Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

no password sent to radius from ms-chap

Hello,

I'm trying to authenticate a vpn connection (pptp) configured for ms-chap using a radius server (router is c3640, IOS 12.2.10a). But the router sends no password attribute to the radius server (no radius attribute 2 or 3). Using pap instead of ms-chap works.

What's wrong?

1 REPLY
Silver

Re: no password sent to radius from ms-chap

You won't see an attribute 3 sent as that would be rfc 1994 chap (not ms-chap). MS-chap 'stuff' is usually sent as attribute 26:

00:19:31: Attribute 4 6 AC127C9F

00:19:31: Attribute 5 6 00000001

00:19:31: Attribute 61 6 00000005

00:19:31: Attribute 1 7 63697363

00:19:31: Attribute 26 16 000001370B0A868C

00:19:31: Attribute 26 58 0000013701340701

00:19:31: Attribute 6 6 00000002

00:19:31: Attribute 7 6 00000001

It's likely that the router is working normally but that your RADIUS server doesn't support ms-chap or is misconfigured.

114
Views
0
Helpful
1
Replies
CreatePlease login to create content