radius authentication

- L
- l.cardullo
  
  Contact options for registered users
posted
18 years ago

Wed, Feb 15, 2006 12:54 PM

Hi all, I'm trying to use radius authentication for testing and I have observed that if I use a CHAP request with my client it overrides the secret key ( shared ): it means that I can write wrong key with correct account and the authentication WORKS.

If I use PAP method ther is no problem because I MUST put the correct shared key and authentication doesn't work with wrong key.

I think this is a normal behaviour but I cannot find this in Radius RFC.

Does anyone know if this behaviour is correct ?

thanks in advance Loris

Loading thread data ...

- H
- hellboy
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Thu, Feb 16, 2006 7:35 PM

Hi,

In case of PAP the "password" field is encrypted using the secret key. If the secret key does not match the radius server will never have the right password.

CHAP and MsChap do not use the "password" field like PAP. Hence the secret key isnt used > Hi all,

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.