John Baker wrote: > The setup works fine if I use a password like "testing123" on both ends. > But when I use "radius-server key 7" to encrypt it breaks.
As in... what happens? > The current > setup does use this so I know it works. But in all the documentation > I've been weeding** through** on configuring clients.conf nothing seems > to mention how this kind of encryption works on the Free Radius server end. See RFC 2865... if you really care about it. But trust me, FreeRADIUS works. > The router insists on extremely long key for this configuration. The > 3640 shows one in the config. But client.conf show a much shorter one. > > When I try to plug the long one in clients.conf freeradius fails to startup. Could you say what error it produces? The comments in clients.conf indicate that the shared secret can be no more than 31 characters long. In 2.0, this restriction is removed. > So how do you configure freeradius for a Cisco hidden password? No idea. The Cisco "hidden password" thing isn't well documented. i.e. The Cisco docs tell you that you can enable hidden passwords, but don't say what that means. And if you look for "hidden password" in: http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455a5f.html It looks to me like you're using the wrong command. "radius server key" sets the shared secret to the following text, which in your case is "7". If you want hidden passwords, it looks like you have to use another command. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html