Cisco NAS Password problem
Kevin Bonner
keb at pa.net
Thu Oct 25 23:59:39 CEST 2007
On Thursday 25 October 2007 17:26:10 John Morris wrote:
> I then added a second switch to the freeradius client configuration (nas
> table), and encountered a problem. The password was being rejected. So I
> ran Freeradius -X so I could see what was going on.
>
> On the failed password attempt (second and now third switch in the list) I
> see something like this:
>
> rad_recv: Access-Request packet from host 192.168.x.z:1645, id=1, length=80
> NAS-IP-Address = 192.168.x.z
> NAS-Port = 1
> NAS-Port-Type = Virtual
> User-Name = "username"
> Calling-Station-Id = "192.168.x.y"
> User-Password = "r\306\324\333M\014\247\022\363\216K\257`\315#]"
Debug output like this usually points to non-matching RADIUS secrets. Check
the radius secret in your switch config as well as the secret configured in
your nas SQL table. Freeradius only reads the nas table on startup, so if
you make changes to that table, you must restart the daemon for those changes
to take effect.
Kevin Bonner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071025/4f109052/attachment.pgp>
More information about the Freeradius-Users
mailing list