[CoovaChilli] radius chap authentication

andrea raspitzu a.raspitzu at gmail.com
Fri Nov 4 13:46:59 GMT 2016


Hi there chilli users,

I'm bumping into an authentication problem using coova chilli 1.3.2 and
freeradius (with mysql backend). I created an entry in radius database for
a user with clear text password and i can successfully authenticate with
"radtest" (freeradius's test client) using CHAP but when i do the same from
chilli it just fails. I am using chilli's json library and i collected all
the logs both from chilli (started with -d)  and the radius server, below
 there are the logs involved in the thing:

  - chilli json auth attempt <http://pastebin.com/26FhD1j9>
  - radius log for auth attempt <http://pastebin.com/Xjn9wEXh>

Using radtest to test radius authentication gives positive result as you
can see from here:

:~# radtest -t chap Andrea yo localhost 0 testing123
>
> Sending Access-Request of id 201 to 127.0.0.1 port 1812
>
>         User-Name = "Andrea"
>
>         CHAP-Password = 0xc96a69c9c8694d6859d3c2ed8ac0ea66f6
>
>         NAS-IP-Address = 127.0.1.1
>
>         NAS-Port = 0
>
>         Message-Authenticator = 0x00000000000000000000000000000000
>
> rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=201,
>> length=20
>
>
Unfortunately when doing the same authentication i got rejected, i am
attaching the chilli config here <http://pastebin.com/zMRdgjAy>. I see
chilli is able to talk with the radius server but there is something else
going on that prevents the correct authentication, any help is very welcome
:).

Regards, Andrea.

PS thanks for providing coova chilli opensource!


More information about the CoovaChilli mailing list