Dan Searle wrote:
Hello? Is there anybody out there?
Are you going to read previous responses on this list? http://lists.freeradius.org/pipermail/freeradius-users/2007-August/065807.ht...
Can someone who knows how CHAP works please explain to me how this could be happening?
See the previous message.
Does a CHAP challenge time-out after a certain amount of time? Does the rlm_chap module hold a copy of old CHAP challenge's and prevent the same one being re-used to stop replay attacks?
No, and no. Try it using radclient. Take the attributes printed out in debugging mode from the Access-Request, and put them into a file. Replace the CHAP-Password hex stuff with the real password (radclient will do the CHAP hashing). Use radclient to send the packet to the server... multiple times a) you see the same thing: bad RAM or memory corruption b) radclient always works: throw away your NAS and buy one that works. Alan DeKok.