Frreradius PAP and CHAP

Ryan Kramer rkramer at gmail.com
Wed Jun 20 03:04:51 CEST 2007


Instead of using radclient/radtest, this program BY FAR is the best way to
debug a radius box...

http://jradius.org/wiki/index.php/JRadiusSimulator




On 6/19/07, hao chen <chenhao602 at gmail.com> wrote:
>
> Hi,Ivan
>
>        I want to know how to test CHAP with radclient(I have no NAS).
> Could you give me a example of the radclient configure file?
>         Thank you.
> -chenhao
>
>
>
>
>
>
>
>
> 2007/6/20, tnt at kalik.co.yu <tnt at kalik.co.yu>:
> >
> > No, not with radtest. You can use radclient, which has much more
> > ability,
> > but is also more complicated.
> >
> > Use, for instance, XP dialup connection. In connection properties click
> > on Security tab, Advanced radio button and then Settings button. By
> > default all protocols are ticked. Leave only CHAP ticked and exit with
> > OK. Once you are done with testing remember to go back and add protocols
> > back.
> >
> > WARNING: This will work only if the NAS you are connecting through also
> > supports CHAP authentication. If it doesn't, XP client with only CHAP
> > enabled won't be able to connect.
> >
> > Ivan Kalik
> > Kalik Informatika ISP
> >
> >
> > Dana 19/6/2007, "lisa laam" <laam.lisa at gmail.com> piše:
> >
> > >thanks,
> > >
> > >Is there  a way to test CHAP?
> > >
> > >could we test that with "radtest"?
> > >
> > >
> > >
> > >
> > >2007/6/19, tnt at kalik.co.yu < tnt at kalik.co.yu>:
> > >>
> > >> Have a look at dictionary.freeradius.internal. You will find several
> > >> xxx-Password attributes where xxx are supported encryption types.
> > >>
> > >> To test CHAP you don't need to "tell" Freeradius anything. Chap
> > module
> > >> is enabled by default, so it will work if you havent diabled it. What
> > >> you need to do is to get the client to use CHAP - radius server will
> > >> "follow".
> > >>
> > >> Ivan Kalik
> > >> Kalik Informatika ISP
> > >>
> > >>
> > >> Dana 19/6/2007, "lisa laam" <laam.lisa at gmail.com> pi e:
> > >>
> > >> >Hi,
> > >> >
> > >> >I configured Freeradius to use PAP method with users file.
> > >> >The password is stored in clear text is stored in clear text in the
> > user
> > >> >file and it works well.
> > >> >
> > >> >Now I want to use other mode of user storing with PAP method.
> > (exemple
> > >> MD5
> > >> >with the user file locatedt in /freeradius-1.1.6
> > >> /src/tests/digest-auth-MD5)
> > >> >
> > >> >1- How to tell frreeradius that the user password  is stored in
> > clear
> > >> text,
> > >> >or digest, or MD5 hashed, etc ??
> > >> >I tried to copy the content of "digest-auth-MD5" in the "users" file
> > and
> > >> I
> > >> >got this errror :
> > >> >
> > >> >Errors reading /opt/freeradius/etc/raddb/users
> > >> >radiusd.conf[1067]: files: Module instantiation failed.
> > >> >radiusd.conf [1852] Unknown module "files".
> > >> >radiusd.conf[1788] Failed to parse authorize section.
> > >> >
> > >> >
> > >> >I want to test also CHAP method, how to tell radius to use this
> > method in
> > >> >stead of PAP?
> > >> >
> > >> >
> > >> >thanks
> > >> >
> > >> >
> > >>
> > >> -
> > >> List info/subscribe/unsubscribe? See
> > >> http://www.freeradius.org/list/users.html
> > >>
> > >
> > >
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070619/005c7b94/attachment.html>


More information about the Freeradius-Users mailing list