Values for MySQL tables for pptpd ?

Ali Jawad ali.jawad at splendor.net
Wed May 23 14:35:55 CEST 2012


NM posted to quickly, secrets were wrong, fiddling around with

Unsupported protocol 'IPv6 Control Protovol' (0x8057) received

after that it should work, will definitively post it up in a howto.

Regards

On Wed, May 23, 2012 at 3:31 PM, Ali Jawad <ali.jawad at splendor.net> wrote:

> Hi again
> I did do some more reading and finally got radius to authenticate mschap,
> I am using the users file to add users for the time being and no SQL. A
> user can authenticate properly
>
> See
>
> Going to the next request
> Waking up in 4.9 seconds.
> Cleaning up request 3 ID 100 with timestamp +136
> Ready to process requests.
> rad_recv: Access-Request packet from host 127.0.0.1 port 57868, id=101,
> length=132
>         Service-Type = Framed-User
>         Framed-Protocol = PPP
>         User-Name = "test"
>         MS-CHAP-Challenge = 0x65c4689b30c27f604fcca7ba1370fdba
>         MS-CHAP2-Response =
> 0x31004bfca25ae57e8617e1e2d3cebde289040000000000000000c4cd490b424b34bfa53ad8b65fb786d994c6f647dbdd001a
>          NAS-IP-Address = 127.0.0.1
>         NAS-Port = 0
> # Executing section authorize from file /etc/raddb/sites-enabled/default
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[chap] returns noop
> [mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
> ++[mschap] returns ok
> ++[digest] returns noop
> [suffix] No '@' in User-Name = "test", looking up realm NULL
> [suffix] No such realm "NULL"
> ++[suffix] returns noop
> [eap] No EAP-Message, not doing EAP
> ++[eap] returns noop
> [files] users: Matched entry test at line 76
>  ++[files] returns ok
> ++[expiration] returns noop
> ++[logintime] returns noop
> [pap] WARNING: Auth-Type already set.  Not setting to PAP
> ++[pap] returns noop
> Found Auth-Type = MSCHAP
> # Executing group from file /etc/raddb/sites-enabled/default
> +- entering group MS-CHAP {...}
> [mschap] Creating challenge hash with username: test
> [mschap] Told to do MS-CHAPv2 for test with NT-Password
> [mschap] adding MS-CHAPv2 MPPE keys
> ++[mschap] returns ok
> # Executing section post-auth from file /etc/raddb/sites-enabled/default
> +- entering group post-auth {...}
> ++[exec] returns noop
> Sending Access-Accept of id 101 to 127.0.0.1 port 57868
>         Service-Type = Framed-User
>         Framed-Protocol = PPP
>         Framed-IP-Address = 172.16.3.33
>         Framed-IP-Netmask = 255.255.255.0
>         Framed-Routing = Broadcast-Listen
>         Framed-Filter-Id = "std.ppp"
>         Framed-MTU = 1500
>         Framed-Compression = Van-Jacobson-TCP-IP
>         MS-CHAP2-Success =
> 0x31533d43303035333346323444353031324334354144323433334634334344343931374636363944453733
>         MS-MPPE-Recv-Key = 0x494fa970f9bb475a70b1b37179089b1d
>         MS-MPPE-Send-Key = 0x546cdc52da0bf3818284fe5e6c48332d
>         MS-MPPE-Encryption-Policy = 0x00000002
>         MS-MPPE-Encryption-Types = 0x00000004
> Finished request 4.
>
> but I get the following error on the pptpd side
>
>
> May 23 13:30:01 pptp-test-100-13 pppd[7512]: rc_check_reply: received
> invalid reply digest from RADIUS server
>
> Any input please ?
>
> Regards
>
> On Wed, May 23, 2012 at 3:17 PM, Matthew Newton <mcn4 at leicester.ac.uk>wrote:
>
>> On Wed, May 23, 2012 at 02:02:02PM +0200, Alan DeKok wrote:
>> > Matthew Newton wrote:
>> > > I'm not sure who looks after them now, or if they are maintained.
>> > > I've just found radiusclient-ng, which looks more recent, but have
>> > > no experience of it.
>> > >
>> > > But this is all mildly off-topic for FreeRADIUS...
>> >
>> >   radiusclient-ng is no longer developed.
>> >
>> >   It has become freeradius-client. :)  See http://freeradius.org
>>
>> Ah - thanks. I had it on my list to hack at the radiusclient code
>> to try and update it. 30 minutes ago, that list entry changed to
>> radiusclient-ng.
>>
>> Looks like I'll be looking at the freeradius-client code instead
>> now... if I ever get time!
>>
>> Cheers,
>>
>> Matthew
>>
>>
>> --
>> Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
>>
>> Systems Architect (UNIX and Networks), Network Services,
>> I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
>>
>> For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
>
> --
> *Ali Jawad
> *
> *Information Systems Manager*
> *Splendor Telecom (www.splendor.net)
> Beirut, Lebanon
> Phone: +9611373725/ext 116
> FAX: +9611375554*
>
>


-- 
*Ali Jawad
*
*Information Systems Manager*
*Splendor Telecom (www.splendor.net)
Beirut, Lebanon
Phone: +9611373725/ext 116
FAX: +9611375554*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120523/657245be/attachment-0001.html>


More information about the Freeradius-Users mailing list