-- Mark Hennessy -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, February 26, 2004 9:58 PM To: [EMAIL PROTECTED] Subject: Re: Cisco 7200 Series and PPPoE
"Mark Hennessy" <[EMAIL PROTECTED]> wrote: > But there is a password configured for that user, that user would > have been able to check the password just fine if they connected > through the redback. <shrug> Then something's wrong with the Cisco box. It looks like changing the shared secret to a string of 10 characters instead of 11 in the RADIUS server and the NAS fixed the password deciphering problem. I am now getting accounting records. All accounting records are generated by that NAS of course? > How would it even be possible to get the username etc if the shared > secret was wrong? Because the packets aren't encrypted with the shared secret. They're not encrypted at all. I was working under a misunderstanding of the purpose of the shared secret. If I read what you wrote correctly, the shared secret's sole purpose is to encipher/decipher the password so it was not sent in the clear over the network. I thought it had a role in NAS/RADIUS server authentication as well for some strange reason. Serves me right for not RTFM well enough. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
