accepting any login attempt with CHAP (not MS-CHAP)
Klaas Jan Wierenga
k.j.wierenga at gmail.com
Fri Dec 18 14:33:29 CET 2009
Hi Alan,
Thanks for you reply. It turned out radius was accepting CHAP sessions
already and they where being rejected because another condition wasn't
met (Calling-Station-ID mandatory). But the error message 'rlm_chap:
Clear text password not available' was confusing me.
Again thanks for your response.
Regards,
Klaas Jan Wierenga
Op 18 dec 2009, om 14:11 heeft Alan DeKok het volgende geschreven:
> Klaas Jan Wierenga wrote:
>> I'm trying to accept any login attempt. So far it's working fine with
>> the "Auth-Type := Accept", but now some users use CHAP and I get the
>> following error messages:
>>
>> Thu Dec 17 19:33:16 2009 : Auth: Login incorrect (rlm_chap: Clear
>> text
>> password not available): [******/<CHAP-Password>] (from client ****
>> port
>> *****)
>
> That's likely because you put the "Auth-Type := Accept" in the wrong
> place. What does "radiusd -X" say? And where did you put "Auth-
> Type :=
> Accept"?
>
>> I know from
>> http://lists.freeradius.org/mailman/htdig/freeradius-users/2006-October/msg00031.html
>> that
>> it's not possible to accept any password when using MS-CHAP, but is
>> it
>> possible with CHAP? And if so, how can I configure Radius to accept
>> any
>> CHAP password?
>
> Auth-Type := Acceptwill do it.
>
>> I'm using a rather old version of FreeRADIUS:
>> # /usr/sbin/radiusd -v
>> radiusd: FreeRADIUS Version 1.0.4, for host , built on Jul 20 2005 at
>> 08:12:10
>
> Ugh.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list