Hi all! I've FINALLY gotten my setup to answer the phone! Big accomplishment for me. Has anyone successfully used a HiPerARC + Windows 2000 Internet Access (RADIUS) combination? I've tried a variety of settings and finally got a Linux box to dial in and authenticate however I haven't been able to get a Windows machine to dial in and authenticate correctly. In the HiPer Access manager I have "Authentication" set to ANY and in Windows 2000 IAS under the Access Profile I have all 4 types of authentication enables (MS-CHAPv2, MS-CHAP, CHAP and PAP). However when I try to connect I get the following message in the event log: User jmccormick was denied access. Fully-Qualified-User-Name = HUDSON\jmccormick NAS-IP-Address = 172.16.2.192 NAS-Identifier = 172.16.2.192 Called-Station-Identifier = <not present> Calling-Station-Identifier = <not present> Client-Friendly-Name = lexiras1 Client-IP-Address = 172.16.2.192 NAS-Port-Type = Async NAS-Port = 1 Policy-Name = <undetermined> Authentication-Type = MD5-CHAP EAP-Type = <undetermined> Reason-Code = 19 Reason = The user could not be authenticated using Challenge Handshake Authentication Protocol (CHAP). A reversibly encrypted password does not exist for this user account. I've also tried enabling "Store Password with Reversable Encryption" in Active Directory Users and Groups but that doesn't seem to make a difference nor do I understand why that would be necessary. Can someone help? Thanks in advance! -- Jason McCormick
Ah! I asked too soon. I got it working with PAP. Thanks though. -----Original Message----- From: "Jason McCormick" <JMLists@lexi.com> To: usr-tc@mailman.xmission.com Date: Thu, 17 Oct 2002 13:42:52 -0400 Subject: [USR-TC] HiPerARC + Windows 2000 Radius
Hi all! I've FINALLY gotten my setup to answer the phone! Big accomplishment for me. Has anyone successfully used a HiPerARC + Windows 2000 Internet Access (RADIUS) combination? I've tried a variety of settings and finally got a Linux box to dial in and authenticate however I haven't been able to get a Windows machine to dial in and authenticate correctly. In the HiPer Access manager I have "Authentication" set to ANY and in Windows 2000 IAS under the Access Profile I have all 4 types of authentication enables (MS-CHAPv2, MS-CHAP, CHAP and PAP). However when I try to connect I get the following message in the event log:
User jmccormick was denied access. Fully-Qualified-User-Name = HUDSON\jmccormick NAS-IP-Address = 172.16.2.192 NAS-Identifier = 172.16.2.192 Called-Station-Identifier = <not present> Calling-Station-Identifier = <not present> Client-Friendly-Name = lexiras1 Client-IP-Address = 172.16.2.192 NAS-Port-Type = Async NAS-Port = 1 Policy-Name = <undetermined> Authentication-Type = MD5-CHAP EAP-Type = <undetermined> Reason-Code = 19 Reason = The user could not be authenticated using Challenge Handshake Authentication Protocol (CHAP). A reversibly encrypted password does not exist for this user account.
I've also tried enabling "Store Password with Reversable Encryption" in Active Directory Users and Groups but that doesn't seem to make a difference nor do I understand why that would be necessary. Can someone help?
Thanks in advance!
-- Jason McCormick
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
Try setting this on HiperARC. set ppp autheNTICATION_PREFERENCE PAP --pankaj ----- Original Message ----- From: "Jason McCormick" <JMLists@lexi.com> To: <usr-tc@mailman.xmission.com> Sent: Thursday, October 17, 2002 11:40 PM Subject: Re: [USR-TC] HiPerARC + Windows 2000 Radius
Ah! I asked too soon. I got it working with PAP.
Thanks though.
-----Original Message----- From: "Jason McCormick" <JMLists@lexi.com> To: usr-tc@mailman.xmission.com Date: Thu, 17 Oct 2002 13:42:52 -0400 Subject: [USR-TC] HiPerARC + Windows 2000 Radius
Hi all! I've FINALLY gotten my setup to answer the phone! Big accomplishment for me. Has anyone successfully used a HiPerARC + Windows 2000 Internet Access (RADIUS) combination? I've tried a variety of settings and finally got a Linux box to dial in and authenticate however I haven't been able to get a Windows machine to dial in and authenticate correctly. In the HiPer Access manager I have "Authentication" set to ANY and in Windows 2000 IAS under the Access Profile I have all 4 types of authentication enables (MS-CHAPv2, MS-CHAP, CHAP and PAP). However when I try to connect I get the following message in the event log:
User jmccormick was denied access. Fully-Qualified-User-Name = HUDSON\jmccormick NAS-IP-Address = 172.16.2.192 NAS-Identifier = 172.16.2.192 Called-Station-Identifier = <not present> Calling-Station-Identifier = <not present> Client-Friendly-Name = lexiras1 Client-IP-Address = 172.16.2.192 NAS-Port-Type = Async NAS-Port = 1 Policy-Name = <undetermined> Authentication-Type = MD5-CHAP EAP-Type = <undetermined> Reason-Code = 19 Reason = The user could not be authenticated using Challenge Handshake Authentication Protocol (CHAP). A reversibly encrypted password does not exist for this user account.
I've also tried enabling "Store Password with Reversable Encryption" in Active Directory Users and Groups but that doesn't seem to make a difference nor do I understand why that would be necessary. Can someone help?
Thanks in advance!
-- Jason McCormick
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
participants (2)
-
Jason McCormick -
pankaj