Norbert Wegener wrote:
> When I send
> radtest 000000000009  000000000009 brm 1812 secret xx 10.10.20.138
> to a freeradiusserver, I get an access accept.
> Sending the same radtest command line to an IAS, that should proxy that 
> request to a freeradiusserver,
> the IAS complains about a missing Message-Authenticator.
> What do I have to do to get a Message-Authenticator in such a radtest 
> request?

$ vi radtest

  add: Message-Authenticator = 0x00
  after the username && password.

  FreeRADIUS should probably have an option to require a
Message-Authenticator.  It avoids a number of attacks.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to