At that time I have lost radius authentication. As far as I can tell I am
getting a call clearing code of 42 which the MAX says is "pppPAPAuthFail".
I have setup a secondary test server to play with now and to test with.
Here is what I have found.
Here is my users file.
_________________________________________________________________________
test Password = "test"
User-Service = Framed-User
DEFAULT Password = "WINNT"
User-Service = Framed-User
______________________________________________________
Here is my radlogin session using the username "test"
_____________________________________________________
C:\radius>radlogin test test
Checking Radius user test:
User-Service = Framed-User
0: Time: 10 Auth: Good
1 Good 0 Bad 10 Avg
____________________________________________________
Here is my radlogin session using the username "NTtest" which is a valid NT
SAM username.
____________________________________________________
C:\radius>radlogin NTtest testing
Checking Radius user NTtest:
0: Time: 10 Auth: Bad
0 Good 1 Bad 10 Avg
___________________________________________________
Here is my screen dump of starting radius using "radius -x15"
___________________________________________________
C:\radius>radius -x15
RadiusNT 2.2.41 7/27/97 Copyright (c) 1996-1997 IEA Software, Inc.
All Rights Reserved, Worldwide
Some portions Copyright (c) 1992 Livingston Enterprises, Inc.
and Copyright (c) 1995 Ascend Communications, Inc.
Param: Debug Level: 15
Initializing Winsock...
Client:38.153.xxx.1:38.153.xx1.1:password
Client:38.153.xxx.1:38.153.xx2.1:password
Client:127.0.0.1:127.0.0.1:password
Loading users...
User:test
User:DEFAULT
2 users loaded!
Radius NT is ready to receive requests!
__________________________________________________________
Here is my authentication screen dump during login of both the usernames
"test" and "NTtest"
__________________________________________________________________
radrecv: Request from host 7f000001 code=1, id=1, length=0
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
User-Name = "test"
Password = "\373tb\376\012\210A\377\251\216\326N\311\310\300\011"
rad_authenticate()
Checking user record PW_PASSWORD type
authPapPwd
chkPwd->strvalue is test
decrypted pwd is test
Sending Ack of id 1 to 7f000001 (127.0.0.1)
User-Service = Framed-User
Resp Time: 0 Auth: 1/0 -> 1 Acct: 0/0/0 -> 0
radrecv: Request from host 7f000001 code=1, id=1, length=0
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
User-Name = "NTtest"
Password = "k;l\365\345\377\204Ow\032\370\333P\340\2434"
rad_authenticate()
Checking user record PW_PASSWORD type
authPapPwd
chkPwd->strvalue is WINNT
decrypted pwd is testing
(WINNT) User:NTtest Domain: Password:testing
Sending Reject of id 1 to 7f000001 (127.0.0.1)
Resp Time: 0 Auth: 1/1 -> 2 Acct: 0/0/0 -> 0
_____________________________________________________________
Anyone able to shed any light on this problem... Is there some sort of
compatibility problem with Ascend 6.0.2 code..??? I have not changed any
configuration on my Radius server. Any authentication requests that are
answered by internal connection profiles in the MAX are handled just fine,
as are requests handled by the users test file. It is just the
authentications that use the NT SAM. I noticed that in the "testing"
account the line after decrypted pwd is testing, is (WINNT) User:testing
Domain: Password:testing. The Domain: entry is blank..???
TIA....
______________________________
Alex Simpson
Director of Technical Services
NetSolutions Corp
615.367.4404 x101
615.367.3887 fax
615.303.7411 pager
alex@nscorp.net
http://www.nscorp.net
http://www.connect-ed.net
_______________________________