accepting any login attempt with CHAP (not MS-CHAP)

Klaas Jan Wierenga k.j.wierenga at gmail.com
Fri Dec 18 14:33:29 CET 2009


Hi Alan,

Thanks for you reply. It turned out radius was accepting CHAP sessions  
already and they where being rejected because another condition wasn't  
met (Calling-Station-ID mandatory). But the error message 'rlm_chap:  
Clear text password not available' was confusing me.

Again thanks for your response.

Regards,

Klaas Jan Wierenga

Op 18 dec 2009, om 14:11 heeft Alan DeKok het volgende geschreven:

> Klaas Jan Wierenga wrote:
>> I'm trying to accept any login attempt. So far it's working fine with
>> the "Auth-Type := Accept", but now some users use CHAP and I get the
>> following error messages:
>>
>> Thu Dec 17 19:33:16 2009 : Auth: Login incorrect (rlm_chap: Clear  
>> text
>> password not available): [******/<CHAP-Password>] (from client ****  
>> port
>> *****)
>
>  That's likely because you put the "Auth-Type := Accept" in the wrong
> place.  What does "radiusd -X" say?  And where did you put "Auth- 
> Type :=
> Accept"?
>
>> I know from
>> http://lists.freeradius.org/mailman/htdig/freeradius-users/2006-October/msg00031.html 
>>  that
>> it's not possible to accept any password when using MS-CHAP, but is  
>> it
>> possible with CHAP? And if so, how can I configure Radius to accept  
>> any
>> CHAP password?
>
>  Auth-Type := Acceptwill do it.
>
>> I'm using a rather old version of FreeRADIUS:
>> # /usr/sbin/radiusd -v
>> radiusd: FreeRADIUS Version 1.0.4, for host , built on Jul 20 2005 at
>> 08:12:10
>
>  Ugh.
>
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list