AW: trigger an Access Challenge

Ronny Voigt Voigt at
Tue Feb 24 18:14:45 CET 2009

Thanks for reply. But the client that I use, only supports PAP and CHAP requests and neither of them initiates the server to send an Access Challenge. 
That is why I tried to create the challenge with the help of the perl module. Then I realized that unfortunatly doesn't include this module. After spending serveral hours in setting up a linux environment I'm in despair of this perl script. Perhaps somebody can tell me why it doesn't work!?

sub authenticate {
    # For debugging purposes only

    if ($RAD_REQUEST{'User-Name'} =~ /^baduser/i) {
        # Reject user and tell him why
        $RAD_REPLY{'Reply-Message'} = "Denied access by rlm_perl function";
        return RLM_MODULE_REJECT;
    } else {
        # send the challenge
        $RAD_REPLY{'State'} = "challenge";
        $RAD_REPLY{'Reply-Message'} = "challenge: ";
        $RAD_CHECK{'Response-Packet-Type'} = "Access-Challenge";
        return RLM_MODULE_HANDLED;

If I'm not completely wrong, it's the same that worked for this guy:

But the server doesn't send the reply to the client (Timeout at clientside)

-----Ursprüngliche Nachricht-----
Von: at [ at] Im Auftrag von tnt at
Gesendet: Dienstag, 24. Februar 2009 00:07
An: FreeRadius users mailing list
Betreff: Re: trigger an Access Challenge

>I want to test a radius client with the freeradius server. Access
>Requests and Replies works fine, but although I searched this mailing
>list and several websites I still have no idea how to trigger an Access
>Challenge. It would be very nice, if somebody could tell me how I have
>to configure freeradius, so that it sends an access challenge to my

Send a request for an authentication protocol that requires multiple
server-client exchanges (like EAP). If server needs more information
from the client it will respond with the challenge.

Ivan Kalik
Kalik Informatika ISP

List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list