web browser did not send challenge response...

eneimi · June 15, 2008, 12:14pm

Hi guys.

I have an RB600 with 3XR2 cards, setup as router and AP. All the interfaces except ether1 are bridged and the bridge has been srcnat-ed with ip 192.168.2.1 and all clients receive ip within that range. The board is running routeros 3.10

I have 7 ‘repeaters’ all within a 1km radius (because of trees and buildings) each with an RB133 (routeros 2.9.50) and two NMP8620s (one in station mode and the other in ap mode). The station is a dhcp client and the ap hosts a dhcp server, but without hotspot (authentication is done by the rb600 at base). That’s it, no masquerading, just plain simple.

Initially it appears all is well but only for a few hours, as i start getting clients complaining of ‘web browser did not send challenge response…’ message each time they try logging in.

I’ve checked every other resource possible, i think, about it and none of those apply to me.

Please help people, is there something i’m getting wrong?

sergejs · June 19, 2008, 1:41pm

You can get this error 'web browser did not send challenge response…

chap-missing = web browser did not send challenge response (try again, enable JavaScript) - trying to log in with HTTP-CHAP method using MD5 hash, but HotSpot server does not know the challenge used for the hash. This may happen if you use BACK buttons in browser; if JavaScript is not enabled in web browser; if login.html page is not valid; or if challenge value has expired on server (more than 1h of inactivity). Solution: instructing browser to reload (refresh) the login page usually helps if JavaScript is enabled and login.html page is valid

eneimi · June 27, 2008, 11:53am

Thanks, but that’s straight out of the manual and doesn’t apply to my situation.

I should add that if a client is able to login, they get logged out almost immediately.

Any other ideas?

SurferTim · June 28, 2008, 12:36pm

Greetings!

The info you provided is very limited, so if we start a little on the basic side, that is why.

Is your system clock working ok? It should have NTP client set up, or it will lose the time on reboot.

What software are you using to enter your users? Are you using the Mikrotik user manager or RADIUS?

Is there a log entry that showed why the client was logged out immediately?

eneimi · July 1, 2008, 5:01pm

Hi.

NTP client is setup, the system does keep time.

We’re using the mikrotik user manager.

Here’s what the log looks like:

10:00:22 wireless,debug ap1_angola: 00:19:5B:CD:BF:74 attempts to associate
10:00:22 wireless,debug ap1_angola: 00:19:5B:CD:BF:74 not in local ACL, by defau
lt accept
10:00:22 wireless,info 00:19:5B:CD:BF:74@ap1_angola: connected
10:00:22 dhcp,info,debug dhcp3 deassigned 192.168.4.3 from 00:19:5B:CD:BF:74
10:00:22 dhcp,info,debug dhcp3 assigned 192.168.4.3 to 00:19:5B:CD:BF:74
10:00:29 wireless,info 00:19:5B:CD:BF:74@ap1_angola: disconnected, received deau
th: sending station leaving (3)

Any ideas?

sergejs · July 2, 2008, 7:13am

0:00:29 wireless,info 00:19:5B:CD:BF:74@ap1_angola: disconnected, received deau
th: sending station leaving

“sending station leaving” - station is decided to disconnect, you have to fix
all configuration to default and check if it helps, check the station logs, probably there will be some useful information.

mercato · September 7, 2010, 4:03pm

hi, first post so be gentle

also getting this message when using Untangle in bridge mode inside my MT ROS x86

LAN 12.0.0.0/22

Untangle internal nic = bridged
Untangle external nic = 12.0.0.2/22
gateway 12.0.0.1

MT internal nic = 12.0.0.1/22
MT external nic = public IP
MT is level 5, Hotspot with RADIUS user manager, all works fine when I bypass Untangle and connect my LAN directly to MT

I know this is a very simplistic setup. I will be investigating the recommendations above but I suspect the problem is Untangle.
I’ve tried turning off all Web Filter / Protocol Control apps in the Untangle Rack to no avail

Has anyone done something like this?

If anyone is curious as to why I would need to use Untangle rather than the queue features of MT its because Untangle has been in place before MT was installed and as yet I haven’t had time to learn enough about MT queues.
MT is replacing a Nomadix internet access gateway/hotspot

Thanks to all, I really look forward to making lots of use of this forum with so much knowledge and world-class solutions available