cisco freeradius problems
Edgars Makņa
edgarz at dtg.lv
Thu Nov 8 09:09:40 CET 2007
No, shared secret was not wrong, for this case i used "special" secret,
on both hosts in configuration - 1
From one works, from other no.
Nothing more was changed.
Alan DeKok wrote:
> Edgars Makņa wrote:
>
>> Hello
>> I have interesting problems with freeradius authentication.
>> NAS - cisco 2801
>> radius - freeradius running on freebsd with mysql db.
>> I had a lot of such errors in radius.log:
>> Auth: Login incorrect (rlm_pap: CRYPT password check failed):
>> [1-102/D\014\003\222\374\267<z\013y\005\200\354S\373\344] (from client
>> plaza port 0)
>> In debug output i get "unprintable characters".
>>
>
> Then the shared secret is wrong.
>
>
>> In the same time
>> authentication was working fine from other hosts, for example smtp server.
>>
>
> The shared secret is different for each host.
>
>
>> Problem was solved in interesting way, on cisco i specified radius
>> source interface.
>>
>
> Which changes the IP address seen by the server, meaning it uses a
> different shared secret.
>
>
>> It was working fine until mysql server crashed and i got
>> same garbage in authentication. I removed source radius interface from
>> cisco configuration and everything started to work fine again.
>> Any ideas?
>>
>
> You mistyped something in MySQL, started RADIUS, noticed a problem,
> and then re-started both MySQL and RADIUS.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list