FreeRadius sends Access-Reject for MAC-AUTH, if shared secret on NAS and server differ
Matthew Newton
mcn at freeradius.org
Sun Apr 14 23:57:35 CEST 2019
On Sun, 2019-04-14 at 14:48 -0700, Phani Siriki wrote:
> My main question is, why does FreeRadius not send Access-Reject(if
> shared secret is not correct) when I try to do EAP authentication?
Because the shared secret is wrong.
> (2) Received Access-Request Id 1 from 172.24.85.69:60091 to
> 172.24.66.67:1812 length 141
> Dropping packet without response because of error: Received packet
> from 172.24.85.69 with invalid Message-Authenticator! (Shared secret
> is incorrect.)
This should be clear enough: the request was dropped. There's nothing
to process so no reply is sent.
--
Matthew
More information about the Freeradius-Users
mailing list