accel-ppp.org

High performance PPTP/L2TP/PPPoE/IPoE server for Linux
https://accel-ppp.org/forum/

proxy LCP authentication support ?

https://accel-ppp.org/forum/viewtopic.php?t=7514

Page 1 of 1

proxy LCP authentication support ?

Posted: 28 Mar 2022, 13:56
by aserkin
Hi all.
I have LAC sending Proxy authentication attributes to the accel-ppp based LNS but this kind of chap authentication seem not working for some reason.
The CHAP challenge and/or CHAP password sent by LNS to radius server are incorrect. Logs, config and tcpdump are attached to the message.
First chap authenticaton is processed on LAC and it's ok. Second goes on LNS and fails. Using the same username/password (srsuser/srspass).
Any comments on what can be wrong here ?
Cheers,
Alex

Re: proxy LCP authentication support ?

Posted: 29 Mar 2022, 22:18
by dimka88
Hello @aserkin, you have to carefully check configured RADIUS secret. Try to get more info from RADIUS server-side running it on DEBUG mode

Re: proxy LCP authentication support ?

Posted: 30 Mar 2022, 09:56
by aserkin
Hello @dimka88
Yes i did. Radius shared secret is "secret". Configured both at freeradius clients.conf and within [radius] module at accel-ppp.conf.
I guess, FR would not answer in case of wrong secret.
But it accepts chap challenge/password from LAC and unfortunately denies from accel-ppp with access-reject.
Actually i came here from vyos forum where got the same behavior with accel-ppp so i decided to run it separately to see what's wrong.
Attaching fr&accel debugs.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited