shared secret mismatch
Michael Lecuyer
mjl at theorem.com
Thu May 18 15:47:09 CEST 2006
There's more going on the exchange than a simple authentication.
The data in the Access-Request packet may have correct data for
authentication. The server will correctly authenticate the entity.
However server signs the response packet with a different secret than
the client making the signature incorrect.
The client must check the signature on the Access-Accept packet and if
it's not correct must reject the authentication even though the reply
type is Access-Accept.
DilipSimha.N.M wrote:
> hi,
>
> If the shared-secret mismatches bwtween NAS and RADIUS server,
> then still the access-accept message is sent from RADIUS server to NAS.
>
> why is access-reject message not sent???
>
> --DilipSimha
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list