Re: RadiusNT 2.2 refuses all connections from RARAS

Dale E. Reed Jr. ( (no email) )
Sat, 26 Jul 1997 20:00:12 -0700

Dale E. Reed Jr. wrote:
> Deijl, Wilfred van der wrote:
> >
> > 6) LOG: CHAP WinNT Attempt: user x.xxxx, NAS localhost
> > 7)
> > 8) CHAP WinNT Attempt: user x.xxxx, NAS localhost
> > 9) Sending Reject of id 16 to 7f000001 (localhost)
> >
> > When I use the account with a real password then lines 6-8 are
> missing
> > and after authChapPwd the line Sending Reject follows immediately.
> You can NOT do CHAP authentication with either WINNT or UNIX type
> passwords. RadiusNT MUST have the password in clear text to auth
> against those system, and CHAP doesn't offer that. No way around
> it. You can disable CHAP in your terminal server and/or tell the
> users logging in (most like Win95/NT) to set their login security
> to "any, including clear text" (PAP).

A second note to this. RARAS will try to use CHAP for all RADIUS
authentication. Eric Nyguen posted to the list a while ago a
work around to make RARAS send PAP RADIUS requests. See the
messages at:

-- Dale E. Reed Jr.  (       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |