|
Home > Archive > Radius Server > December 2006 > Authentication issue
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Authentication issue
|
|
| Eric J. 2006-12-11, 7:23 am |
| Hello,
today i had the following problem:
I set up some switches at a new site and so i decided to choose another
radius-key as our usual. And i took one with 14 characters.
Now i see that the authentication works most of the time, but sometimes
i got the error message that radius-key is wrong:
An Access-Request message was received from RADIUS client NewSiteSwitch
with a message authenticator attribute that is not valid.
Is there any issue that IAS got problems with handling long or complex
radius keys ?
I just figured out that there can be problems with an ! at the end of
the radius key.
Thanks in advance
Eric
| |
| James McIllece [MS] 2006-12-13, 7:21 pm |
| "Eric J." <bt_hirosaito@gmx.de> wrote in
news:1165825949.593858.225240@j72g2000cwa.googlegroups.com:
> Hello,
>
> today i had the following problem:
>
> I set up some switches at a new site and so i decided to choose another
> radius-key as our usual. And i took one with 14 characters.
> Now i see that the authentication works most of the time, but sometimes
> i got the error message that radius-key is wrong:
>
> An Access-Request message was received from RADIUS client NewSiteSwitch
> with a message authenticator attribute that is not valid.
>
> Is there any issue that IAS got problems with handling long or complex
> radius keys ?
> I just figured out that there can be problems with an ! at the end of
> the radius key.
>
> Thanks in advance
>
> Eric
>
The shared secret can be up to 64 characters, so that shouldn't be a
problem.
Please see the Help topic "Shared secrets" for the characters allowed and
other information, on the box or on the Web at
http://technet2.microsoft.com/Windo...8614-8361-496e-
ac38-b7152de2d1c61033.mspx
(NOTE: the Help topic says "You can use a shared secret of up to 128
characters in length," but this is a typo -- the actual value is 64
characters.)
Another related topic is Message Authenticator attribute:
http://technet2.microsoft.com/Windo...2da9-d0d0-4ba8-
a2ff-1c9e50db84ce1033.mspx
--
James McIllece, Microsoft
Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers no rights.
|
|
|
|
|