Testing failure during setup

Alan DeKok aland at deployingradius.com
Mon May 27 15:20:53 CEST 2013


Elizabeth Fife wrote:
> I am ready for an earbending likely from Alan but for the record I have
> read the debug and done as much searching as my brain can handle before
> this post

  You'll not that I get cranky when people *don't* follow instructions.
 You have followed them.  So clearly you're a wonderful person.

> I have the added each machine as a client of the other for testing in
> clients.conf they both have the shared secret aaabbb

  Which should work.

  In short, the server gets an Access-Request and processes it.  The
client doesn't like the reply.

  Both Access-Request and Access-Challenge contain
Message-Authenticator.  The server processes the Access-Request *only*
when the Message-Authenticator is correct.  Which in turn depends on the
shared secret.

  So the shared secret is the same on both ends.

  But, the client doesn't like the reply from the server.  Which has a
Message-Authenticator created using the same secret.

  I'm not really sure what to suggest here.  This kind of thing should
*never* happen.

  Did you install both servers from apt-get?

  Alan DeKok.


More information about the Freeradius-Users mailing list