Cisco NAS Password problem

Kevin Bonner keb at
Thu Oct 25 23:59:39 CEST 2007

On Thursday 25 October 2007 17:26:10 John Morris wrote:
>   I then added a second switch to the freeradius client configuration (nas
> table), and encountered a problem. The password was being rejected. So I
> ran Freeradius -X so I could see what was going on.
> On the failed password attempt (second and now third switch in the list) I
> see something like this:
> rad_recv: Access-Request packet from host 192.168.x.z:1645, id=1, length=80
>         NAS-IP-Address = 192.168.x.z
>         NAS-Port = 1
>         NAS-Port-Type = Virtual
>         User-Name = "username"
>         Calling-Station-Id = "192.168.x.y"
>         User-Password = "r\306\324\333M\014\247\022\363\216K\257`\315#]"

Debug output like this usually points to non-matching RADIUS secrets.  Check 
the radius secret in your switch config as well as the secret configured in 
your nas SQL table.  Freeradius only reads the nas table on startup, so if 
you make changes to that table, you must restart the daemon for those changes 
to take effect.

Kevin Bonner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the Freeradius-Users mailing list