Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
487
Views
0
Helpful
2
Replies

3030 VPN Concentrator + Radius (Radiator) + Openldap

nuno
Level 1
Level 1

‎01-28-2005 02:50 PM - last edited on ‎02-21-2020 11:44 PM by Community Manager

Hello,

I have the following situation:

- one 3030 VPN Concentrator

- AAA Radius Server (Radiator) that uses the accounts stored in one OpenLdap Server (the passwords are stored in crypt format)

The problem is: the PPTP authentication with mschapv2 doesn't work. The radius says that password is wrong.

I also tried the codification of passwords in LDAP Server with other cipher types, like MD5, SHA, SSHA, plain text, and none works... :(

If i try pptp with PAP the authentication works fine.

Anyone can help me?

Thanks in advance,

Nuno.

Labels:
0 Helpful
2 Replies 2

ehirsel
Level 6
Level 6

‎01-31-2005 11:12 AM

MSChapv2 requries the use of MPPE. You need to insure that the keys are exhcanged correctly by insuring that the proper radius attributes are defined correctly. I think there is an extra setup required on the vpn 3030 to allow for MPPE/MSCHAP and you need to insure that both the client and the radius server use the same encryption level - if the client can only use 128-bit encrypion, then the radius server must support that. You can go to cisco's web site and search the vpn 3030 code doc to determine what attributes need to be configured on the radius server.

Let me know if this helps.

0 Helpful

nuno
Level 1
Level 1
In response to ehirsel

‎02-06-2005 11:04 AM

The problem was on login. The domain component of this was removed. Like MSChapv2 uses the complete login to calculate the hash, the process fail. At the moment, this problem is solved.

Thanks!

0 Helpful
Customers Also Viewed These Support Documents