(RADIATOR) "Bad authenticator in request" read the FAQ's still not working

Hugh Irvine hugh at open.com.au
Thu Nov 1 22:15:53 CST 2001 

Hello Andrew -

It looks to me like the shared secrets are different between the NAS 
and the Client clause. You only show an accounting request and if 
this is only happening with accounting requests (ie. authentication 
requests are working) then it is likely a software bug in the NAS 
that the IgnoreAcctSignature tag in the Client clause will deal with.

hth

Hugh


>I'm trying to setup another 3COM Total Control Chassis. The first config
>works and is the first chassis. The second one fails with "WARNING: Bad
>authenticator in request from 209.113.232.252 (209.
>113.232.252)" Please see bottom. Both NAS appear to be setup identically.
>Any suggestions would be greatly appreciated. The second chassis has a
>different Secret and community string.
>
># THIS ON WORKS
><Client 63.112.157.254>
>         Secret  XXXXXX
>         NasType TotalControlSNMP
>         IgnoreAcctSignature
>         SNMPCommunity   XXXX
></Client>
>
>
>#THIS ONE FAILS WITH BAD AUTHENTICATOR
><Client 209.113.232.252>
>         Secret  XXXXX
>	  IgnoreAcctSignature
>	  NasType TotalControlSNMP
>         SNMPCommunity   XXXXXX
></Client>
>
>
>Code:       Accounting-Request
>Identifier: 14
>Authentic:  <188>H-l/b<168>P<225><245><210><136><194><187><190>D
>Attributes:
>         User-Name = "unauthenticated"
>         NAS-Identifier = "209.113.232.252"
>         Acct-Status-Type = Stop
>         Acct-Session-Id = "524292"
>         Acct-Delay-Time = 9660
>         Service-Type = 0
>         NAS-Port-Type = Async
>         NAS-Port = 9
>         Caller-Id = "2033183057"
>         Client-Port-DNIS = "2035230015"
>         Acct-Session-Time = 30
>         Acct-Terminate-Cause = 2
>         Acct-Input-Octets = 0
>         Acct-Output-Octets = 92
>
>Thu Nov  1 12:29:59 2001: DEBUG: Rewrote user name to unauthenticated
>Thu Nov  1 12:29:59 2001: DEBUG: Rewrote user name to unauthenticated
>Thu Nov  1 12:29:59 2001: WARNING: Bad authenticator in request from
>209.113.232.252 (209.
>113.232.252)
>
>Andrew P. Kaplan
>Network Administrator
>CyberShore, Inc.
>http://www.cshore.com
>
>"I couldn't give him advice in business and he couldn't give me
>advice in technology." --Linus Torvalds, about why he wouldn't
>be interested in meeting Bill Gates.
>
>
>
>
>
>---
>Outgoing mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.286 / Virus Database: 152 - Release Date: 10/9/01
>
>===
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on radiator-announce at open.com.au
>To unsubscribe, email 'majordomo at open.com.au' with
>'unsubscribe radiator' in the body of the message.

-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list