Re: RAS-RadiusNT Problem

Dale E. Reed Jr. ( (no email) )
Sat, 07 Jun 1997 09:07:23 -0700

Robin Greenhagen wrote:
>
> I have RadiusNT on a test server, and am attempting to use the RADIUS
> client in the new RAS. I keep getting and unknown Attribute ID=60.
> I searched MS, Ascend, and Livingston, and cannot find it an any of
> their dictionary files.

Hmmm.. New anacronym? RTFRFC? <GRIN> Check out:

ftp://ftp.livingston.com/pub/radius/rfc2138.txt

Thats what I always do:
> 5.40. CHAP-Challenge
>
> Description
>
> This Attribute contains the CHAP Challenge sent by the NAS to a
> PPP Challenge-Handshake Authentication Protocol (CHAP) user. It
> is only used in Access-Request packets.
>
> If the CHAP challenge value is 16 octets long it MAY be placed in
> the Request Authenticator field instead of using this attribute.
>
> A summary of the CHAP-Challenge Attribute format is shown below. The
> fields are transmitted from left to right.
>
> 0 1 2
> 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> | Type | Length | String...
> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
>
> Type
>
> 60 for CHAP-Challenge.
>
> Length
>
> >= 7
>
> String
>
> The String field contains the CHAP Challenge.


> I have clear text passwords turned on, and matching secrets, and am
> still getting what appears to be garbage as the decrypted password
> using -x15 mode. Are they trying to use CHAP?

Looks like CHAP to me if they are including 60.

-- Dale E. Reed Jr.  (daler@iea.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |    http://www.emerald.iea.com