radtest and Message-Authenticator
When I send radtest 000000000009 000000000009 brm 1812 secret xx 10.10.20.138 to a freeradiusserver, I get an access accept. Sending the same radtest command line to an IAS, that should proxy that request to a freeradiusserver, the IAS complains about a missing Message-Authenticator. What do I have to do to get a Message-Authenticator in such a radtest request? Thanks Norbert Wegener
Norbert Wegener wrote:
When I send radtest 000000000009 000000000009 brm 1812 secret xx 10.10.20.138 to a freeradiusserver, I get an access accept. Sending the same radtest command line to an IAS, that should proxy that request to a freeradiusserver, the IAS complains about a missing Message-Authenticator. What do I have to do to get a Message-Authenticator in such a radtest request?
$ vi radtest add: Message-Authenticator = 0x00 after the username && password. FreeRADIUS should probably have an option to require a Message-Authenticator. It avoids a number of attacks. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
participants (2)
-
Alan DeKok -
Norbert Wegener