Sachin Yadav wrote:
I am getting intermittent access-reject response from free-radius even though password was correct. User have to try again and this time user is allowed. Following are the debug logs for one such transaction -
If FreeRADIUS says that the password is wrong... it's likely wrong.
# Executing group from file /etc/raddb/sites-enabled/default +- entering group CHAP {...} [chap] login attempt by "aqua" with CHAP password [chap] Using clear text password "mango" for user aqua authentication. [chap] Password check failed
That's pretty definitive.
Can someone please help me understand what's going wrong? I am using coovachilli as a capative portal solution which automatically send these packets to radius server for AAA.
I would expect coovachilli to get it right, but maybe not. If you're running v3, you can do "radiusd -Xx" to see exactly what is seen for CHAP, and what is calculated. That can help debug the issue. Alan DeKok.