invalid Message-Authenticator! (Shared secret is incorrect.)

Hegedus Gabor hegedus.gabor at euroway.hu
Mon Feb 2 15:52:55 CET 2009


Alan DeKok wrote:
> Hegedus Gabor wrote:
>   
>> Hi I have a problem:
>>
>> I get this message
>> *invalid Message-Authenticator! (Shared secret is incorrect.) *
>>
>> But I checked the key and it equals.
>>     
>
>   The shared secret is wrong.
>
>   
>> What is the problem?
>>
>> clients.conf:
>> client 192.168.1.10 {
>>    secret = test 
>>    
>> shortname=blablabla
>> }
>>     
>
>   Why are you putting two configurations on the same line?  This isn't C
> programming, where statements are separated by ';'
>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>   

sorry there is enter but i just wrote it wrong...

client 192.168.1.10 {
	secret = test 
	shortname=blablabla
}



Could it be the problem?:
radius server is in 10.10.10.0/24 and the nas is in the 192.168.1.1/27 
the packets bridged, the nas can ping the radius server... can the 
different mask be a problem?

and when I try authenticate for NAS(consol), the radius reject because

ad_recv: Access-Request packet from host 192.168.1.10 port 1645, id=43, 
length=78
NAS-IP-Address = 192.168.1.10
NAS-Port-Type = Async
User-Name = "test"
User-Password = "\335\333TmZî Łx\273\367G\241\350\263\026"
NAS-Identifier = "******* "
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
...

Failed to authenticate the user.
Login incorrect: [test/\335\333TmZî?Łx\273\367G\241\350\263\026] (from 
client AP_wireless port 0)
WARNING: Unprintable characters in the password. Double-check the shared 
secret on the server and the NAS!
Using Post-Auth-Type Reject
....



what is this password \335\333TmZî Łx\273\367G\241\350\263\026 I don't 
understand, ti tells chack the shared secret but it is good....


thank you
Gabor



More information about the Freeradius-Users mailing list