ntlm_auth woes
Tim ODriscoll
tim.odriscoll at lambrookschool.co.uk
Mon May 29 18:11:44 CEST 2017
On 29 May 2017 14:49
> Install 3.0.14. It also comes with a radclient which can send MS-CHAP packets. You can use
> this to do more tests.
I've got 3.0.14 going now, and radtest gives a little more output but it's still looking like ntlm_auth is failing to work with the --challenge and --nt-response parameters.
$ radtest -x -t mschap tim.odriscoll <mypass> 127.0.0.1:18120 0 testing123
Sent Access-Request Id 249 from 0.0.0.0:32985 to 127.0.0.1:18120 length 139
User-Name = "tim.odriscoll"
MS-CHAP-Password = "<mypass>"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00
Cleartext-Password = "<mypass>"
MS-CHAP-Challenge = 0x##redacted##
MS-CHAP-Response = 0x##redacted##
Received Access-Reject Id 249 from 127.0.0.1:18120 to 0.0.0.0:0 length 61
MS-CHAP-Error = "\000E=691 R=1 C=831147a867e5acc8 V=2"
(0) -: Expected Access-Accept got Access-Reject
Many thanks,
Tim
More information about the Freeradius-Users
mailing list