radtest and Message-Authenticator
Alan DeKok
aland at deployingradius.com
Wed Apr 25 16:25:03 CEST 2007
Norbert Wegener wrote:
> When I send
> radtest 000000000009 000000000009 brm 1812 secret xx 10.10.20.138
> to a freeradiusserver, I get an access accept.
> Sending the same radtest command line to an IAS, that should proxy that
> request to a freeradiusserver,
> the IAS complains about a missing Message-Authenticator.
> What do I have to do to get a Message-Authenticator in such a radtest
> request?
$ vi radtest
add: Message-Authenticator = 0x00
after the username && password.
FreeRADIUS should probably have an option to require a
Message-Authenticator. It avoids a number of attacks.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list