Thanks Jason, but I might have been unclear. Sorry about that. I'm using fake data to send to the radius server. I do not care if it passes or fails. I simply want the server to respond when I send a message to x.x.3.199 (the network address of the machine) just as it does when I send a request to the localhost address on the machine.
It does respond to localhost, it does not respond to the network address. That's where the problem lies, that I am trying to figure out. Thanks again, though. The network I am trying to authenticate is remote from the radius server, so I cannot use localhost. Otherwise, I wouldn't worry about it... Eventually, the remote location will be running covachilli or something similar. But for security (equipment) reasons, I cannot put a server at that end, so must do authentication remotely, at this end. Cheers, Kevin On Fri, 2008-12-12 at 16:11 -0500, Jason Wittlin-Cohen wrote: > Kevin, > > The relevant line is: > > "> rad_verify: Received Access-Reject packet from client 127.0.0.1 > port 1812 with invalid signature (err=2)! (Shared secret is > incorrect.)" > > The shared secret to authenticate a client to the RADIUS server (for > RADIUS, not EAP traffic) is either not set, or you're using the wrong > secret. By default there is no shared secret set for localhost. Edit > clients.conf, search for 127.0.0.1. You'll find a line that looks > like: > > ipaddr = 127.0.0.1 > > Now, add this line beneath: > > secret = secret > > Restart freeradius and try again. The message should go away. > Remember, you're still going to get an access-reject response unless > you setup the user account and password your authenticating with in > the "users" file. > > Jason > > -- > Jason Wittlin-Cohen > Yale Law School, Class of 2010 > [email protected] > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
