Shared key mismatch

Alan DeKok aland at deployingradius.com
Mon Apr 3 17:41:53 CEST 2017


On Apr 3, 2017, at 11:05 AM, Ondřej Lauer <Ondrej.Lauer at seznam.cz> wrote:
> I have a PacketFence set up using  FreeRADIUS  v. 3.0.13. In PacketFence GUI
> I have set up a RADIUS secret key - a letter "x" for testing purposes, but 
> when I try using 
> ...
> Mon Apr  3 17:01:03 2017 : Info: Dropping packet without response because of
> error: Received packet from 127.0.0.1 with invalid Message-Authenticator!  
> (Shared secret is incorrect.)

  The shared secret is wrong.  Fix it.

  Re-start FreeRADIUS after changing the secret.

> The shared key should be the same - is there any way how do debug it on a 
> lower level ?

  Look at the packet traces and do the MD5 calculations. In short.. no.

  This is cause by one of two issues:

1) the shared secret is wrong (99.999% of the time)

2) one system is calculating MD5 hashes incorrectly

  Alan DeKok.




More information about the Freeradius-Users mailing list