(RADIATOR) MS-MPPE-RECV-send

Judy Angel J.Angel at herts.ac.uk
Mon Jul 12 07:13:07 CDT 2004 


--On 10 July 2004 17:10 +1000 Hugh Irvine <hugh at open.com.au> wrote:

>
> Hello Judy -
>
> You should be able to use "AutoMPPEKeys" in your AuthBy module.
>
> See section 6.17.23 in the Radiator 3.9 reference manual ("doc/ref.html").

ok some progress,

but if I test from the bluesocket with realm pptp or without it works, but 
not from a pptp microsoft client.
The password is clear text in the users file


Mon Jul 12 12:57:12 2004: DEBUG: Packet dump:
*** Received from 147.197.200.100 port 32798 ....
Code:       Access-Request
Identifier: 111
Authentic:  <194>w<14><164>$1<200><208><9><179><174><5><162><13><217>9
Attributes:
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "judyblue at pptp"
        MS-CHAP-Challenge = 
"<186>5<192>wi<205><165>|+<235><132>J<158><222><249>5"
        MS-CHAP2-Response = 
"<1><0><227><5><169>1<240><137>^<202><218>K<20>b@<144><152>`<0
><0><0><0><0><0><0><0><137>R<197><12>l<27>,L<249><136>dJ<26><153>)s<229>G<1
49>!<246>j<186>
<147>"
        NAS-IP-Address = 147.197.200.100
        NAS-Port = 0

Mon Jul 12 12:57:12 2004: DEBUG: Handling request with Handler 'Realm=pptp'
Mon Jul 12 12:57:12 2004: DEBUG: Rewrote user name to judyblue
Mon Jul 12 12:57:12 2004: DEBUG:  Deleting session for judyblue at pptp, 
147.197.200.100, 0
Mon Jul 12 12:57:12 2004: DEBUG: Handling with Radius::AuthFILE:
Mon Jul 12 12:57:12 2004: DEBUG: Radius::AuthFILE looks for match with 
judyblue
Mon Jul 12 12:57:12 2004: DEBUG: Radius::AuthFILE REJECT: Bad Password
Mon Jul 12 12:57:12 2004: INFO: Access rejected for judyblue: Bad Password
Mon Jul 12 12:57:12 2004: DEBUG: Packet dump:
*** Sending to 147.197.200.100 port 32798 ....
Code:       Access-Reject
Identifier: 111
Authentic:  <194>w<14><164>$1<200><208><9><179><174><5><162><13><217>9
Attributes:
        Reply-Message = "Request Denied"



users/....

judyblue        Password = "xx"
        Service-Type = Framed-User,
         Framed-Protocol = PPP,
         Framed-IP-Netmask = 255.255.255.255,
         Framed-Routing = None,
         Framed-MTU = 1500,
         Framed-Compression = Van-Jacobson-TCP-IP,
         Message-Authenticator = 0000000000000000,
         MS-MPPE-Encryption-Policy = Encryption-Allowed,
         MS-MPPE-Encryption-Types = Encryption-Any


config..



<Realm pptp>
        RewriteUsername s/^([^@]+).*/$1/
        <AuthBy FILE>
                Filename ./users
                # generate MPPE keys to encrypt pptp vpns
                AutoMPPEKeys Yes
        </AuthBy>
         AcctLogFileName %L/detail
</Realm>


This is my first use of pptp, so I guess it is somthing basic that I am 
missing.

Thanks

Judy
>
> regards
>
> Hugh
>
>
> On 10 Jul 2004, at 00:54, Judy Angel wrote:
>
>> Hi,
>>
>> I have seen you question to Radiator
>>
>> "On Wednesday, Mar 5, 2003, at 00:32 Australia/Melbourne, baxter wrote:
>>
>>> I am using radiator to authenticate wireless users (from a bluesocket
>>> wireless gateway) with the authentication going against an imap server
>>> on
>>> our campus.  The problem I am having is that I can't seem to figure
>>> out what
>>> I need to return on a pptp request.  The bluesocket people say I need
>>> to get
>>> a "MS-MPPE-RECV-key" and a "MS-MPPE-RECV-send" but the log from the
>>> radiator
>> "
>>
>> I have exactly the same problem and am interested to know if that was
>> solved. I can see no reply after the request for the trace. I would be
>> very greatful if you tell me how you solved that problem.
>>
>> many thanks
>>
>> Judy Angel
>> University of Hertfordshire
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>>
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list