[RADIATOR] Bad-authenticator
MEjaz
mejaz at cyberia.net.sa
Tue Apr 30 10:23:32 UTC 2019
I have added this in the below handler. Is this correct place? Also when
I restart the radius to read the new file it gives me an error "Tue Apr 30
13:26:48 2019: ERR: Unknown keyword 'IgnoreAcctSignature' in
/opt2/radiator/radius.cfg line 65"
<Handler>
PreProcessingHook file:"/etc/radiator/changeUserName"
<AuthBy SQL>
DBSource dbi:Sybase:xxxx
DBUsername xxxx
DBAuth xxx
DefaultSimultaneousUse 1
CaseInsensitivePasswords
IgnoreAcctSignature
Ejaz
-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au]
Sent: Tuesday, April 30, 2019 1:20 PM
To: MEjaz <mejaz at cyberia.net.sa>
Cc: Heikki Vatiainen <hvn at open.com.au>; radiator at lists.open.com.au
Subject: Re: [RADIATOR] Bad-authenticator
Hello -
You can try setting IgnoreAcctSignature in the Client clause, but make
doubly sure the shared secret is correct.
regards
Hugh
> On 30 Apr 2019, at 19:39, MEjaz < <mailto:mejaz at cyberia.net.sa>
mejaz at cyberia.net.sa> wrote:
>
> I made sure from the NAS side the secret is same as what I have
> configured in Client clause.
> Is there any other clue?
>
> Thanks in advance..
>
> -----Original Message-----
> From: radiator [ <mailto:radiator-bounces at lists.open.com.au>
mailto:radiator-bounces at lists.open.com.au] On Behalf
> Of Heikki Vatiainen
> Sent: Monday, April 29, 2019 8:49 PM
> To: <mailto:radiator at lists.open.com.au> radiator at lists.open.com.au
> Subject: Re: [RADIATOR] Bad-authenticator
>
> On 29/04/2019 12.38, MEjaz wrote:
>
>> I'm getting a "Bad Authenticator" message using > Radiator. Cisco,
>> O/S is Solaris. And with MSSQL database.
>> Any idea how to fix this? Any help would be appreciated!
>
> Check that the secret within <Client 212.119.67.28> matches what's
> configured on that IP address (RADIUS client). You'll see this error
> when the server (Radiator) and client (NAS) shared secrets are not equal.
>
> Note that the shared secret is not for encrypting the whole message.
> This is why you see most of the values in clear text in RADIUS
> requests even if the secret is not correct.
>
> Thanks,
> Heikki
>
> --
> Heikki Vatiainen < <mailto:hvn at open.com.au> hvn at open.com.au>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active
> Directory, EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP,
> TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
etc.
> _______________________________________________
> radiator mailing list
> <mailto:radiator at lists.open.com.au> radiator at lists.open.com.au
> <https://lists.open.com.au/mailman/listinfo/radiator>
https://lists.open.com.au/mailman/listinfo/radiator
>
> _______________________________________________
> radiator mailing list
> <mailto:radiator at lists.open.com.au> radiator at lists.open.com.au
> <https://lists.open.com.au/mailman/listinfo/radiator>
https://lists.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
<mailto:hugh at open.com.au> hugh at open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER,
SIM, etc.
Full source on Unix, Linux, Windows, macOS, Solaris, VMS, NetWare etc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20190430/13bb564d/attachment-0001.html>
More information about the radiator
mailing list