mschapv2 problem

[Cristian Novac]

Thank you Allan for all the explanations; the problem was solved and the 
next thing I'll do will be to upgrade to FreeRadius 1.1.7

Cristian NOVAC

Alan DeKok wrote:
> Cristian Novac wrote:
>   
>> The authentication is still not working
>> I attached the log I got when running in debug mode;
>>     
>
>   It's long and informative.  As was pointed out, it includes a lot of
> issues that you should fix.
>
>   In short, you configured "Auth-Type" somewhere, and broke the server.
>  The debug log shows this clearly:
>
> modcall: entering group authorize for request 10
>   modcall[authorize]: module "preprocess" returns ok for request 10
>   modcall[authorize]: module "chap" returns noop for request 10
>   rlm_mschap: Found MS-CHAP attributes.  Setting 'Auth-Type  = MS-CHAP'
>
> - So mschap should be used for authentication
>
>   modcall[authorize]: module "mschap" returns ok for request 10
>     rlm_realm: No '@' in User-Name = "BE2048", looking up realm NULL
>     rlm_realm: No such realm "NULL"
>   modcall[authorize]: module "suffix" returns noop for request 10
>   rlm_eap: No EAP-Message, not doing EAP
>   modcall[authorize]: module "eap" returns noop for request 10
>     users: Matched entry BE2048 at line 108
>
> - Which is:
>
> BE2048	Auth-Type := Local, User-Password == "mypass at wd"
>
>   See?  All of the documentation and Wiki pages say don't set Auth-Type.
>  Why?  Because ALMOST EVERYONE GETS IT WRONG.
>
>   DELETE EVERY REFERENCE TO "Auth-Type := Local"
>
>   You configured the server to prevent MS-CHAP authentication.  The
> debug log shows this.  It's not hard to find:  look for the first
> instance of the word "reject" while it's processing a request.  Then,
> read the lines above that.
>
>   Also, upgrade to 1.1.7.  There are many fixes, and more documentation
> saying what to do, and what not to do.
>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>