Proxy and clear-text password

tnt at kalik.co.yu tnt at kalik.co.yu
Mon Jul 2 20:31:11 CEST 2007


>But, with tcpdump, I only see garbage and radius2 receive garbage.

As you should. Radius packets are encrypted (that's what the secret is
for).

>Received Access-Reject packet from client radius2 port 1645 with invalid 
>signature (err=2)!  (Shared secret is incorrect.) Dropping packet 
>without response.
..
>And we have checked the secret key between radius1 and radius2 and it is 
>right. Radius2 detect the access-request as bad password request (it 
>receives grabage in the password)

Well both servers tend to disagree. Type in again proxy secret on radius1
and client secret on radius2.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list