Problem with MSCHAP and Freeradius authentication

NdK ndk.clanbo at gmail.com
Fri Jan 20 18:17:26 CET 2012


Il 20/01/2012 17:17, Dhiraj Gaur ha scritto:

> Thanks for the reply. I already followed your site and was able to make
> ntlm_auth work. For MS-CHAP the AD page of your site says
> 
> "Start the server and use a test client to send an MS-CHAP
> authentication request. The |radclient| cannot currently be used to send
> this request, unfortunately, which makes testing a little difficult If
> everything goes well, you should see the server returning an
> Access-Accept <http://freeradius.org/rfc/rfc2865.html#Access-Accept>
> message as above."
Been there too.
But after that I tested with eapol_test from wpa_supplicant. With
negative results :(

> Hence I was of the view radtest cannot work for MS-CHAP authentication.
> Request you to point me to the right link and way to do the MS-CHAP
> procedure and testing the same thorugh radtest. I could not understand
> "There's no User-Password in MS-CHAP."
It's not sent to the server, so you can't use --pass= for ntlm_auth.
It's only used to encrypt the challenge.


BYtE,
 Diego.



More information about the Freeradius-Users mailing list