Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

CHAP authentication problem...

1,124 views
Skip to first unread message

Paul Gratton

unread,
Jan 28, 2000, 3:00:00 AM1/28/00
to
If anyone can help, I'd sure appreciate it. I've been trying to connect to
an NT ppp server (not using MS-CHAP). At first I only put my username entry
in the chap-secrets file with the proper password however this seems to
provoke a modem hangup. Example debug code follows:

Connect: ppp0 <--> /dev/ttyS0
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x1bdc2cf5> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <asyncmap 0x0> <auth chap m$oft> <magic 0x53f5>
<pcomp> <accomp>]
sent [LCP ConfRej id=0x0 <auth chap m$oft>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x1bdc2cf5> <pcomp> <accomp>]
rcvd [LCP TermReq id=0x1 00 00 02 dc]
sent [LCP TermAck id=0x1]
Modem hangup
Connection terminated.


After reading a few mails and FAQs I was prompted to try adding my username
in the options file using the "name username" syntax where username is the
same as in the chap-secrets file. This seems to initiate chap but yields
the following:

Connect: ppp0 <--> /dev/ttyS0
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x201b2c63> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <asyncmap 0x0> <auth chap m$oft> <magic 0x460b>
<pcomp> <accomp>]
sent [LCP ConfAck id=0x0 <asyncmap 0x0> <auth chap m$oft> <magic 0x460b>
<pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x201b2c63> <pcomp> <accomp>]
rcvd [CHAP Challenge id=0x41 <8026a8233ce3b221>, name = ""]
No CHAP secret found for authenticating us to
sent [CHAP Response id=0x41
<0000000000000000000000000000000000000000000000007a695d60bfa2465f8babf69d7cb
8277f3868ce2a145eee9801>, name = "domain\\username"]sent [CHAP Response
id=0x41
<0000000000000000000000000000000000000000000000007a695d60bfa2465f8babf69d7cb
8277f3868ce2a145eee9801>, name = "domain\\username"]rcvd [CHAP Failure
id=0x41 "E=691 R=1 "]
Remote message: E=691 R=1
CHAP authentication failed
sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]
rcvd [LCP TermAck id=0x2]
Connection terminated.

As you can see, it seems that the remote server wants to authenticate with a
name = "" whereas my ppp client sends name = "domain\\username".

I am stumped, how can I send the proper CHAP response back to the ppp server
using name = ""? I've tried everything and nothing seems to work. By the
way, I used to connect to this server with Redhat 6.0 (no name in options
file), it's only after installing a new 6.1 client that I started having the
problem.

Any ideas would be greatly appreciated.

Thanking you in advance,

Paul

PS: OS: Redhat 6.1
pppd version: 2.3.10-3
initscripts: 4.70-1


Bill Unruh

unread,
Jan 28, 2000, 3:00:00 AM1/28/00
to
In <zS9k4.884$q64....@weber.videotron.net> "Paul Gratton" <pgra...@scas.ca> writes:

]If anyone can help, I'd sure appreciate it. I've been trying to connect to

]Thanking you in advance,

]Paul


I do not know what you are using. Try reading
axion.physics.ubc.ca/ppp-linux.html
for a step by step.
Note that the name username is your name. What the MS excuse for ppp
sends you is the name of their system, so you can get the correct line
from your chap secrets file. However their "" is not very useful.
So you chap secrets file must look like
domain\\username * password *
Note I do hope that you are not using the words
domain\\username
as your entry. I hope that you are using the actual domain name of the
remote system, and your real username ( eg sloppy\\bridget)


Clifford Kite

unread,
Jan 28, 2000, 3:00:00 AM1/28/00
to
Paul Gratton <pgra...@scas.ca> wrote:

> rcvd [CHAP Challenge id=0x41 <8026a8233ce3b221>, name = ""]
> No CHAP secret found for authenticating us to
> sent [CHAP Response id=0x41
> <0000000000000000000000000000000000000000000000007a695d60bfa2465f8babf69d7cb
> 8277f3868ce2a145eee9801>, name = "domain\\username"]sent [CHAP Response
> id=0x41

I'm a little surprised that pppd sent a response after saying
that it didn't find a secret. But try adding teh pppd option
"remotename NTfooey" and put NTfooey in the second field of the line
in /etc/ppp/chap-secrets for this connection. (NTs don't send their
system name in the MS-CHAP challenge so you get to choose whatever
name you want.)

--
Clifford Kite <kite@inet% port.com> Not a guru. (tm)

Paul Gratton

unread,
Jan 28, 2000, 3:00:00 AM1/28/00
to
Thank you, thank you, thank you... I changed my chap-secrets file server
entry to domain\\username * password and that solved the problem. I had the
interface name in place of the * (duh). I appreciate the help, I can now
get on with some real work.

Thanks again,

Paul


"Bill Unruh" <un...@physics.ubc.ca> wrote in message
news:86rcna$a68$1...@nntp.itservices.ubc.ca...

> ]rcvd [CHAP Challenge id=0x41 <8026a8233ce3b221>, name = ""]


> ]No CHAP secret found for authenticating us to
> ]sent [CHAP Response id=0x41

> ]<0000000000000000000000000000000000000000000000007a695d60bfa2465f8babf69d
7cb
> ]8277f3868ce2a145eee9801>, name = "domain\\username"]sent [CHAP Response
> ]id=0x41
> ]<0000000000000000000000000000000000000000000000007a695d60bfa2465f8babf69d

0 new messages