CS CHAP password invalid
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-02-2004 05:29 AM - edited 03-10-2019 07:53 AM
837 with ...
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
Dialer0
ip address negotiated
encapsulation ppp
dialer pool 1
ppp authentication chap callin
encapsulation ppp
ppp chap hostname xxxxx
ppp chap password xxxxx
ppp ipcp dns request
ppp ipcp wins request
!
using acs3.2 for windows to authenticate and get
"CS CHAP password invalid" in the "failed attempts active csv"
Authentication is proxied via BT RADII to allow access to a central site over adsl via twin BT Centrals. ACS is configured to pass back AVPairs to the originating device.
Can anyone help ? All contributions welcome.
Barry.
- Labels:
-
AAA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-02-2004 06:02 AM
If you are passing the authentication transaction to radius, then I think that you should specify authentication pap instead of authentication chap. The issue is that chap sends the authentication response in encrypted form (and the response is a calculated value not the password). Therefore with chap the central site router does not have the correct password to pass to radius. With pap the authentication response does send the password. So with pap the central site can send the correct password to radius.
Rick
