peap in users file?

tnt at kalik.co.yu tnt at kalik.co.yu
Thu May 24 21:28:36 CEST 2007


Should Tunnel-Private-Group-Id be a check item? New versions of the
server should use Cleartext-Password:= .

Ivan Kalik
Kalik Informatika ISP


Dana 24/5/2007, "Matt Ashfield" <mda at unb.ca> piše:

>Hi
>
>I'm trying to do PEAP authentication against a user listed in my users file
>instead of an AD or LDAP. I'm just doing this initially for some proof of
>concept stuff.
>
>I'm wondering how I need to set up the user in the users file? Currently my
>entry looks like:
>
>"testuser"      User-Password == "abc.123", Tunnel-Private-Group-Id=staff
>
>But when I run in debug mode I'm getting the following, which indicates to
>me perhaps I'm not setting the password correctly:
>
>
>modcall: entering group MS-CHAP for request 7
>Thu May 24 15:56:47 2007 : Debug:   modsingle[authenticate]: calling mschap
>(rlm_mschap) for request 7
>Thu May 24 15:56:47 2007 : Debug:   rlm_mschap: No User-Password configured.
>Cannot create LM-Password.
>Thu May 24 15:56:47 2007 : Debug:   rlm_mschap: No User-Password configured.
>Cannot create NT-Password.
>Thu May 24 15:56:47 2007 : Debug:   rlm_mschap: Told to do MS-CHAPv2 for
>testuser with NT-Password
>Thu May 24 15:56:47 2007 : Debug:   rlm_mschap: FAILED: No NT/LM-Password.
>Cannot perform authentication.
>Thu May 24 15:56:47 2007 : Debug:   rlm_mschap: FAILED: MS-CHAP2-Response is
>incorrect
>Thu May 24 15:56:47 2007 : Debug:   modsingle[authenticate]: returned from
>mschap (rlm_mschap) for request 7
>Thu May 24 15:56:47 2007 : Debug:   modcall[authenticate]: module "mschap"
>returns reject for request 7
>Thu May 24 15:56:47 2007 : Debug: modcall: leaving group MS-CHAP (returns
>reject) for request 7
>Thu May 24 15:56:47 2007 : Debug:   rlm_eap: Freeing handler
>Thu May 24 15:56:47 2007 : Debug:   modsingle[authenticate]: returned from
>eap (rlm_eap) for request 7
>Thu May 24 15:56:47 2007 : Debug:   modcall[authenticate]: module "eap"
>returns reject for request 7
>Thu May 24 15:56:47 2007 : Debug: modcall: leaving group authenticate
>(returns reject) for request 7
>Thu May 24 15:56:47 2007 : Debug: auth: Failed to validate the user.
>
>Any advice is appreciated.
>Matt
>mda at unb.ca
>
>
>
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>




More information about the Freeradius-Users mailing list