly off-topic for FreeRADIUS...<br>
><br>
> radiusclient-ng is no longer developed.<br>
><br>
> It has become freeradius-client. :) See <a href="http://freeradius.org" target="_blank">http://freeradius.org</a><br>
<br>
</div>Ah - thanks. I had it on my list to hack at the radiusclient code<br>
to try and update it. 30 minutes ago, that list entry changed to<br>
radiusclient-ng.<br>
<br>
Looks like I'll be looking at the freeradius-client code instead<br>
now... if I ever get time!<br>
<br>
Cheers,<br>
<div><br>
Matthew<br>
<br>
<br>
--<br>
Matthew Newton, Ph.D. <<a href="mailto:mcn4@le.ac.uk" target="_blank">mcn4@le.ac.uk</a>><br>
<br>
Systems Architect (UNIX and Networks), Network Services,<br>
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom<br>
<br>
For IT help contact helpdesk extn. 2253, <<a href="mailto:ithelp@le.ac.uk" target="_blank">ithelp@le.ac.uk</a>><br>
</div><div><div>-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div></div></div><div class="im">-- <br><div dir="ltr"><font><font color="#888888"><b>Ali Jawad<br></b></font></font><div><div><font><font color="#888888"><b>Information Systems Manager</b></font></font></div>
<div><font><font color="#888888"><b>Splendor Telecom <span style>(</span><span style="background-color:rgb(51,51,255);color:rgb(51,102,255)"><a href="http://www.splendor.net/" target="_blank"><span style="background-color:rgb(255,255,255)"><font color="#3366ff">www.splendor.net</font></span></a></span><span style>)</span><br>
Beirut, Lebanon<br>Phone: +9611373725/ext 116<br>FAX: +9611375554</b></font></font><div><div></div></div></div></div></div><br>
</div></div></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div dir="ltr"><font><font color="#888888"><b>Ali Jawad<br></b></font></font><div><div><font><font color="#888888"><b>Information Systems Manager</b></font></font></div>
<div><font><font color="#888888"><b>Splendor Telecom <span style="background-color:rgb(255,255,255)">(</span><span style="background-color:rgb(51,51,255);color:rgb(51,102,255)"><a href="http://www.splendor.net/" target="_blank"><span style="background-color:rgb(255,255,255)"><font color="#3366ff">www.splendor.net</font></span></a></span><span style="background-color:rgb(255,255,255)">)</span><br>
Beirut, Lebanon<br>Phone: +9611373725/ext 116<br>FAX: +9611375554</b></font></font><div><div></div></div></div></div></div><br>
</div></div>