Hi all, I'm trying to configure hardware (MAC) auth using FreeRADIUS. It works nice with another provider, but on this new one seems to do shared secret signing wrong. Fri Jul 6 08:37:40 2018 : Info: Ready to process requests Fri Jul 6 08:37:50 2018 : Debug: (0) Received Access-Request Id 4 from 10.70.8.199:44611 to 172.16.250.2:8812 length 271 Fri Jul 6 08:37:50 2018 : Info: Dropping packet without response because of error: Received packet from 10.70.8.199 with invalid Message-Authenticator! (Shared secret is incorrect.) (wireshark decoding below) RADIUS Protocol Code: Access-Request (1) Packet identifier: 0x2 (2) Length: 271 Authenticator: 579f8d81dc3deb6a9f37ebae3d0b7cde Attribute Value Pairs AVP: l=14 t=User-Name(1): 9068C3435B5A AVP: l=18 t=User-Password(2): Encrypted AVP: l=6 t=Service-Type(6): Call-Check(10) AVP: l=6 t=NAS-IP-Address(4): 10.70.8.199 AVP: l=22 t=NAS-Identifier(32): WLAN-pruebas_udguest AVP: l=30 t=Called-Station-Id(30): DC0856003BF0:pruebas_udguest AVP: l=6 t=NAS-Port-Type(61): Wireless-802.11(19) AVP: l=6 t=NAS-Port(5): 1 AVP: l=11 t=NAS-Port-Id(87): wifi-2.4G AVP: l=14 t=Calling-Station-Id(31): 9068C3435B5A AVP: l=46 t=Acct-Session-Id(44): 10.70.8.199_05/07/2018 12:13:28_9068c3435b5a AVP: l=6 t=Framed-MTU(12): 1400 AVP: l=28 t=Vendor-Specific(26) v=Xylan Corp.(800) AVP: l=20 t=Vendor-Specific(26) v=Xylan Corp.(800) AVP: l=18 t=Message-Authenticator(80): 7611eb291b65f41849d0451d3f027382 I have no doubt that FR does the right thing, and I'm sure that this is not a "maybe you didn't input the same secret in both places" issue. This is either a hardcoded secret (not their first time) or a bad implementation. They deny any wrongdoing on their part. I intend to prove that they are doing RADIUS secret wrong and have locate the fr_radius_verify function. My questions are: Can I brute force the secret somehow? Can I make my point to them somehow else? Regards, Alberto