Hello! The secret key between nas and radius1 is right.
In debug mode I receive a clear password: Sending Access-Request of id 0 to radius2 port 1645 User-Password = "estestA243" NAS-Identifier = "10.1.0.102" User-Name = "[EMAIL PROTECTED]" Acct-Session-Id = "0000033C" Called-Station-Id = "908274434" Calling-Station-Id = "933326800" NAS-Port = 17236233 NAS-Port-Type = Async Framed-Protocol = PPP Service-Type = Framed-User NAS-IP-Address = 10.1.0.102 Proxy-State = 0x313832 --- Walking the entire request list --- rad_recv: Access-Reject packet from host radius2:1645, id=0, length=85 Received Access-Reject packet from client radius2 port 1645 with invalid signature (err=2)! (Shared secret is incorrect.) Dropping packet without response. Finished request 0 But, with tcpdump, I only see garbage and radius2 receive garbage. And we have checked the secret key between radius1 and radius2 and it is right. Radius2 detect the access-request as bad password request (it receives grabage in the password) There is others local users in radius1 working fine, using teh same nas and shared secret. thanks. Luis Alan DeKok escribió: > Luis Galan wrote: >> It seems that my nas is sending encrypted passwords > > No. If the User-Password field is garbage in debugging mode, it's > because the shared secret is wrong. Fix it. > >> but radius2 only >> accept clear text passwords. And my radius1 is proxying the request of >> the [EMAIL PROTECTED] with encrypted passwords to radius2. >> >> What can I do to send the clear-text passwords to radius2? > > Use the correct shared secret between the NAS and radius1. > > Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html