Hi all.
I have LAC sending Proxy authentication attributes to the accel-ppp based LNS but this kind of chap authentication seem not working for some reason.
The CHAP challenge and/or CHAP password sent by LNS to radius server are incorrect. Logs, config and tcpdump are attached to the message.
First chap authenticaton is processed on LAC and it's ok. Second goes on LNS and fails. Using the same username/password (srsuser/srspass).
Any comments on what can be wrong here ?
Cheers,
Alex
proxy LCP authentication support ?
proxy LCP authentication support ?
- Attachments
-
- l2tp.zip
- (6.28 KiB) Downloaded 167 times
Re: proxy LCP authentication support ?
Hello @aserkin, you have to carefully check configured RADIUS secret. Try to get more info from RADIUS server-side running it on DEBUG mode
Re: proxy LCP authentication support ?
Hello @dimka88
Yes i did. Radius shared secret is "secret". Configured both at freeradius clients.conf and within [radius] module at accel-ppp.conf.
I guess, FR would not answer in case of wrong secret.
But it accepts chap challenge/password from LAC and unfortunately denies from accel-ppp with access-reject.
Actually i came here from vyos forum where got the same behavior with accel-ppp so i decided to run it separately to see what's wrong.
Attaching fr&accel debugs.
Yes i did. Radius shared secret is "secret". Configured both at freeradius clients.conf and within [radius] module at accel-ppp.conf.
I guess, FR would not answer in case of wrong secret.
But it accepts chap challenge/password from LAC and unfortunately denies from accel-ppp with access-reject.
Actually i came here from vyos forum where got the same behavior with accel-ppp so i decided to run it separately to see what's wrong.
Attaching fr&accel debugs.
- Attachments
-
- debugs.zip
- (4.15 KiB) Downloaded 170 times