help on pppd chap authorize by freeradius
Alexandru Matei
alex at qb.ro
Thu Nov 16 08:18:45 CET 2006
Yes,
The problem was only the dictionary. In the default dictionary there was
no "atribute 60"
The problem is solved
Thank you
Alex
debik wrote:
> The problem is in atribute 60. Compare yor dictionarys.
>
> ----- Original Message ----- From: "Alexandru Matei" <alex at qb.ro>
> To: "FreeRadius users mailing list"
> <freeradius-users at lists.freeradius.org>
> Sent: Wednesday, November 15, 2006 4:57 PM
> Subject: help on pppd chap authorize by freeradius
>
>
>> Hi,
>> I encounter an chap authorization problem using pppoe3.8, ppp 2.4.4b1
>> and Freeradius 1.1.3.
>> The relevant logs are:
>>
>> PPP dump:
>>
>> Nov 15 17:43:29 localhost pppd[7486]: rcvd [LCP ConfReq id=0x2 <magic
>> 0x1b31752> <pcomp> <accomp> <callback CBCP>] 00 00 00 00 00 00 00 00
>> 00 00 00 00 00 00 00 00 00 00 00 00 00
>> Nov 15 17:43:29 localhost pppd[7486]: sent [LCP ConfRej id=0x2
>> <pcomp> <accomp> <callback CBCP>]
>> Nov 15 17:43:29 localhost pppd[7486]: rcvd [LCP ConfReq id=0x3 <magic
>> 0x1b31752>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>> 00 00 00 00 00 00 00 00 00
>> Nov 15 17:43:29 localhost pppd[7486]: sent [LCP ConfAck id=0x3 <magic
>> 0x1b31752>]
>> Nov 15 17:43:29 localhost pppd[7486]: sent [LCP EchoReq id=0x0
>> magic=0xbe000118]
>> Nov 15 17:43:29 localhost pppd[7486]: sent [CHAP Challenge id=0x2
>> <dd114655881b93c9111ba4122068632faa63f98d>, name = "localhost"]
>> Nov 15 17:43:29 localhost pppd[7486]: rcvd [CHAP Response id=0x2
>> <3e7ffb922fcba977f3dc8c2418d7dec2>, name = "test1"] 00 00 00 00 00 00
>> 00 00 00 00 00 00
>> Nov 15 17:43:29 localhost pppd[7486]: rc_avpair_new: unknown
>> attribute 60
>> Nov 15 17:43:31 localhost pppd[7486]: Peer test1 failed CHAP
>> authentication
>> Nov 15 17:43:31 localhost pppd[7486]: sent [CHAP Failure id=0x2 ""]
>> Nov 15 17:43:31 localhost pppd[7486]: sent [LCP TermReq id=0x2
>> "Authentication failed"]
>> Nov 15 17:43:31 anton pppd[7486]: rcvd [LCP TermAck id=0x2] 00 00 00
>> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>> 00 00 00 00 00 00 ...
>> Nov 15 17:43:31 anton pppd[7486]: Connection terminated.
>> Nov 15 17:43:31 anton pppoe-server[7171]: Sent PADT
>>
>> Freeradius log
>>
>> rad_recv: Access-Request packet from host 127.0.0.1:32769, id=64,
>> length=89
>> Service-Type = Framed-User
>> Framed-Protocol = PPP
>> User-Name = "test1"
>> CHAP-Password = 0x023e7ffb922fcba977f3dc8c2418d7dec2
>> Calling-Station-Id = "00:20:18:8E:6C:0E"
>> NAS-IP-Address = 127.0.0.1
>> NAS-Port = 0
>> Processing the authorize section of radiusd.conf
>> .....
>> modcall[authorize]: module "sql" returns ok for request 1
>> modcall: leaving group authorize (returns ok) for request 1
>> rad_check_password: Found Auth-Type CHAP
>> auth: type "CHAP"
>> Processing the authenticate section of radiusd.conf
>> modcall: entering group CHAP for request 1
>> rlm_chap: login attempt by "test1" with CHAP password
>> rlm_chap: Using clear text password password for user test1
>> authentication.
>> rlm_chap: Pasword check failed
>> modcall[authenticate]: module "chap" returns reject for request 1
>> modcall: leaving group CHAP (returns reject) for request 1
>> auth: Failed to validate the user.
>>
>> Altough I can obtain authorization using:
>>
>> [root at localhost]# echo "User-Name = test1, CHAP-Password=password" |
>> radclient localhost auth password
>> Received response ID 100, code 2, length = 62
>> Framed-Compression = None
>> Service-Type = Framed-User
>> Framed-IP-Address = 193.226.57.105
>> Framed-IP-Netmask = 255.255.255.0
>> Framed-MTU = 1492
>> Framed-Protocol = PPP
>> Port-Limit = 1
>>
>> Do anyone encounter the same problem?
>>
>> I can add that chap fails with all ppp versions (>=2.4.2)
>> Thank you,
>>
>> Alex
>>
>>
>>
>>
>> - List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>
>
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list