Allow access to wrong password
Bjørn Mork
bjorn at mork.no
Thu Apr 14 15:51:14 CEST 2016
Aurélio de Souza Ribeiro Neto <netolistas at mpc.com.br> writes:
> Em 13/04/2016 19:41, Alan DeKok escreveu:
>> On Apr 13, 2016, at 5:16 PM, Aurélio de Souza Ribeiro Neto <netolistas at mpc.com.br> wrote:
>>> rad_recv: Access-Request packet from host 172.20.200.2 port 47606, id=251, length=207
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 15728752
>>> NAS-Port-Type = Ethernet
>>> User-Name = "testepppoe"
>>> Calling-Station-Id = "F8:1A:67:58:42:E7"
>>> Called-Station-Id = "CE - TESTE PPPoE"
>>> NAS-Port-Id = "ether2"
>>> MS-CHAP-Challenge = 0xa2679e2e3eda990b3c1154ad21869130
>>> MS-CHAP2-Response = 0x01003768a76d49b3b35a91341a22ddb2930a000000000000000003c736cb201806f6a9100b319b13e9c893b2bd9d048a7541
>> You can't force an Access-Accept in MS-CHAPv2.
>
> Sorry, I don't know why.....
See the "Note" on https://technet.microsoft.com/en-us/library/cc787927%28v=ws.10%29.aspx
The easiest way to "fix" this is usually turning off chap support on the
NAS, allowing only pap.
Bjørn
More information about the Freeradius-Users
mailing list