Hi all, I'm trying to use radius authentication for testing and I have observed that if I use a CHAP request with my client it overrides the secret key ( shared ): it means that I can write wrong key with correct account and the authentication WORKS.
If I use PAP method ther is no problem because I MUST put the correct shared key and authentication doesn't work with wrong key.
I think this is a normal behaviour but I cannot find this in Radius RFC.
Does anyone know if this behaviour is correct ?
thanks in advance Loris