RE: RadiusNT 2.2 refuses all connections from RARAS

Bruno A. Karoly ( (no email) )
Sun, 27 Jul 1997 05:47:47 -0400

You have to do regedit surgery on the RARAS machine to remove the spap
and chap registry keys from rasman\ppp under current control
set\services under hkey local machine... the article is up here, just do
a search. Then the authentication works properly if the client is
using "any authentication including clear text".

The part about your scenario that I'd really like to understand is why a
db user can get authenticated and a text file user can not. Makes me
think that the specification for the location of the file or something
about the file itself is not right.

Presently there is no useful accounting info being sent by RARAS to
Radius servers. See my message 'RARAS accounting log file from
RadiusNT' to the list about that.

Hope this helps.

Regards,

Bruno
bruno@queenbee.net
www.queenbee.net
ftp.queenbee.net
v. 914.834.7834
f. 914.834.7835

-----Original Message-----
From: Deijl, Wilfred van der [SMTP:W.Deijl@oreade.nl]
Sent: Saturday, July 26, 1997 9:52 PM
To: 'radiusnt@iea-software.com'
Subject: RadiusNT 2.2 refuses all connections
from RARAS

I just downloaded RadiusNT 2.2 yesterday and am trying
to get it running
using Routing And Remote Access Service from Microsoft.
I have installed
RARAS and configured it to use Radius
(machine-name=localhost,
secret=localhost).

After some trying I configured RadiusNT to use both
textfiles and ODBC.
Now when I logon using a username from the database I
get connected,
however RadiusNT complains about not doing an INSERT
INTO Call because
of Null-values in the primary key, but this is not my
main concern.

The other problem is that users from the textfiles never
get logged on.
In the textfiles are three entries:
- one username with a "real" password
- one username with "WINNT" password
- DEFAULT user with "WINNT" password

When trying to log on with whatever username that is not
in the database
(it does not matter if the username is in the textfile
or whether the
password is correct) i get:
1) ......
2) Not Found in ODBC, Checking users file...
3) rad_authenticate()
4) Checking user record PW_PASSWORD type
5) authChapPwd
6) LOG: CHAP WinNT Attempt: user x.xxxx, NAS localhost
7)
8) CHAP WinNT Attempt: user x.xxxx, NAS localhost
9) Sending Reject of id 16 to 7f000001 (localhost)
10)
11) Resp Time: 200 Auth: 0/1 -> 1 Acct: 0/0/0 -> 0

When I use the account with a real password then lines
6-8 are missing
and after authChapPwd the line Sending Reject follows
immediately.

PS. The users are read when starting RadiusNT so the
users file doesn't
seem to be the problem

Does anyone know what might be the problem? This is
quite critical as we
just signed an agreement with an ISP to let our 250
employees dialing to
their POP's. We promised to get a Radius server running
for validating
the passwords send to us from their Radius Proxy.

If you need more info, please contact me via email.

Thanks!

----------------------------------------------------------
RadiusNT Mailing List
listserver@emerald.iea.com