Jump to content
Калькуляторы

cisco chap challenge

Здравствуйте!

 

Пытаюсь настроить pptp на cisco 7201 с chap-аутентификацией через RADIUS,

Почему то cisco не передаёт радиусу атрибут chap-challenge:

 

Cisco:

interface Virtual-Template1
description --- PPTP virtual interface
mtu 1460
ip unnumbered Loopback0
no ip redirects
no ip proxy-arp
timeout absolute 1440 0
peer default ip address pool vpdn
keepalive 30
ppp authentication chap radius-XX
ppp authorization radius-XX
ppp ipcp dns X.X.X.X
ppp ipcp mask 255.255.255.255
ppp timeout idle 1200 either

 

radius-server attribute 44 include-in-access-req
radius-server attribute 44 extend-with-addr
radius-server attribute 8 include-in-access-req
radius-server attribute 32 include-in-accounting-req
radius-server attribute 55 include-in-acct-req
radius-server attribute 25 access-request include
radius-server attribute nas-port format e UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
radius-server attribute 31 send nas-port-detail mac-only
radius-server host X.X.X.X auth-port 1812 acct-port 1813 key 7 XXXXX
radius-server vsa send cisco-nas-port
radius-server vsa send accounting
radius-server vsa send authentication

 

Radius:

Received Access-Request Id 190 from X.X.X.X:1645 to X.X.X.X:1812 length 133
       Framed-Protocol = PPP
       User-Name = 'test'
       CHAP-Password = 0x01db5e76573cf6928607df2d9edc6705f1
       NAS-Port-Type = Virtual
       Cisco-NAS-Port = 'Uniq-Sess-ID829'
       NAS-Port = 7812519
       NAS-Port-Id = 'Uniq-Sess-ID829'
       Service-Type = Framed-User
       NAS-IP-Address = X.X.X.X
       Acct-Session-Id = '59136401007735A7'

 

tcpdump:

19:24:56.601905 IP (tos 0x0, ttl 254, id 52409, offset 0, flags [none], proto UDP (17), length 163)
   X.X.X.X.1645 > X.X.X.X.1812: RADIUS, length: 135
       Access Request (1), id: 0xc7, Authenticator: 6c065e85c9983a5b119c79a1d6475e29
         Framed Protocol Attribute (7), length: 6, Value: PPP
         Username Attribute (1), length: 6, Value: test
         CHAP Password Attribute (3), length: 19, Value:
         NAS Port Type Attribute (61), length: 6, Value: Virtual
         Vendor Specific Attribute (26), length: 24, Value: Vendor: Cisco (9)
         Vendor Attribute: 2, Length: 16, Value: Uniq-Sess-ID1398
         NAS Port Attribute (5), length: 6, Value: 7813650
         NAS Port ID Attribute (87), length: 18, Value: Uniq-Sess-ID1398
         Service Type Attribute (6), length: 6, Value: Framed
         NAS IP Address Attribute (4), length: 6, Value: X.X.X.X
         Accounting Session ID Attribute (44), length: 18, Value: 5913640100773A12

 

Подскажите пожалуйста в чём может быть проблема...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this