radius auth with openvpn mschap?
Posted: Fri Aug 21, 2020 6:39 pm
good afternoon,
Over the last few days i have played around with getting freeradius working with softehter vpn. I was able to get everything working as expect when making use of the windows default vpn connection however I have noticed that when trying to use openvpn to create the connection it is not sending the data over in a ms-chap format looking for any suggestions on what I should be doing to attempt to force a ms-chap pass though so access will work though azure active directory.
thanks.
working microsoft vpn sstp client
non working OPENVPN client
Openvpn client config vpn.ovpn edited to remove sensitive data
Over the last few days i have played around with getting freeradius working with softehter vpn. I was able to get everything working as expect when making use of the windows default vpn connection however I have noticed that when trying to use openvpn to create the connection it is not sending the data over in a ms-chap format looking for any suggestions on what I should be doing to attempt to force a ms-chap pass though so access will work though azure active directory.
thanks.
working microsoft vpn sstp client
Code: Select all
(0) Received Access-Request Id 234 from {ip}:56333 to {ip}:1812 length 283
(0) User-Name = "user"
(0) Acct-Session-Id = "\000\344"
(0) NAS-IP-Address = ip
(0) Service-Type = Framed-User
(0) MS-RAS-Vendor = 311
(0) MS-RAS-Version = "MSRASV5.20"
(0) NAS-Port-Type = Virtual
(0) Tunnel-Type:0 = PPTP
(0) Tunnel-Medium-Type:0 = IPv4
(0) Called-Station-Id = "Azure"
(0) Calling-Station-Id = "ip"
(0) Tunnel-Client-Endpoint:0 = "ip"
(0) MS-RAS-Client-Version = "MSRASV5.20"
(0) MS-RAS-Client-Name = "ip"
(0) MS-CHAP-Challenge = 0xXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
(0) MS-CHAP2-Response = 0xXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
(0) NAS-Identifier = "SoftEther VPN Server"
(0) Proxy-State = 0xXXXXXXXXXXXXXX
Code: Select all
(0) Received Access-Request Id 235 from {ip}:58423 to {ip}:1812 length 146
(0) User-Name = "user"
(0) User-Password = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
(0) NAS-Identifier = "SoftEther VPN Server"
(0) Service-Type = Framed-User
(0) NAS-Port-Type = Virtual
(0) Tunnel-Type:0 = PPTP
(0) Tunnel-Medium-Type:0 = IPv4
(0) Called-Station-Id = "Azure"
(0) Calling-Station-Id = "ip"
(0) Tunnel-Client-Endpoint:0 = "ip"
(0) Proxy-State = 0xXXXXXXXXXXXXXXXXXXXXXXXXXX
Code: Select all
dev tun
proto tcp
remote {endpoint.domain.com} 1194
cipher AES-256-CBC
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
verb 3
auth-user-pass
route-nopull
dhcp-option DNS 2.2.2.2
dhcp-option DNS 1.1.1.1
dhcp-option DOMAIN domain.com
auth-nocache
remote-cert-tls server
<ca>
-----BEGIN CERTIFICATE-----
Cert here-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Cert here
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
cert here
-----END CERTIFICATE-----
</ca>