How to check сorrectness of the secret key?
alan buxey
A.L.M.Buxey at lboro.ac.uk
Mon Sep 24 10:54:13 CEST 2012
Hi,
> but, tcpdump shows me, that packet was arrived...
yes...but if you dont see ANYTHING in the 'radiusd -X' terminal window, then the
server is not getting the packet
> I've used radclient on localhost to check the auth-tion. It's works fine.
..which is local...and therefore is direct
> When NAS server (in different network) send auth request from , then
> tcpdump shows correct port, ip's, but no answer from RADIUS, no info in
> the log.
what does 'radiusd -X' show then ?
> I've tried to send auth request from localhost againg, but with wrong key.
> As a result -- no log-info in radius.log, also no any response... That is
> why I think, that something is wrong with secret key on my NAS-server.
one last time....as you've already been informed. IF you are running FreeRADIUS in
full debug mode ie 'radiusd -X' you WILL see packets arrive...and if the shared secret
is incorrect then you will be told about it:
"WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS!"
you wont see ANYTHING in the logs (theres a silent reject) in standard mode - this is to protect
the server from DoS attack
alan
More information about the Freeradius-Devel
mailing list