> Even though the secret is incorrect the authentication can be > correct. The server returns an Access-Accept. Why? The server trusts the > client (it's in the accepted NAS list) and performs the authentication.
I might have missed something here, sorry in advance ;-) Since the secret is incorrect, Freeradius wont be able to correctly decrypt the user-password. So authentication shouldn't be succesful ? (section 4.1 of http://www.freeradius.org/faq/). Have you got any pointer to the thread you are talking about (I haven't found it with a wuick googleing) ? Thibault - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html