Alan, 

Thanks for quick response.

On Tue, Feb 2, 2010 at 12:29 PM, Alan DeKok <aland@deployingradius.com> wrote:
Fabio Rampazzo Mathias wrote:
> I'm relative new to freeradius, and i'm trying to configure a PPTP VPN
> on pfSense, authenticating in a FreeRADIUS with LDAP module. But, I'm
> getting the following error :
>
> Found Auth-Type = LDAP
> WARNING: Please update your configuration, and remove 'Auth-Type = Local'
> WARNING: Use the PAP or CHAP modules instead.
> No User-Password or CHAP-Password attribute in the request.
> Cannot perform authentication.
> Failed to authenticate the user.
>
> The authorize process works fine, but the authentication not. I can't
> find "Auth-Type = Local" as it says. This is my access request :

 Did you look in the configuration files for "Auth-Type = Local"?  Or
in your database?


yes and couldn't find anything saying "Auth-Type = Local"...but I think this isn't the most important problem. I've used "grep" to search.
 
 And you posted only PART of the debug output.  Wy?


I've sent just a part of debug because I've thought this is the part which really matters. 
Is there any other you need ?
 
> I've tried many of google searches troubleshooting MS-CHAP problems and
> most of them is saying me to get a Cleartext-Password entry on my
> database. But I can't consider this an option, because the security of
> my accounts in LDAP would be extremely compromised.

 Too bad.  You don't really have a choice.

http://deployingradius.com/documents/protocols/compatibility.html


Ok. This means that PPTP needs MS-CHAP auth, and MS-CHAP needs Clear Password or NT Hash. How do I enable my FreeRADIUS to authenticate in LDAP using NT Hash ? Is there a way to do this ?
 
 Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Att,
Fabio Rampazzo Mathias