MSCHAPv2 with 1.1.4
Matt Cobb
mattc at lockdownnetworks.com
Thu Jun 21 22:40:44 CEST 2007
Tried that already.
cobb Cleartext-Password := "secret"
It just spits out an error that says I didn't use User-Password and
fails:
Thread 1 handling request 0, (1 handled so far)
NAS-Identifier = "localhost"
NAS-Port-Type = Ethernet
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "127.0.0.1"
User-Name = "cobb at guests"
MS-CHAP2-Response =
0x01013410fa7660ac21dc93c5313bcab77f150000000000000000e601cdc04a6c368aed
b66db426dff79111702aa7dbf9d3bb
MS-CHAP-Challenge = 0xc171ce27fd0fc0189daf86b649fe8588
Service-Type = 47
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
modcall[authorize]: module "mschap" returns ok for request 0
modcall: entering group for request 0
rlm_realm: Looking up realm "guests" for User-Name = "cobb at guests"
rlm_realm: Found realm "guests"
rlm_realm: Adding Stripped-User-Name = "cobb"
rlm_realm: Proxying request from user cobb to realm guests
rlm_realm: Adding Realm = "guests"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 0
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "ntdomain" returns noop for request 0
modcall: leaving group (returns noop) for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched entry cobb at line 2
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
rad_check_password: Found Auth-Type MS-CHAP
auth: type "MS-CHAP"
Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 0
rlm_mschap: No User-Password configured. Cannot create LM-Password.
rlm_mschap: No User-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for cobb at guests with NT-Password
rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication.
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
modcall[authenticate]: module "mschap" returns reject for request 0
modcall: leaving group MS-CHAP (returns reject) for request 0
auth: Failed to validate the user.
Login incorrect: [cobb at guests] (from client localhost port 0 cli
127.0.0.1)
Found Post-Auth-Type
Processing the post-auth section of radiusd.conf
modcall: entering group REJECT for request 0
DBUS Method Call to com.lockdownnetworks.RadiusEvents:/ on
com.lockdownnetworks.RadiusEvents
Early exit of processing return values.
Finished with dbus method.
modcall[post-auth]: module "dbus" returns reject for request 0
modcall: leaving group REJECT (returns reject) for request 0
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
Thread 1 waiting to be assigned a request
rad_recv: Access-Request packet from host 127.0.0.1:32776, id=181,
length=161
Sending Access-Reject of id 181 to 127.0.0.1 port 32776
--- Walking the entire request list ---
Waking up in 3 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 181 with timestamp 467ae04a
Nothing to do. Sleeping until we see a request.
-----Original Message-----
From:
freeradius-users-bounces+mattc=lockdownnetworks.com at lists.freeradius.org
[mailto:freeradius-users-bounces+mattc=lockdownnetworks.com at lists.freera
dius.org] On Behalf Of tnt at kalik.co.yu
Sent: Thursday, June 21, 2007 11:30 AM
To: FreeRadius users mailing list
Subject: Re: MSCHAPv2 with 1.1.4
>
>users file:
>
>cobb User-Password=="secret"
>
> (also tried Cleartext-Password with same results)
>
Wrong operator (==) for Cleartext-Password. Use :=
cobb Cleartext-Password := "secret"
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list