proxy LCP authentication support ?

L2TP related questions
Post Reply
aserkin
Posts: 2
Joined: 27 Mar 2022, 07:32

proxy LCP authentication support ?

Post by aserkin »

Hi all.
I have LAC sending Proxy authentication attributes to the accel-ppp based LNS but this kind of chap authentication seem not working for some reason.
The CHAP challenge and/or CHAP password sent by LNS to radius server are incorrect. Logs, config and tcpdump are attached to the message.
First chap authenticaton is processed on LAC and it's ok. Second goes on LNS and fails. Using the same username/password (srsuser/srspass).
Any comments on what can be wrong here ?
Cheers,
Alex
Attachments
l2tp.zip
(6.28 KiB) Downloaded 92 times
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: proxy LCP authentication support ?

Post by dimka88 »

Hello @aserkin, you have to carefully check configured RADIUS secret. Try to get more info from RADIUS server-side running it on DEBUG mode
aserkin
Posts: 2
Joined: 27 Mar 2022, 07:32

Re: proxy LCP authentication support ?

Post by aserkin »

Hello @dimka88
Yes i did. Radius shared secret is "secret". Configured both at freeradius clients.conf and within [radius] module at accel-ppp.conf.
I guess, FR would not answer in case of wrong secret.
But it accepts chap challenge/password from LAC and unfortunately denies from accel-ppp with access-reject.
Actually i came here from vyos forum where got the same behavior with accel-ppp so i decided to run it separately to see what's wrong.
Attaching fr&accel debugs.
Attachments
debugs.zip
(4.15 KiB) Downloaded 100 times
Post Reply