歡迎您光臨本站 註冊首頁

freeradius mysql 無法使用ms-chap認證,HELP

←手機掃碼閱讀     火星人 @ 2014-03-04 , reply:0

freeradius mysql 無法使用ms-chap認證,HELP

我用pptp+freeradius+mysql架設VPN伺服器,可是
只能通過CHAP認證,MS-CHAP無法通過。各種文檔都
查了,英文、簡體、繁體,各有各的說法,折騰幾天
了,小弟實在是無解,請幫助,不勝感激!

下面是運行freeradius -X收到請求時的輸出:

Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 41762, id=97, length=150
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "zongyu"
        MS-CHAP-Challenge = 0x41902a3df355bf003235416f8c95123b
        MS-CHAP2-Response = 0x6700046bbbecd97e76d54ba2b84e6f2d999f0000000000000000325624ca5c6d0e7a7840cdaaef889bef23b2545ba559e823
        Calling-Station-Id = "222.246.32.223"
        NAS-IP-Address = 174.34.155.242
        NAS-Port = 0
+- entering group authorize {...}
++ returns ok
++ returns noop
Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++ returns ok
No '@' in User-Name = "zongyu", looking up realm NULL
No such realm "NULL"
++ returns noop
No EAP-Message, not doing EAP
++ returns noop
        expand: %{User-Name} -> zongyu
sql_set_user escaped user --> 'zongyu'
rlm_sql (sql): Reserving sql socket id: 3
        expand: SELECT id, username, attribute, value, op           
                     FROM radcheck           
                     WHERE username = '%{SQL-User-Name}'           
                     ORDER BY id
                    ->
                    SELECT id, username, attribute, value, op         
                    FROM radcheck           
                    WHERE username = 'zongyu'           
                    ORDER BY id

User found in radcheck table

        expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}'   ORDER BY id
                -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'zongyu'    ORDER BY id

        expand: SELECT groupname  FROM radusergroup  WHERE username = '%{SQL-User-Name}'   ORDER BY priority
                 -> SELECT groupname FROM radusergroup  WHERE username = 'zongyu'   ORDER BY priority

        expand: SELECT id, groupname, attribute, Value, op  FROM radgroupcheck  WHERE groupname = '%{Sql-Group}'  ORDER BY id
                -> SELECT id, groupname, attribute, Value, op  FROM radgroupcheck   WHERE groupname = 'pptp' ORDER BY id

User found in group pptp

        expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}'  ORDER BY id  
                 -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'pptp'  ORDER BY id

rlm_sql (sql): Released sql socket id: 3

++ returns ok
++ returns noop
++ returns noop

Found existing Auth-Type, not changing it.
++ returns noop
Found Auth-Type = CHAP
+- entering group CHAP {...}
rlm_chap: Attribute "CHAP-Password" is required for authentication.
++ returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
        expand: %{User-Name} -> zongyu
attr_filter: Matched entry DEFAULT at line 11
++ returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 97 to 127.0.0.1 port 41762
Waking up in 2.9 seconds.
Cleaning up request 0 ID 97 with timestamp +8

[ 本帖最後由 mawav 於 2010-1-23 12:17 編輯 ]
《解決方案》

這麼多高手,沒人響應?

如有朋友幫忙解決,贈送10天VPN帳戶(美國加州伺服器)。

[ 本帖最後由 mawav 於 2010-1-23 12:22 編輯 ]
《解決方案》

問題解決。

自己犯迷糊,之前東搞西搞為進行CHAP驗證在資料庫中設置成了AuthType:=CHAP
《解決方案》

原帖由 mawav 於 2010-1-23 13:30 發表 http://bbs.chinaunix.net/images/common/back.gif
問題解決。

自己犯迷糊,之前東搞西搞為進行CHAP驗證在資料庫中設置成了AuthType:=CHAP
Local
MS-CHAP
這些都是經常用的

[火星人 ] freeradius mysql 無法使用ms-chap認證,HELP已經有561次圍觀

http://coctec.com/docs/service/show-post-19041.html