No, shared secret was not wrong, for this case i used "special" secret,
on both hosts in configuration - 1
From one works, from other no.
Nothing more was changed.
Alan DeKok wrote:
Edgars Makņa wrote:
Hello
I have interesting problems with freeradius authentication.
NAS - cisco 2801
radius - freeradius running on freebsd with mysql db.
I had a lot of such errors in radius.log:
Auth: Login incorrect (rlm_pap: CRYPT password check failed):
[1-102/D\014\003\222\374\267<z\013y\005\200\354S\373\344] (from client
plaza port 0)
In debug output i get "unprintable characters".
Then the shared secret is wrong.
In the same time
authentication was working fine from other hosts, for example smtp server.
The shared secret is different for each host.
Problem was solved in interesting way, on cisco i specified radius
source interface.
Which changes the IP address seen by the server, meaning it uses a
different shared secret.
It was working fine until mysql server crashed and i got
same garbage in authentication. I removed source radius interface from
cisco configuration and everything started to work fine again.
Any ideas?
You mistyped something in MySQL, started RADIUS, noticed a problem,
and then re-started both MySQL and RADIUS.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
