ms-chap authentication with client tool?

Patrick Bartkus patrckb at gmail.com
Tue Jan 31 16:47:07 CET 2006


You could try using the windows program NTRadPing from
http://www.dialways.com/download/.
It has a "CHAP" checkbox.

HTH,
Patrick

On 1/31/06, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
>
> DilipSimha.N.M wrote:
> > hi,
> >
> > is there any simple tool(other than jradius) which can be used as radius
> > client and which can be used to test
> > mschap authentication??
> > if so, please give the packet contents for radius client and the users
> > file check-items.
>
>   1. run FreeRadius in debugging mode
>
>   2. perform a successful MS-CHAP authentication with a "real" client
>
>   3. copy the following info from the FreeRadius debugging output:
> User-Name = "user"
> MS-CHAP-Challenge = 0xBYTES
> MS-CHAP2-Response = 0xBYTES
>
>   4. with that info, create a file containing a radius request:
> Service-Type = Framed-User
> Framed-Protocol = PPP
> User-Name = "user"
> MS-CHAP-Challenge = 0xBYTES
> MS-CHAP2-Response = 0xBYTES
> Calling-Station-Id = "something"
> NAS-IP-Address = 192.168.1.2
> NAS-Port = 1
>
>   5. run the command "radclient -s -f $FILE $HOST auth $SECRET"
>
> The radius server will authenticate that request every time. Since the
> challenge from a real NAS is essentially random there is only a low (but
> not zero) risk in having the info in a file.
>
> You may need to edit your users file to disable things such as IP
> address pool assignment or such, but it will basically work fine. Such
> editing is dependent on your local configuration.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060131/92cb97eb/attachment.html>


More information about the Freeradius-Users mailing list