diff --git a/l2tpns.c b/l2tpns.c
index 060f478..3f16c73 100644
--- a/l2tpns.c
+++ b/l2tpns.c
@@ -4863,7 +4863,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
 						sess_local[s].lcp_last_sent_confreq_n = 0;
 						sess_local[s].auth_type = 0;
 						sess_local[s].auth_name[0] = 0;
-						sess_local[s].auth_resp[0] = 0;
 
 						STAT(session_created);
 						break;
@@ -4927,6 +4926,20 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
 						controlb(c, 33, sess_local[fs].auth_resp,
 										strlen((const char*) sess_local[fs].auth_resp), 0);
 					}
+					else if (sess_local[fs].auth_type == 2) // CHAP
+					{
+						// Proxy Authentication Type
+						control16(c, 29, sess_local[fs].auth_type, 0);
+						// Proxy Authentication Name
+						controlb(c, 30, sess_local[fs].auth_name,
+										strlen((const char*) sess_local[fs].auth_name), 0);
+						// Proxy Authentication Challenge
+						controlb(c, 31, sess_local[fs].auth_chall, 16, 0);
+						// Proxy Authentication Id
+						control16(c, 32, sess_local[fs].auth_id, 0);
+						// Proxy Authentication Response
+						controlb(c, 33, sess_local[fs].auth_resp, 16, 0);
+					}
 
 					controladd(c, asession, t); // send the message
 					LOG(3, s, t, "Sending ICCN\n");
diff --git a/l2tpns.h b/l2tpns.h
index 21c3cbb..4cfb2fc 100644
--- a/l2tpns.h
+++ b/l2tpns.h
@@ -432,6 +432,8 @@ typedef struct
 	uint16_t auth_id;
 	// Negotiated authentication name
 	uint8_t auth_name[64];
+	// Negotiated authentication challenge
+	uint8_t auth_chall[16];
 	// Negotiated authentication response
 	uint8_t auth_resp[64];
 
diff --git a/ppp.c b/ppp.c
index 70fa2d1..4e17c36 100644
--- a/ppp.c
+++ b/ppp.c
@@ -285,6 +285,9 @@ void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 		strncpy(session[s].user, packet.username, sizeof(session[s].user) - 1);
 		memcpy(radius[r].pass, packet.password, 16);
 
+		strncpy((char *) sess_local[s].auth_name, packet.username, sizeof(sess_local[s].auth_name) - 1);
+		memcpy(sess_local[s].auth_resp, packet.password, 16);
+
 		free(packet.username);
 		free(packet.password);
 	}
@@ -432,7 +435,6 @@ void lcp_restart(sessionidt s)
 	sess_local[s].lcp_last_sent_confreq_n = 0;
 	sess_local[s].auth_type = 0;
 	sess_local[s].auth_name[0] = 0;
-	sess_local[s].auth_resp[0] = 0;
 	// This-Layer-Down
 	change_state(s, ipcp, Initial);
 	change_state(s, ipv6cp, Initial);
@@ -2566,6 +2568,7 @@ void sendchap(sessionidt s, tunnelidt t)
 	q[1] = radius[r].id;			// ID
 	q[4] = 16;				// value size (size of challenge)
 	memcpy(q + 5, radius[r].auth, 16);	// challenge
+	memcpy(sess_local[s].auth_chall, radius[r].auth, 16);
 	strcpy((char *) q + 21, config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname);	// our name
 	*(uint16_t *) (q + 2) = htons(strlen(config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname) + 21); // length
 	tunnelsend(b, strlen(config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname) + 21 + (q - b), t); // send it
diff --git a/radius.c b/radius.c
index 0d9650c..05d252f 100644
--- a/radius.c
+++ b/radius.c
@@ -1046,11 +1046,15 @@ void processrad(uint8_t *buf, int len, char socket_index)
 
 				LOG(3, s, session[s].tunnel, "Select Tunnel Remote LNS for assignment_id == %s\n", assignment_id);
 
-				if (!radius[r].chap)
+				if (radius[r].chap)
+				{
+					sess_local[s].auth_type = 2; // PAP
+				}
+				else
 				{
 					sess_local[s].auth_type = 3; // PAP
-					sess_local[s].auth_id = radius[r].id;
 				}
+				sess_local[s].auth_id = radius[r].id;
 
 				if (lac_rad_forwardtoremotelns(s, assignment_id, session[s].user))
 				{