Connect problem
Henrik Kressner
kressner at synkro.dk
Fri Jul 1 14:08:44 CEST 2016
On 01-07-2016 13:57, Alan DeKok wrote:
> On Jul 1, 2016, at 5:02 AM, Henrik Kressner <kressner at synkro.dk> wrote:
>> I get this response:
>> ....
>> (133) eap: Peer sent packet with method EAP MSCHAPv2 (26)
>> (133) eap: Calling submodule eap_mschapv2 to process data
>> (133) eap_mschapv2: # Executing group from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
>> (133) eap_mschapv2: Auth-Type MS-CHAP {
>> (133) mschap: WARNING: No Cleartext-Password configured. Cannot create NT-Password
>> (133) mschap: WARNING: No Cleartext-Password configured. Cannot create LM-Password
>> (133) mschap: Creating challenge hash with username: bob
>> (133) mschap: Client is using MS-CHAPv2
>> (133) mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform authentication
>> (133) mschap: ERROR: MS-CHAP2-Response is incorrect
>> (133) [mschap] = reject
>> (133) } # Auth-Type MS-CHAP = reject
>> (133) eap: Sending EAP Failure (code 4) ID 24 length 4
>> (133) eap: Freeing handler
>> ....
>>
>>
>> What does it mean?
> It means that the server can't authenticate the user, because it has no idea what the *good* password is for the user.
>
> As the message says, set Cleartext-Password. It will then work.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I believe I did just that in the file: /usr/local/etc/raddb/users
# The canonical testing user which is in most of the
# examples.
#
bob Cleartext-Password := "hello"
Reply-Message := "Hello, %{User-Name}"
#
And it works both on the server and on the NAS with radtest ?
--
-------------------------------------------
Med venlig hilsen / Yours Sincerly
Henrik Kressner
kressner at synkro.dk
Ingeniørfirmaet Synkro / Synkro Engineering
Vædevej 64
5462 Morud
http://www.synkro.dk
Direkte 40 37 40 87
More information about the Freeradius-Users
mailing list