25 Apr
2007
25 Apr
'07
10:25 a.m.
Norbert Wegener wrote:
When I send radtest 000000000009 000000000009 brm 1812 secret xx 10.10.20.138 to a freeradiusserver, I get an access accept. Sending the same radtest command line to an IAS, that should proxy that request to a freeradiusserver, the IAS complains about a missing Message-Authenticator. What do I have to do to get a Message-Authenticator in such a radtest request?
$ vi radtest add: Message-Authenticator = 0x00 after the username && password. FreeRADIUS should probably have an option to require a Message-Authenticator. It avoids a number of attacks. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog