(5) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject

Alan DeKok aland at deployingradius.com
Sun Mar 26 20:47:22 CEST 2017


On Mar 26, 2017, at 1:08 PM, jaseywang <jaseywang at gmail.com> wrote:
> I use daloradius to add a new user wyx1(cleartext-password), and it passed
> "test user connectivity" test, below is the daloradius/radtest and radiusd
> -X output:

  Note that the server receives a User-Password attribute.

> But when  I use the same account to connect the pptp server, it
> says Authentication failed:

  Because it doesn't receive a User-Password attribute.

> And the responding pptp log:

...

> Mar 27 00:56:07 iZ2597ft3dqZ pppd[23203]: Peer wyx1 failed CHAP
> authentication

  Nope.  It never sent a CHAP-Password request.

  Fix PPTP to send User-Password or CHAP-Password.

> config file:
> 
> # cat /etc/raddb/clients.conf:

  We don't nee to see that. 

  PLEASE follow the instructions in the FAQ: post "radiusd -X'.  We don't need to see any configuration files.

> # cat /usr/share/radiusclient-ng/dictionary
> # grep -v "#" dictionary  | grep -v ^$

  And don't post that.  We already have it.  It's not helpful.

  What does help is reading the debug output.  If you had compared the two packets, you would see that PPTP doesn't send User-Password, or CHAP-Password.  And from the "radiusd -X" output, the server is then unable to authenticate the user... because there's no password.

  Fix PPTP.  No amount of poking FreeRADIUS will solve the problem.

  Alan DeKok.




More information about the Freeradius-Users mailing list