Tried that already. cobb Cleartext-Password := "secret" It just spits out an error that says I didn't use User-Password and fails: Thread 1 handling request 0, (1 handled so far) NAS-Identifier = "localhost" NAS-Port-Type = Ethernet Service-Type = Framed-User Framed-Protocol = PPP Calling-Station-Id = "127.0.0.1" User-Name = "cobb@guests" MS-CHAP2-Response = 0x01013410fa7660ac21dc93c5313bcab77f150000000000000000e601cdc04a6c368aed b66db426dff79111702aa7dbf9d3bb MS-CHAP-Challenge = 0xc171ce27fd0fc0189daf86b649fe8588 Service-Type = 47 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap' modcall[authorize]: module "mschap" returns ok for request 0 modcall: entering group for request 0 rlm_realm: Looking up realm "guests" for User-Name = "cobb@guests" rlm_realm: Found realm "guests" rlm_realm: Adding Stripped-User-Name = "cobb" rlm_realm: Proxying request from user cobb to realm guests rlm_realm: Adding Realm = "guests" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 0 rlm_realm: Request already proxied. Ignoring. modcall[authorize]: module "ntdomain" returns noop for request 0 modcall: leaving group (returns noop) for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry cobb at line 2 modcall[authorize]: module "files" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type MS-CHAP auth: type "MS-CHAP" Processing the authenticate section of radiusd.conf modcall: entering group MS-CHAP for request 0 rlm_mschap: No User-Password configured. Cannot create LM-Password. rlm_mschap: No User-Password configured. Cannot create NT-Password. rlm_mschap: Told to do MS-CHAPv2 for cobb@guests with NT-Password rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication. rlm_mschap: FAILED: MS-CHAP2-Response is incorrect modcall[authenticate]: module "mschap" returns reject for request 0 modcall: leaving group MS-CHAP (returns reject) for request 0 auth: Failed to validate the user. Login incorrect: [cobb@guests] (from client localhost port 0 cli 127.0.0.1) Found Post-Auth-Type Processing the post-auth section of radiusd.conf modcall: entering group REJECT for request 0 DBUS Method Call to com.lockdownnetworks.RadiusEvents:/ on com.lockdownnetworks.RadiusEvents Early exit of processing return values. Finished with dbus method. modcall[post-auth]: module "dbus" returns reject for request 0 modcall: leaving group REJECT (returns reject) for request 0 Delaying request 0 for 1 seconds Finished request 0 Going to the next request Thread 1 waiting to be assigned a request rad_recv: Access-Request packet from host 127.0.0.1:32776, id=181, length=161 Sending Access-Reject of id 181 to 127.0.0.1 port 32776 --- Walking the entire request list --- Waking up in 3 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 181 with timestamp 467ae04a Nothing to do. Sleeping until we see a request. -----Original Message----- From: freeradius-users-bounces+mattc=lockdownnetworks.com@lists.freeradius.org [mailto:freeradius-users-bounces+mattc=lockdownnetworks.com@lists.freera dius.org] On Behalf Of tnt@kalik.co.yu Sent: Thursday, June 21, 2007 11:30 AM To: FreeRadius users mailing list Subject: Re: MSCHAPv2 with 1.1.4
users file:
cobb User-Password=="secret"
(also tried Cleartext-Password with same results)
Wrong operator (==) for Cleartext-Password. Use := cobb Cleartext-Password := "secret" Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html