On Thu, Jun 7, 2012 at 7:36 PM, Morris, Andi <amorris@cardiffmet.ac.uk> wrote:
The problem is that the FR server is reporting a shared secret mismatch when requests come from the new servers:
I have typed and retyped the shared secret several times on both FR and IAS sides of the conversation. Is there anywhere else in FR I need to declare the new servers that I have missed, or do I need to concentrate the efforts to the IAS servers?
Full debug output with masked details below:
client tmg2 {
ipaddr = 5.5.5.5
netmask = 32
require_message_authenticator = no
secret = "testing123"
nastype = "other"
virtual_server = "noname"
}
rad_recv: Access-Request packet from host 5.5.5.5 port 35394, id=1, length=211
Received packet from 5.5.5.5 with invalid Message-Authenticator! (Shared secret is incorrect.) Dropping packet without response.
Is the shared secret on the NAS (5.5.5.5) set to "testing123"? Cause that's what FR thinks it should be. -- Fajar