Fw: (RADIATOR) MS-CHAP v2 killing radiusd

Hugh Irvine hugh at open.com.au
Mon May 13 18:02:11 CDT 2002


Hello Tunde -

It would be most helpful if you could send me a copy of your configuration 
file, a complete trace 4 debug from Radiator showing what is going on, and a 
description of the hardware/software system that you are running.

If Radiator is sending an access accept back in response to the initial 
request, then it is likely that you need some additional reply attributes.

regards

Hugh


On Tue, 14 May 2002 06:32, Tunde Itayemi wrote:
> ----- Original Message -----
> From: Tunde Itayemi
> To: Tunde Itayemi
> Sent: Monday, May 13, 2002 8:38 PM
> Subject: Re: (RADIATOR) MS-CHAP v2 killing radiusd
>
>
> Hi all,
> new development - I downloaded SHA perl module and installed it. Now, the
> radiusd does not crash anymore but I can't get it to authenticate with
> MSCHAPv2. I get the message below when I do a VPN to my radius server:
>
> Verifying username and password...
> Error 778: It was not possible to verify the identity of the server.
>
> Also, I noticed that the logfile states that radiator is sending
> access-accept packets to the NAS (windows 2K server) and yet, I keep
> getting the message above on the test client. Bu the password.log gives
> messages of the form:
>
> Mon May 13 21:20:27 2002:1021328427:mikem:UNKNOWN-MS-CHAP-V2:fred:PASS
>
> Any ideas about all these discrepancies?
>
> Tunde I.
>   ----- Original Message -----
>   From: Tunde Itayemi
>   To: Tichahleyi Mpofu
>   Cc: Hugh at Open.Com.Au ; Mike McCauley
>   Sent: Monday, May 13, 2002 8:03 PM
>   Subject: Re: (RADIATOR) MS-CHAP v2 killing radiusd
>
>
>   Hi,
>
>   I downloaded the Digest-MD4-1.1.tar.gz and installed it. Have you
> actually authenticated a user with MS CHAP v2?
>   Also, with all the CHAP variants, I get something in the nature of
>
>   Mon May 13 18:49:44 2002:1021319384:oan:UNKNOWN-MS-CHAP::FAIL
>
>   Note that it could not decode the password sent to it by the client.
>   By the way, do you have the Digest-SHA perl module installed? I get the
> error below when I test radiator with radpwtst with the mschap2 switch
> e.g., radpwtst -mschapv2 -user mikem -password fred -nas_ip_address
> 192.160.0.4
>
>   Can't locate SHA.pm in @INC (@INC contains: .
> /usr/lib/perl5/5.6.0/i386-linux /u sr/lib/perl5/5.6.0
> /usr/lib/perl5/site_perl/5.6.0/i386-linux /usr/lib/perl5/site _perl/5.6.0
> /usr/lib/perl5/site_perl .) at /usr/lib/perl5/site_perl/5.6.0/Radius
> /MSCHAP.pm line 131.
>
>   where can I get a "working" SHA perl module - assuming it is the cause of
> my problems? The one I downloaded from CPAN refuse to install
> (Digest-SHA1-2.01.tar.gz)
>
>   Hope to hear from you soon.
>   Regards,
>   Tunde I.
>     ----- Original Message -----
>     From: Tichahleyi Mpofu
>     To: Tunde Itayemi
>     Sent: Monday, May 13, 2002 6:22 PM
>     Subject: Re: (RADIATOR) MS-CHAP v2 killing radiusd
>
>
>     i installed MD4 perl module and it worked for me.
>     Regards
>     Tich
>
>       ----- Original Message -----
>       From: Tunde Itayemi
>       To: Mike McCauley
>       Cc: Hugh at Open.Com.Au ; radiator at open.com.au
>       Sent: Monday, May 13, 2002 5:48 PM
>       Subject: (RADIATOR) MS-CHAP v2 killing radiusd
>
>
>       Hi Mike, Hugh and All,
>
>       I found out through trial and error that it is MS CHAP v2 that is
> killing the radius server. According to you - support for it has been added
> since last year. Is there a bug in there? I have installed MD4 perl module.
>       I have also tried downloading the file Radiator-3.0.tgz at your site,
> extracting just the AuthGeneric file and using it to replace the original
> one installed by the RPM but it had no effect?
>
>       What is responsible? That is what is stopping me from taking radiator
> live!
>
>       Hope to hear from you really soon.
>
>       Regards,
>       Tunde I.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list