If you have "service password-encryption" on your cisco it will mismatch, this can be changed by "no service password-encryption" and then re typing the radius-server key command
the secret must be the same on your Cisco as well as your clients.conf and proxy.conf That is how I got mine to work. -Vic -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Nguyen Nhu Hao Sent: Saturday, March 01, 2003 9:23 PM To: [EMAIL PROTECTED] Subject: Re: help me Hi Tarvid, Thank a lot for your kindness. I followed as you showed me but I could not solve the problem. Could you help me to find out the bug I give you my router configuration here pascal#show run Building configuration... Current configuration : 4169 bytes ! version 12.1 service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname pascal ! no logging console aaa new-model aaa authentication login default group radius local ....................... ........................... radius-server host 172.16.5.5 auth-port 1645 acct-port 1646 radius-server retransmit 3 radius-server timeout 10 radius-server key 123456 and the file client.conf client 172.16.5.1 { secret = 123456 shortname = pascal } the file naslist # NAS Name Short Name Type #---------------- ---------- ---- #portmaster1.isp.com pm1.NY livingston #portmaster2.isp.com pm1.LA livingston localhost local portslave pascal pascal cisco and radius log when logined fail more /usr/local/var/log/radius/radius.log Mon Dec 2 11:37:30 2002 : Info: HASH: Reinitializing hash structures and lists for caching... Mon Dec 2 11:37:30 2002 : Info: HASH: Stored 30 entries from /etc/passwd Mon Dec 2 11:37:30 2002 : Info: HASH: Stored 40 entries from /etc/group Mon Dec 2 11:37:30 2002 : Info: Listening on IP address 172.16.5.5, ports 1645/udp and 1646/udp. Mon Dec 2 11:37:30 2002 : Info: Ready to process requests. Mon Dec 2 11:37:57 2002 : Auth: Login incorrect: [hao/8R=\275\326CG\214\224\227\003\231Y'\230c] (from client pascal port 66 cli 172 .16.5.3) nhuhao ----- Original Message ----- From: "tarvid" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, February 28, 2003 5:49 PM Subject: Re: help me > On Saturday 01 March 2003 11:32 pm, Nguyen Nhu Hao wrote: > > Hi all, > > I am a newbie with radius and unix, I would like to install freeradius = > > in RedHat 7.1 and I use a router to authenicate via radius. I installed = > > ok, but I could not authenticate success. I configured authentication = > > use unix module. > > > HASH: user hao found in hashtable bucket 47290 > > modcall[authenticate]: module "unix" returns reject > > modcall: group authenticate returns reject > > auth: Failed to validate the user. > > Login incorrect: [hao/\236\232M\236s<\3121\211\214\344\347"+\214\031] = > > (from client pascal port 66 cli 172.16.5.3) > > WARNING: Unprintable characters in the password. ? Double-check the = > > shared secret on the server and the NAS! > > Have you followed up on the above error message? > > The 'secret" in clients.conf must match exactly the "secret" in your server. > > You might log bad passwords to see if your server got anything like what the > router sent. > > Jim Tarvid > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html