Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: Adding Auth-Types to radiusd.conf
« previous next »
Pages: [1]   Go Down

Adding Auth-Types to radiusd.conf

  • 2 Replies
  • 1053 Views

Offline compsos

  • *
  • 472
  • +0/-0
Adding Auth-Types to radiusd.conf
« on: January 09, 2008, 01:19:49 PM »
Hi

We have been trying to configure the Freeradius server to work with Telstra's IPWAN network from 3G data modems and have most of it working but still sending a reject packet back.

I think the solution is to add CHAP to the radiusd.conf file. Would like to confirm the correct way to add this mod without breaking the existing and working VPN configuration.

Should it be done as new propkeys in the DB or template fragments?

TIA

Gordon

"rlm_passwd: Adding "Auth-Type = MS-CHAP"
  modcall[authorize]: module "smbpasswd" returns ok for request 2
    users: Matched iama3g at 15
  modcall[authorize]: module "files" returns ok for request 2
modcall: group authorize returns ok for request 2
  rad_check_password:  Found Auth-Type MS-CHAP
auth: type "MS-CHAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 2
  rlm_mschap: Found LM-Password
  rlm_mschap: Found NT-Password
  rlm_mschap: No MS-CHAP-Challenge in the request
  modcall[authenticate]: module "mschap" returns reject for request 2"
Logged
Regards

Gordon............

Offline cactus

  • *
  • 4,880
  • +3/-0
    • http://www.snetram.nl
Re: Adding Auth-Types to radiusd.conf
« Reply #1 on: January 09, 2008, 04:14:57 PM »
Normally configuration files are templated, since I do not know which configuration file you are mentioning I can not say if yours is as well. More information on the template system and how to make changes to configuration files can be found in the SME Server Developers Guide linked in the wiki.
Logged
Be careful whose advice you buy, but be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than its worth ~ Baz Luhrmann - Everybody's Free (To Wear Sunscreen)

Offline stephen noble

  • *
  • 607
  • +1/-0
    • Dungog
Re: Adding Auth-Types to radiusd.conf
« Reply #2 on: January 09, 2008, 05:23:42 PM »
Quote from: compsos on January 09, 2008, 01:19:49 PM

I think the solution is to add CHAP to the radiusd.conf file. Would like to confirm the correct way to add this mod without breaking the existing and working VPN configuration.

Should it be done as new propkeys in the DB or template fragments?


Hi Gordon
If you can post a working radiusd.conf I can sort out how best to work it into SME

or
slot in a fragment in the following location, plain text for now and we'll see if you need variables later

[root@kiwi e-smith]# slocate radiusd.conf
/etc/raddb/radiusd.conf
/etc/e-smith/templates/etc/raddb/radiusd.conf
/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules40reject
/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules30smbpasswd
/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules45acctUnique
/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules05preprocess
/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules25mschap
/etc/e-smith/templates/etc/raddb/radiusd.conf/30modules99end
/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules50detail
/etc/e-smith/templates/etc/raddb/radiusd.conf/80accounting99end
/etc/e-smith/templates/etc/raddb/radiusd.conf/80accounting40default
/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules35files
/etc/e-smith/templates/etc/raddb/radiusd.conf/65authorization40default
/etc/e-smith/templates/etc/raddb/radiusd.conf/80accounting00init
/etc/e-smith/templates/etc/raddb/radiusd.conf/70authenticate
/etc/e-smith/templates/etc/raddb/radiusd.conf/15configuration
/etc/e-smith/templates/etc/raddb/radiusd.conf/65authorization00init
/etc/e-smith/templates/etc/raddb/radiusd.conf/05init
/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules10suffix
/etc/e-smith/templates/etc/raddb/radiusd.conf/75preacct
/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules20eap
/etc/e-smith/templates/etc/raddb/radiusd.conf/65authorization99end
/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules15ntdomain
/etc/e-smith/templates/etc/raddb/radiusd.conf/20modules00init
/etc/e-smith/templates/etc/raddb/radiusd.conf/10security
/etc/e-smith/events/console-save/templates2expand/etc/raddb/radiusd.conf
/etc/e-smith/events/user-modify-admin/templates2expand/etc/raddb/radiusd.conf
/etc/e-smith/events/user-delete/templates2expand/etc/raddb/radiusd.conf
/etc/e-smith/events/password-modify/templates2expand/etc/raddb/radiusd.conf
/etc/e-smith/events/bootstrap-console-save/templates2expand/etc/raddb/radiusd.conf
/etc/e-smith/events/remoteaccess-update/templates2expand/etc/raddb/radiusd.conf
/etc/e-smith/events/user-create/templates2expand/etc/raddb/radiusd.conf
/etc/e-smith/events/user-modify/templates2expand/etc/raddb/radiusd.conf
/etc/e-smith/events/user-lock/templates2expand/etc/raddb/radiusd.conf

Regards
Stephen
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: Adding Auth-Types to radiusd.conf