(RADIATOR) Basic users file & MSCHAP question

Luis Marquez luism at digitalpath.net
Wed Oct 16 14:36:40 CDT 2002 

Hello,

I recently got an eval version of radiator to test on our Linux server and I
could use a bit of advice on creating a users file. The example users file
seems like it might be a bit much for our needs. Also, I am trying to get
mschap support working with our Cisco VPN 3000 concentrator.  I'll give you
some information on our setup.

 We have a Cisco VPN 3000 vpn concentrator that authenticates via radius.
Customers that connect with the cisco vpn client software can connect ok,
but when a customer tries to connect using a PPTP vpn connection using
MSCHAP, their computer gives an error about the server not using the correct
type of encryption. I have included the users file and radius.cfg.

This is what radiator has to say when I run radiusd in trace 4 debug mode
and tail -f the log file:

Wed Oct 16 11:58:32 2002: DEBUG: Packet dump:
*** Received from 65.164.104.10 port 1025 ....
Code:       Access-Request
Identifier: 12
Authentic:  <229><26><180><180><168><5>(<5>B<5><181><209><208>2A<192>
Attributes:
        User-Name = "mschaptest"
        NAS-Port = 1264
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Tunnel-Client-Endpoint = 49:0.0.97.67
        MS-CHAP-Challenge = "-Z]<4><144><127><163>Iq<226><17><198>Wz<185>V"
        MS-CHAP2-Response =
"<2><0><211><137>2<214>/<169><244><222>[c<231>i)<146>;o<0><0><0><0><0><0><0>
<0>i<222><8>}j5<254><225><198><211><128>i:wt;<137><223><236>%<250><13>8m"
        NAS-IP-Address = 65.164.104.10
        NAS-Port-Type = Virtual

Wed Oct 16 11:58:32 2002: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Oct 16 11:58:32 2002: DEBUG:  Deleting session for mschaptest,
65.164.104.10, 1264
Wed Oct 16 11:58:32 2002: DEBUG: Handling with Radius::AuthFILE:
Wed Oct 16 11:58:32 2002: DEBUG: Radius::AuthFILE looks for match with
mschaptest
Wed Oct 16 11:58:32 2002: DEBUG: Radius::AuthFILE ACCEPT:
Wed Oct 16 11:58:32 2002: DEBUG: Access accepted for mschaptest
Wed Oct 16 11:58:32 2002: DEBUG: Packet dump:
*** Sending to 65.164.104.10 port 1025 ....
Code:       Access-Accept
Identifier: 12
Authentic:  <229><26><180><180><168><5>(<5>B<5><181><209><208>2A<192>
Attributes:
        MS-CHAP2-Success = "<2>S=BA3CEA0D05FC896F8E792A15213BC9F69DA5AED4"


Any advice appreciated,


thanks

Luis

-------------- next part --------------
A non-text attachment was scrubbed...
Name: users
Type: application/octet-stream
Size: 9894 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20021016/5e01a4d1/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: radius.cfg
Type: application/octet-stream
Size: 1433 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20021016/5e01a4d1/attachment-0001.obj>

More information about the radiator mailing list