help on pppd chap authorize by freeradius
debik
debik at vp.pl
Wed Nov 15 23:44:25 CET 2006
The problem is in atribute 60. Compare yor dictionarys.
----- Original Message -----
From: "Alexandru Matei" <alex at qb.ro>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Wednesday, November 15, 2006 4:57 PM
Subject: help on pppd chap authorize by freeradius
> Hi,
> I encounter an chap authorization problem using pppoe3.8, ppp 2.4.4b1 and
> Freeradius 1.1.3.
> The relevant logs are:
>
> PPP dump:
>
> Nov 15 17:43:29 localhost pppd[7486]: rcvd [LCP ConfReq id=0x2 <magic
> 0x1b31752> <pcomp> <accomp> <callback CBCP>] 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00
> Nov 15 17:43:29 localhost pppd[7486]: sent [LCP ConfRej id=0x2 <pcomp>
> <accomp> <callback CBCP>]
> Nov 15 17:43:29 localhost pppd[7486]: rcvd [LCP ConfReq id=0x3 <magic
> 0x1b31752>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00
> Nov 15 17:43:29 localhost pppd[7486]: sent [LCP ConfAck id=0x3 <magic
> 0x1b31752>]
> Nov 15 17:43:29 localhost pppd[7486]: sent [LCP EchoReq id=0x0
> magic=0xbe000118]
> Nov 15 17:43:29 localhost pppd[7486]: sent [CHAP Challenge id=0x2
> <dd114655881b93c9111ba4122068632faa63f98d>, name = "localhost"]
> Nov 15 17:43:29 localhost pppd[7486]: rcvd [CHAP Response id=0x2
> <3e7ffb922fcba977f3dc8c2418d7dec2>, name = "test1"] 00 00 00 00 00 00 00
> 00 00 00 00 00
> Nov 15 17:43:29 localhost pppd[7486]: rc_avpair_new: unknown attribute 60
> Nov 15 17:43:31 localhost pppd[7486]: Peer test1 failed CHAP
> authentication
> Nov 15 17:43:31 localhost pppd[7486]: sent [CHAP Failure id=0x2 ""]
> Nov 15 17:43:31 localhost pppd[7486]: sent [LCP TermReq id=0x2
> "Authentication failed"]
> Nov 15 17:43:31 anton pppd[7486]: rcvd [LCP TermAck id=0x2] 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 ...
> Nov 15 17:43:31 anton pppd[7486]: Connection terminated.
> Nov 15 17:43:31 anton pppoe-server[7171]: Sent PADT
>
> Freeradius log
>
> rad_recv: Access-Request packet from host 127.0.0.1:32769, id=64,
> length=89
> Service-Type = Framed-User
> Framed-Protocol = PPP
> User-Name = "test1"
> CHAP-Password = 0x023e7ffb922fcba977f3dc8c2418d7dec2
> Calling-Station-Id = "00:20:18:8E:6C:0E"
> NAS-IP-Address = 127.0.0.1
> NAS-Port = 0
> Processing the authorize section of radiusd.conf
> .....
> modcall[authorize]: module "sql" returns ok for request 1
> modcall: leaving group authorize (returns ok) for request 1
> rad_check_password: Found Auth-Type CHAP
> auth: type "CHAP"
> Processing the authenticate section of radiusd.conf
> modcall: entering group CHAP for request 1
> rlm_chap: login attempt by "test1" with CHAP password
> rlm_chap: Using clear text password password for user test1
> authentication.
> rlm_chap: Pasword check failed
> modcall[authenticate]: module "chap" returns reject for request 1
> modcall: leaving group CHAP (returns reject) for request 1
> auth: Failed to validate the user.
>
> Altough I can obtain authorization using:
>
> [root at localhost]# echo "User-Name = test1, CHAP-Password=password" |
> radclient localhost auth password
> Received response ID 100, code 2, length = 62
> Framed-Compression = None
> Service-Type = Framed-User
> Framed-IP-Address = 193.226.57.105
> Framed-IP-Netmask = 255.255.255.0
> Framed-MTU = 1492
> Framed-Protocol = PPP
> Port-Limit = 1
>
> Do anyone encounter the same problem?
>
> I can add that chap fails with all ppp versions (>=2.4.2)
> Thank you,
>
> Alex
>
>
>
>
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list