Problem with CHAP

tnt at kalik.co.yu tnt at kalik.co.yu
Mon Nov 26 16:30:17 CET 2007 

>users: Matched entry DEFAULT at line 173
>users: Matched entry DEFAULT at line 185  

You have added user entries at the end of users file. You should put user
entries towards the front of the users file. If you need to process some
default entries, user entry should have Fall-Through = Yes at the end.

Ivan Kalik
Kalik Informatika ISP


Dana 26/11/2007, "Javier Fernando" <jcomputacion at hotmail.com> piše:


>This is the last log:
> 
>Thanks.
> 
>Javier.
> 
> 
>radiusd -X  :
> 
>Nothing to do.  Sleeping until we see a request.rad_recv: Access-Request packet from host 10.10.200.252:1645, id=139, length=125        Framed-Protocol = PPP        User-Name = "bob"        CHAP-Password = 0x010ae11cfe98a4aea0f0244e3337c26de4        NAS-Port-Type = Virtual        NAS-Port = 180        Calling-Station-Id = "1141323200"        Called-Station-Id = "8003450410"        Connect-Info = "TLS-DIALUP"        Service-Type = Framed-User        NAS-IP-Address = 10.10.200.252  Processing the authorize section of radiusd.confmodcall: entering group authorize for request 8  modcall[authorize]: module "preprocess" returns ok for request 8  rlm_chap: Setting 'Auth-Type := CHAP'  modcall[authorize]: module "chap" returns ok for request 8  modcall[authorize]: module "mschap" returns noop for request 8    rlm_realm: No '@' in User-Name = "bob", looking up realm NULL    rlm_realm: No such realm "NULL"  modcall[authorize]: module "suffix" returns noop for request 8  rlm_eap: No EAP-Message, not doing EAP  modcall[authorize]: module "eap" returns noop for request 8    users: Matched entry DEFAULT at line 173    users: Matched entry DEFAULT at line 185  modcall[authorize]: module "files" returns ok for request 8rlm_pap: WARNING! No "known good" password found for the user.  Authentication may fail because of this.  modcall[authorize]: module "pap" returns noop for request 8modcall: leaving group authorize (returns ok) for request 8  rad_check_password:  Found Auth-Type CHAPauth: type "CHAP"  Processing the authenticate section of radiusd.confmodcall: entering group CHAP for request 8  rlm_chap: login attempt by "bob" with CHAP password  rlm_chap: Could not find clear text password for user bob  modcall[authenticate]: module "chap" returns invalid for request 8modcall: leaving group CHAP (returns invalid) for request 8auth: Failed to validate the user.Login incorrect (rlm_chap: Clear text password not available): [bob/<CHAP-Password>] (from client rasiplan2 port 180 cli 1141323200)Delaying request 8 for 1 secondsFinished request 8Going to the next request--- Walking the entire request list ---Waking up in 1 seconds...--- Walking the entire request list ---Waking up in 1 seconds...--- Walking the entire request list ---Sending Access-Reject of id 139 to 10.10.200.252 port 1645Waking up in 4 seconds...--- Walking the entire request list ---Cleaning up request 8 ID 139 with timestamp 474acfb9Nothing to do.  Sleeping until we see a request.
> 
>> To: freeradius-users at lists.freeradius.org> Subject: RE: Problem with CHAP> Date: Mon, 26 Nov 2007 15:38:50 +0100> From: tnt at kalik.co.yu> > Can you send the whole debug from the request. I can't see if anything> matched in users file or not.> > Ivan Kalik> Kalik Informatika ISP> > > Dana 26/11/2007, "Javier Fernando" <jcomputacion at hotmail.com> piše:> > >> >I have this users in the users file:> > > > > ># Usuarios de prueba> >chap Auth-Type := Local, Cleartext-Password := "test2007"> >test Auth-Type := Local, Password := "test2007"> >lock Auth-Type := Reject Reply-Message = "Cuenta deshabilitada."> >steve Cleartext-Password := "test"> >javier Cleartext-Password := "test" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = -----------------, Framed-IP-Netmask = --------------------, Framed-Routing = Broadcast-Listen, Framed-Filter-Id = "std.ppp", Framed-MTU = 1500, Framed-Compression = Van-Jacobsen-TCP-IP> >bob User-Password == "test"> >prueba1 Auth-Type := CHAP, Password := "test"> > > > > >I try with all of this users and again have the error:> > > >modcall: leaving group authorize (returns ok) for request 5 rad_check_password: Found Auth-Type CHAPauth: type "CHAP" Processing the authenticate section of radiusd.confmodcall: entering group CHAP for request 5 rlm_chap: login attempt by "javier" with CHAP password rlm_chap: Could not find clear text password for user javier modcall[authenticate]: module "chap" returns invalid for request 5modcall: leaving group CHAP (returns invalid) for request 5auth: Failed to validate the user.Login incorrect (rlm_chap: Clear text password not available): [javier/<CHAP-Password>] (from client rasiplan2 port 2119 cli 1141323200)Delaying request 5 for 1 seconds> > > >THANKS!!!> > > >Javier.> > > > > > > > > >> To: freeradius-users at lists.freeradius..org> Subject: RE: Problem with CHAP> Date: Mon, 26 Nov 2007 14:05:07 +0100> From: tnt at kalik.co.yu> > >When I connect I use this username and password and the radius don't validate the request.> > > No. You didn't use username usuario3. Look at the request:> > User-Name = "chap"> > Ivan Kalik> Kalik Informatika ISP> > -> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html> >_________________________________________________________________> >Tecnología, moda, motor, viajes,
suscríbete a nuestros boletines para estar a la última> >http://newsletters.msn.com/hm/maintenanceeses.asp?L=ES&C=ES&P=WCMaintenance&Brand=WL&RU=http%3a%2f%2fmail.live.com> >> > -> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>_________________________________________________________________
>Tecnología, moda, motor, viajes,
suscríbete a nuestros boletines para estar a la última
>http://newsletters.msn.com/hm/maintenanceeses.asp?L=ES&C=ES&P=WCMaintenance&Brand=WL&RU=http%3a%2f%2fmail.live.com
>

More information about the Freeradius-Users mailing list