peap in users file?

Thu May 24 21:03:50 CEST 2007

Hi

I'm trying to do PEAP authentication against a user listed in my users file
instead of an AD or LDAP. I'm just doing this initially for some proof of
concept stuff.

I'm wondering how I need to set up the user in the users file? Currently my
entry looks like:

"testuser"      User-Password == "abc.123", Tunnel-Private-Group-Id=staff

But when I run in debug mode I'm getting the following, which indicates to
me perhaps I'm not setting the password correctly:

modcall: entering group MS-CHAP for request 7
Thu May 24 15:56:47 2007 : Debug:   modsingle[authenticate]: calling mschap
(rlm_mschap) for request 7
Thu May 24 15:56:47 2007 : Debug:   rlm_mschap: No User-Password configured.
Cannot create LM-Password.
Thu May 24 15:56:47 2007 : Debug:   rlm_mschap: No User-Password configured.
Cannot create NT-Password.
Thu May 24 15:56:47 2007 : Debug:   rlm_mschap: Told to do MS-CHAPv2 for
testuser with NT-Password
Thu May 24 15:56:47 2007 : Debug:   rlm_mschap: FAILED: No NT/LM-Password.
Cannot perform authentication.
Thu May 24 15:56:47 2007 : Debug:   rlm_mschap: FAILED: MS-CHAP2-Response is
incorrect
Thu May 24 15:56:47 2007 : Debug:   modsingle[authenticate]: returned from
mschap (rlm_mschap) for request 7
Thu May 24 15:56:47 2007 : Debug:   modcall[authenticate]: module "mschap"
returns reject for request 7
Thu May 24 15:56:47 2007 : Debug: modcall: leaving group MS-CHAP (returns
reject) for request 7
Thu May 24 15:56:47 2007 : Debug:   rlm_eap: Freeing handler
Thu May 24 15:56:47 2007 : Debug:   modsingle[authenticate]: returned from
eap (rlm_eap) for request 7
Thu May 24 15:56:47 2007 : Debug:   modcall[authenticate]: module "eap"
returns reject for request 7
Thu May 24 15:56:47 2007 : Debug: modcall: leaving group authenticate
(returns reject) for request 7
Thu May 24 15:56:47 2007 : Debug: auth: Failed to validate the user.

Any advice is appreciated.
Matt
mda at unb.ca 