Pap/Chap authentication with Suse Linux

Pap/Chap authentication with Suse Linux

Post by rosch.. » Mon, 11 Dec 2000 00:46:12



I'm having the following problem:
Using Suse 6.3 and ISDN, I'm having trouble with the chap
authentication. I have configured my chap-secrets file correctly
(<name> * <passwd>), and have tried it with 2 providers I am registered
with. I think the problem is that my computer asks the other host to
authenticate (although I have disabled all +pap and +chap entries in my
options file; I even put the noauth option!!!).
This is what I get:

1st provider
------------
ipppd[3783]: sent [0][LCP ConfReq id=0x1 <mru 1524> <magic 0x75bbeda8>]
ipppd[3783]: rcvd [0][LCP ConfReq id=0x80 <auth chap md5> <magic
0x6ca3ee97>]
ipppd[3783]: sent [0][LCP ConfRej id=0x80 <auth chap md5>]
ipppd[3783]: rcvd [0][LCP ConfAck id=0x1 <mru 1524> <magic 0x75bbeda8>]
ipppd[3783]: rcvd [0][LCP ConfReq id=0x81 <auth chap md5> <magic
0x6ca3ee97>]
ipppd[3783]: sent [0][LCP ConfRej id=0x81 <auth chap md5>]
ipppd[3783]: rcvd [0][LCP ConfReq id=0x82 <auth chap md5> <magic
0x6ca3ee97>]
ipppd[3783]: sent [0][LCP ConfRej id=0x82 <auth chap md5>]
ipppd[3783]: rcvd [0][LCP ConfReq id=0x83 <auth chap md5> <magic
0x6ca3ee97>]
ipppd[3783]: sent [0][LCP ConfRej id=0x83 <auth chap md5>]
ipppd[3783]: rcvd [0][LCP ConfReq id=0x84 <auth chap md5> <magic
0x6ca3ee97>]
... etc ...
ipppd[3783]: rcvd [0][LCP TermReq id=0x8b]
ipppd[3783]: sent [0][LCP TermAck id=0x8b]

Does the first line (ConfReq) really mean that my machine asks
authentication of the other party? Because the next send message is
ConfRej. What can I do about that?

2nd provider
------------

ipppd[1997]: sent [0][LCP ConfReq id=0x1 <mru 1524> <magic 0xaa9fd3ff>]
ipppd[1997]: rcvd [0][LCP ConfAck id=0x1 <mru 1524> <magic 0xaa9fd3ff>]
ipppd[1997]: rcvd [0][LCP ConfReq id=0x2 <mru 1500> <auth chap md5>
<magic 0xa83caa01> <pcomp> <accomp> <MPmrru 0x5e2> <MPdiscr: 0x3 [ 00
10 bc 00 99 60 ]>]
ipppd[1997]: sent [0][LCP ConfRej id=0x2 <pcomp> <accomp> <MPmrru
0x5e2>]
ipppd[1997]: rcvd [0][LCP ConfReq id=0x3 <mru 1500> <auth chap md5>
<magic 0xa83caa01> <MPdiscr: 0x3 [ 00 10 bc 00 99 60 ]>]
ipppd[1997]: sent [0][LCP ConfNak id=0x3 <auth pap>]

Here it seems that my machine simply rejects the request??? What goes
wrong?

Since I've been trying to get this working for some months now, any
help would be greatly appreciated.

Sent via Deja.com http://www.deja.com/
Before you buy.

 
 
 

Pap/Chap authentication with Suse Linux

Post by Clifford Kit » Mon, 11 Dec 2000 01:32:39



> 1st provider
> ------------
> ipppd[3783]: sent [0][LCP ConfReq id=0x1 <mru 1524> <magic 0x75bbeda8>]
> ipppd[3783]: rcvd [0][LCP ConfReq id=0x80 <auth chap md5> <magic
> 0x6ca3ee97>]
> ipppd[3783]: sent [0][LCP ConfRej id=0x80 <auth chap md5>]

The peer requests you to authenticate yourself to thme with CHAP and
you refuse.  You aren't correctly setup for doing this.  Read

http://www.veryComputer.com/

Quote:> 2nd provider
> ------------
> ipppd[1997]: sent [0][LCP ConfReq id=0x1 <mru 1524> <magic 0xaa9fd3ff>]
> ipppd[1997]: rcvd [0][LCP ConfAck id=0x1 <mru 1524> <magic 0xaa9fd3ff>]
> ipppd[1997]: rcvd [0][LCP ConfReq id=0x2 <mru 1500> <auth chap md5>
> <magic 0xa83caa01> <pcomp> <accomp> <MPmrru 0x5e2> <MPdiscr: 0x3 [ 00
> 10 bc 00 99 60 ]>]
> ipppd[1997]: sent [0][LCP ConfRej id=0x2 <pcomp> <accomp> <MPmrru
> 0x5e2>]
> ipppd[1997]: rcvd [0][LCP ConfReq id=0x3 <mru 1500> <auth chap md5>
> <magic 0xa83caa01> <MPdiscr: 0x3 [ 00 10 bc 00 99 60 ]>]
> ipppd[1997]: sent [0][LCP ConfNak id=0x3 <auth pap>]

You also refuse to authenticate yourself to the peer with CHAP here,
but request that you use PAP to authenticate yourself.  You must be
ready to do PAP authentication in this case.  If the peer won't accept
PAP then the PPP connection will fail.  Read the URL suggested above.

--

/* When men do not regard govenmental measures as just and right
   they will find a way around them.  The effects extend beyond
   the source, generate widespread disrespect for the law, and
   promote corruption and *.          -Milton Friedman    */

 
 
 

1. pppd - PAP, CHAP, MS-CHAP, MS-CHAP-v2 protocol negotiation

Hi,

We have clients connecting to pppd 2.4.2b1.
Clients are able to connect using PAP, CHAP, MS-CHAP, MS-CHAP-v2 if
the pppd configuration is set up to require a specific protocol, eg:

If we change /etc/ppp/options to not request a specific protocol,
clients can only connect using PAP or MS-CHAP-V2. Client trying to
connect through CHAP or MS-CHAP fail and Pppd logs the error "peer
refused to authenticate: terminating link"

pppd configuration:

We'd like our clients to be able to connect using PAP, CHAP, MS-CHAP
or MS-CHAP-v2, the protocol being negotiated by server and client...

I suppose it's a pppd configuration issue; any help is highly
appreciated.
Thx.
dan

2. RH Kernal Update RPM's

3. one script for pap/chap and manual authentication

4. trafshow error --- socket error

5. PAP & CHAP authentication in PPP

6. cdrecord doesn.t burn

7. CHAP or PAP authentication

8. Samba and NT authentication

9. Problem with authentication - PAP/CHAP

10. Is it possible to make PPP use authentication server vs PAP/CHAP?

11. CHAP and PAP authentication

12. SuSE Linux 8.0: adsl-start > CHAP authentication failed

13. Howto dial ISP running NT4 - chap, pap, ms-chap?