Jump to content

cisco chap challenge

scream
 Share

Recommended Posts

scream

scream

Posted
Posted

Здравствуйте!

 

Пытаюсь настроить pptp на cisco 7201 с chap-аутентификацией через RADIUS,

Почему то cisco не передаёт радиусу атрибут chap-challenge:

 

Cisco:

interface Virtual-Template1
description --- PPTP virtual interface
mtu 1460
ip unnumbered Loopback0
no ip redirects
no ip proxy-arp
timeout absolute 1440 0
peer default ip address pool vpdn
keepalive 30
ppp authentication chap radius-XX
ppp authorization radius-XX
ppp ipcp dns X.X.X.X
ppp ipcp mask 255.255.255.255
ppp timeout idle 1200 either

 

radius-server attribute 44 include-in-access-req
radius-server attribute 44 extend-with-addr
radius-server attribute 8 include-in-access-req
radius-server attribute 32 include-in-accounting-req
radius-server attribute 55 include-in-acct-req
radius-server attribute 25 access-request include
radius-server attribute nas-port format e UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
radius-server attribute 31 send nas-port-detail mac-only
radius-server host X.X.X.X auth-port 1812 acct-port 1813 key 7 XXXXX
radius-server vsa send cisco-nas-port
radius-server vsa send accounting
radius-server vsa send authentication

 

Radius:

Received Access-Request Id 190 from X.X.X.X:1645 to X.X.X.X:1812 length 133
       Framed-Protocol = PPP
       User-Name = 'test'
       CHAP-Password = 0x01db5e76573cf6928607df2d9edc6705f1
       NAS-Port-Type = Virtual
       Cisco-NAS-Port = 'Uniq-Sess-ID829'
       NAS-Port = 7812519
       NAS-Port-Id = 'Uniq-Sess-ID829'
       Service-Type = Framed-User
       NAS-IP-Address = X.X.X.X
       Acct-Session-Id = '59136401007735A7'

 

tcpdump:

19:24:56.601905 IP (tos 0x0, ttl 254, id 52409, offset 0, flags [none], proto UDP (17), length 163)
   X.X.X.X.1645 > X.X.X.X.1812: RADIUS, length: 135
       Access Request (1), id: 0xc7, Authenticator: 6c065e85c9983a5b119c79a1d6475e29
         Framed Protocol Attribute (7), length: 6, Value: PPP
         Username Attribute (1), length: 6, Value: test
         CHAP Password Attribute (3), length: 19, Value:
         NAS Port Type Attribute (61), length: 6, Value: Virtual
         Vendor Specific Attribute (26), length: 24, Value: Vendor: Cisco (9)
         Vendor Attribute: 2, Length: 16, Value: Uniq-Sess-ID1398
         NAS Port Attribute (5), length: 6, Value: 7813650
         NAS Port ID Attribute (87), length: 18, Value: Uniq-Sess-ID1398
         Service Type Attribute (6), length: 6, Value: Framed
         NAS IP Address Attribute (4), length: 6, Value: X.X.X.X
         Accounting Session ID Attribute (44), length: 18, Value: 5913640100773A12

 

Подскажите пожалуйста в чём может быть проблема...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...
На сайте используются файлы cookie и сервисы аналитики для корректной работы форума и улучшения качества обслуживания. Продолжая использовать сайт, вы соглашаетесь с использованием файлов cookie и с Политикой конфиденциальности.