freeradius + pptp + mysql
Alan DeKok
aland at nitros9.org
Tue May 2 01:49:48 CEST 2006
Michael Gale <michael.gale at pason.com> wrote:
> My client is a XP Pro laptop using MS-CHAP v2 I believe
Nope. It's not sending MS-CHAP in the request packet.
> I have followed the documents from the following locations:
> http://poptop.sourceforge.net/dox/radius_mysql.html
> http://www.frontios.com/freeradius.html
And heavily edited the standard configurations files, probably.
Please don't. The standard configuration is there for a reason: it
works.
> modcall[authorize]: module "mschap" returns noop for request 0
That works, at least. The server isn't trying to do MS-CHAP.
> modcall: entering group Auth-Type for request 0
> rlm_mschap: No MS-CHAP-Challenge in the request
This only happens if you force MS-CHAP authentication. Don't.
You've probably added entries in SQL to force "Auth-Type = MS-CHAP".
Don't.
And the request is unhelpful:
> rad_recv: Access-Request packet from host 127.0.0.1:32804, id=83, length=65
> Service-Type = Framed-User
> Framed-Protocol = PPP
> User-Name = "testuser"
> Calling-Station-Id = "10.10.0.3"
> NAS-IP-Address = 127.0.0.1
> NAS-Port = 0
There's no password or MS-CHAP attributes in it. The request cannot
be authenticated.
Use the standard FreeRADIUS config files. They work. Make pptp
send MS-CHAP attributes.
Alan DeKok.
More information about the Freeradius-Users
mailing list