invalid Message-Authenticator! (Shared secret is incorrect.)
Hegedus Gabor
hegedus.gabor at euroway.hu
Mon Feb 2 15:52:55 CET 2009
Alan DeKok wrote:
> Hegedus Gabor wrote:
>
>> Hi I have a problem:
>>
>> I get this message
>> *invalid Message-Authenticator! (Shared secret is incorrect.) *
>>
>> But I checked the key and it equals.
>>
>
> The shared secret is wrong.
>
>
>> What is the problem?
>>
>> clients.conf:
>> client 192.168.1.10 {
>> secret = test
>>
>> shortname=blablabla
>> }
>>
>
> Why are you putting two configurations on the same line? This isn't C
> programming, where statements are separated by ';'
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
sorry there is enter but i just wrote it wrong...
client 192.168.1.10 {
secret = test
shortname=blablabla
}
Could it be the problem?:
radius server is in 10.10.10.0/24 and the nas is in the 192.168.1.1/27
the packets bridged, the nas can ping the radius server... can the
different mask be a problem?
and when I try authenticate for NAS(consol), the radius reject because
ad_recv: Access-Request packet from host 192.168.1.10 port 1645, id=43,
length=78
NAS-IP-Address = 192.168.1.10
NAS-Port-Type = Async
User-Name = "test"
User-Password = "\335\333TmZî Łx\273\367G\241\350\263\026"
NAS-Identifier = "******* "
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
...
Failed to authenticate the user.
Login incorrect: [test/\335\333TmZî?Łx\273\367G\241\350\263\026] (from
client AP_wireless port 0)
WARNING: Unprintable characters in the password. Double-check the shared
secret on the server and the NAS!
Using Post-Auth-Type Reject
....
what is this password \335\333TmZî Łx\273\367G\241\350\263\026 I don't
understand, ti tells chack the shared secret but it is good....
thank you
Gabor
More information about the Freeradius-Users
mailing list