Hi Phil, Do you mean the clients.conf file? I don't see require_message_authenticator there. If it is some other file then please let me know the details. I am a new user so not much aware of the configuration files.
Thanks -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] dius.org] On Behalf Of Phil Mayers Sent: Tuesday, March 18, 2008 10:25 PM To: FreeRadius users mailing list Subject: Re: incorrect shared secret entry authenticates successfully forfreerradius Alan DeKok wrote: > Phil Mayers wrote: >> If your NAS supply Message-Authenticator, you could refuse packets >> without one: > > Edit the "client" section and set "require_message_authenticator = yes". Ah thanks - I didn't know about that > > The recommendations of RFC 5080 have been implemented in FreeRADIUS. > Sometimes years before any other RADIUS server. > > Apparently Radiator didn't do duplicate detection until RFC 5080... > see their changelog for the 4.x series. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html