FreeRadius IRC...
Thibault Le Meur
Thibault.LeMeur at supelec.fr
Sat Jan 13 20:51:30 CET 2007
> The issue is, I've done everything, a semi-competent Linux user with
> Critical thinking skills should do, I've been methodical. asnd
> disciplined and persistent. Yet still, I cannot succeed at this. This
> will make my University Career look bad. I just think I could use
> another pair of eyes, maybe I missed something.
>
> I feel like Edward Elric searching for the Philosopher's stone.
I posted an idea and you decided not to reply to my questions !
I suspect that your VPN server doesn't know Microsoft Radius
attributes and refuses to send them to the radius server. I've tested
a bad setup (lack of Microsoft radius dictionary), and I get the same
radiusd -X debug log: no MS-CHAP Challenge in the request...
I asked "have you checked possible error messages in /var/log/messages
" on the vpn server ?
To be more specific, look for the following lines in you log file:
" rc_avpair_new: unknown attribute"
If you see such lines it might be that your radiusclient library (used
by the PPPd plugin on your VPN server) doesn't understand the
Microsoft attributes (for instance the MS-CHAP Challenge). Thus, the
PPPd radius plugin doesn't send these attributes that are required for
Freeradius to do MS-CHAP authentication.
Could you really check that your dictionnary file on the VPN server
side contains a line like:
INCLUDE /usr/share/radiusclient-ng/dictionary.microsoft
and check the content of this file...
HTH,
Thibault
More information about the Freeradius-Users
mailing list