Values for MySQL tables for pptpd ?

Ali Jawad ali.jawad at splendor.net
Wed May 23 14:31:41 CEST 2012 

Hi again
I did do some more reading and finally got radius to authenticate mschap, I
am using the users file to add users for the time being and no SQL. A user
can authenticate properly

See

Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 3 ID 100 with timestamp +136
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 57868, id=101,
length=132
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "test"
        MS-CHAP-Challenge = 0x65c4689b30c27f604fcca7ba1370fdba
        MS-CHAP2-Response =
0x31004bfca25ae57e8617e1e2d3cebde289040000000000000000c4cd490b424b34bfa53ad8b65fb786d994c6f647dbdd001a
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] returns ok
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry test at line 76
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING: Auth-Type already set.  Not setting to PAP
++[pap] returns noop
Found Auth-Type = MSCHAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group MS-CHAP {...}
[mschap] Creating challenge hash with username: test
[mschap] Told to do MS-CHAPv2 for test with NT-Password
[mschap] adding MS-CHAPv2 MPPE keys
++[mschap] returns ok
# Executing section post-auth from file /etc/raddb/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 101 to 127.0.0.1 port 57868
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Address = 172.16.3.33
        Framed-IP-Netmask = 255.255.255.0
        Framed-Routing = Broadcast-Listen
        Framed-Filter-Id = "std.ppp"
        Framed-MTU = 1500
        Framed-Compression = Van-Jacobson-TCP-IP
        MS-CHAP2-Success =
0x31533d43303035333346323444353031324334354144323433334634334344343931374636363944453733
        MS-MPPE-Recv-Key = 0x494fa970f9bb475a70b1b37179089b1d
        MS-MPPE-Send-Key = 0x546cdc52da0bf3818284fe5e6c48332d
        MS-MPPE-Encryption-Policy = 0x00000002
        MS-MPPE-Encryption-Types = 0x00000004
Finished request 4.

but I get the following error on the pptpd side


May 23 13:30:01 pptp-test-100-13 pppd[7512]: rc_check_reply: received
invalid reply digest from RADIUS server

Any input please ?

Regards
On Wed, May 23, 2012 at 3:17 PM, Matthew Newton <mcn4 at leicester.ac.uk>wrote:

> On Wed, May 23, 2012 at 02:02:02PM +0200, Alan DeKok wrote:
> > Matthew Newton wrote:
> > > I'm not sure who looks after them now, or if they are maintained.
> > > I've just found radiusclient-ng, which looks more recent, but have
> > > no experience of it.
> > >
> > > But this is all mildly off-topic for FreeRADIUS...
> >
> >   radiusclient-ng is no longer developed.
> >
> >   It has become freeradius-client. :)  See http://freeradius.org
>
> Ah - thanks. I had it on my list to hack at the radiusclient code
> to try and update it. 30 minutes ago, that list entry changed to
> radiusclient-ng.
>
> Looks like I'll be looking at the freeradius-client code instead
> now... if I ever get time!
>
> Cheers,
>
> Matthew
>
>
> --
> Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
>
> Systems Architect (UNIX and Networks), Network Services,
> I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
>
> For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>



-- 
*Ali Jawad
*
*Information Systems Manager*
*Splendor Telecom (www.splendor.net)
Beirut, Lebanon
Phone: +9611373725/ext 116
FAX: +9611375554*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120523/86537571/attachment.html>

More information about the Freeradius-Users mailing list