another shared secret problem

Fajar A. Nugraha list at fajar.net
Fri Jun 8 11:09:59 CEST 2012


On Thu, Jun 7, 2012 at 7:36 PM, Morris, Andi <amorris at cardiffmet.ac.uk> wrote:

> The problem is that the FR server is reporting a shared secret mismatch when
> requests come from the new servers:


> I have typed and retyped the shared secret several times on both FR and IAS
> sides of the conversation.  Is there anywhere else in FR I need to declare
> the new servers that I have missed, or do I need to concentrate the efforts
> to the IAS servers?
>
> Full debug output with masked details below:


> client tmg2 {
>
>         ipaddr = 5.5.5.5
>
>         netmask = 32
>
>         require_message_authenticator = no
>
>         secret = "testing123"
>
>         nastype = "other"
>
>         virtual_server = "noname"
>
> }



> rad_recv: Access-Request packet from host 5.5.5.5 port 35394, id=1,
> length=211
>
> Received packet from 5.5.5.5 with invalid Message-Authenticator!  (Shared
> secret is incorrect.) Dropping packet without response.


Is the shared secret on the NAS (5.5.5.5) set to "testing123"? Cause
that's what FR thinks it should be.

-- 
Fajar


More information about the Freeradius-Users mailing list