CHAP Method For Radius
-
in youre users file you have this to use chap v1 on windows 95/98 or chap v2 on higher windows versions
"testuser" User-Password == "Secret149"
when you crypt youre passwordts the chap protocol will fail
-
Ive edited the config withe the settings you provided, but it still says that username is invalis, aslo for some reason the captive portal doesnt send Auth-Type = MS-CHAP… ?
-
all captive portals send auth type = local
this is normal
check the bigining of youre users file angainst myne
i think i have atherd there a thing to make vpn and portal working on pfsensei think it was somfing with system
# DEFAULT entries match with all login names. # Note that DEFAULT entries can also Fall-Through (see first entry). # A name-value pair from a DEFAULT entry will _NEVER_ override # an already existing name-value pair. # # # First setup all accounts to be checked against the UNIX /etc/passwd. # (Unless a password was already given earlier in this file). # #DEFAULT Auth-Type = System # Fall-Through = 1 # # Set up different IP address pools for the terminal servers. # Note that the "+" behind the IP address means that this is the "base" # IP address. The Port-Id (S0, S1 etc) will be added to it. # #DEFAULT Service-Type == Framed-User, Huntgroup-Name == "alphen" # Framed-IP-Address = 192.168.1.32+, # Fall-Through = Yes #DEFAULT Service-Type == Framed-User, Huntgroup-Name == "delft" # Framed-IP-Address = 192.168.2.32+, # Fall-Through = Yes # # Defaults for all framed connections. # DEFAULT Service-Type == Framed-User Framed-IP-Address = 255.255.255.254, Framed-MTU = 576, Service-Type = Framed-User, Fall-Through = Yes # # Default for PPP: dynamic IP address, PPP mode, VJ-compression. # NOTE: we do not use Hint = "PPP", since PPP might also be auto-detected # by the terminal server in which case there may not be a "P" suffix. # The terminal server sends "Framed-Protocol = PPP" for auto PPP. # DEFAULT Framed-Protocol == PPP Framed-Protocol = PPP, Framed-Compression = Van-Jacobson-TCP-IP #
-
I just looked through the USERS file and it looks exactly the same as yours. I dont know what to do…
-
oke so system passwords are disabled that is good
start freeradius with
radiusd -x
or with freeradius -x
then try loggin in trouw the portal and look at the error that freeradius is giving in its screen -
yea I am ruuning in the debug mode, and there are no errors, and at the end it says, password is invalid… and it sends Access-Reject
I'm lost now... is there a soft client that send MS-CHAP Access Requests? -
just spoke with people from Mono they say it uses PAP…
hoba, do you know what version of Mono are u using? 1.20 or 1.21? -
1.21
-
it does use pap only.
just add authtpe=pap
in your radius configuration should work depending on your backend it is really no worse than chap.
if you are paranoid and an stunnel from you NAS to your radius backend -
actually I had to use Auth-Type== local, instead of system which is defult… in that case it will fall through all local modules installed