[radius] Re: Auth question

Nick Marino nickm at kryptontech.com
Tue Feb 7 22:07:03 CET 2006

Yes I dont think its a NAS problem at all.

The garbled password you are seeing that I sent is the users actual 
password. When that request comes from the nas and rlm_pap tries you auth 
it, the password is showing up like that. if you look at what I posted you 
will see it is a username/password pair and the password is getting garbled.

Login incorrect: [nickm/d\313f`&\247+>4\203\360/\367]

Also I stated if I test it from Dialup admin using the same shared secret 
for nas it works fine and the password is not garbled.
Only when it comes from the nas to FR.

The packets are being accepted from the nas, that is not the issue.

To prove to myself, I set in the users file DEFAULT = Authtype := Accept so 
it will let everyting thing go through and it does.

The packets come from the NAS and althought they still have garbled 
passwords when FR process it in rlm_pap it allows them to connect due to the 
DEFUALT I have set in the users file. At that point the user logs in and 
they show up in Dialup admin as they should. Even the accounting packets 
work from that point on.

Nick Marino - IT Solutions
----- Original Message ----- 
From: "Andrew Browning" <drew826 at gmail.com>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Tuesday, February 07, 2006 1:56 PM
Subject: Re: [radius] Re: Auth question

> The only files I know of that use the secret password are clients.conf
> and proxy.conf. Make sure your clients.conf has an entry for your NAS
> with the correct IP address and the correct secret. I don't think
> you'll need to touch the proxy.conf file; its used for proxying RADIUS
> requests that successfully reach you to another RADIUS server, and you
> apparently aren't receving requests successfully.
> On 2/7/06, Nick Marino <nickm at kryptontech.com> wrote:
>> Nick Marino - IT Solutions
>> ----- Original Message -----
>> From: "Alan DeKok" <aland at ox.org>
>> To: "FreeRadius users mailing list" 
>> <freeradius-users at lists.freeradius.org>
>> Sent: Tuesday, February 07, 2006 11:50 AM
>> Subject: Re: [radius] Re: Auth question
>> > "Nick Marino" <nickm at kryptontech.com> wrote:
>> >> Only when NAS send the request to FR does it generate that garbled
>> >> password.
>> >
>> >  Then the shared secret is wrong.
>> >
>> >  Or, there's a bug in the server that mangles the password only for 
>> > that
>> > NAS.
>> >
>> >  Which is more likely?
>> >
>> >  Alan DeKok.
>> > -
>> Its more likely that the password is wrong but, I am sure that they are 
>> the
>> same. Like I said I even reset the password in the nas to make sure. I 
>> will
>> check again but I dont think that is the problem.
>> Shared secret has been the same in the nas for 3 years now and it has 
>> always
>> worked.
>>  This just started after upgrading to the newest version of FR 1.1.0.
>> Is there a place that I am missing that should have the shared secret in 
>> it
>> that I havent changed. I hate to ask but exactly what all files need the
>> shared password in it.
>> clients.conf and where else?
>>  This just started after upgrading to the newest version of FR.
>> -
>> List info/subscribe/unsubscribe? See 
>> http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
> -- 
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.375 / Virus Database: 267.15.2/252 - Release Date: 2/6/2006

More information about the Freeradius-Users mailing list