cisco freeradius problems
Alan DeKok
aland at deployingradius.com
Wed Nov 7 20:26:50 CET 2007
Edgars Makņa wrote:
> Hello
> I have interesting problems with freeradius authentication.
> NAS - cisco 2801
> radius - freeradius running on freebsd with mysql db.
> I had a lot of such errors in radius.log:
> Auth: Login incorrect (rlm_pap: CRYPT password check failed):
> [1-102/D\014\003\222\374\267<z\013y\005\200\354S\373\344] (from client
> plaza port 0)
> In debug output i get "unprintable characters".
Then the shared secret is wrong.
> In the same time
> authentication was working fine from other hosts, for example smtp server.
The shared secret is different for each host.
> Problem was solved in interesting way, on cisco i specified radius
> source interface.
Which changes the IP address seen by the server, meaning it uses a
different shared secret.
> It was working fine until mysql server crashed and i got
> same garbage in authentication. I removed source radius interface from
> cisco configuration and everything started to work fine again.
> Any ideas?
You mistyped something in MySQL, started RADIUS, noticed a problem,
and then re-started both MySQL and RADIUS.
Alan DeKok.
More information about the Freeradius-Users
mailing list