Unknown username and password matching
Dan Strong
danstrong_01 at hotmail.co.uk
Fri Apr 12 21:57:40 CEST 2019
Thanks at least I can see where things happen now, although it looks like its in vain.
So it seems the Cisco doesn't even send the PSK at all. All it sends is a username and password as a MAC address, then it sends Cisco-AVPair as an audit session ID which my foreach group then incorrectly looks at and extracts...
So the radius just matches the username, looks at the vlan and psk sends that back to the controller which then says 'yes' the psk matches what the user put in the device then allows.
This will not work then, the radius is searching for something which isn't there. We would have to send back multiple PSK until one matched... If only they sent the PSK down with the username and password!!! Pretty much everything else comes along...
Many thanks for the help!
More information about the Freeradius-Users
mailing list