I am learning how to use freeradius, the version is v2.1.12. When I run radtest, there is no response from server, I see server side debug message has the following:
Received packet from 127.0.0.1 with invalid Message-Authenticator! (Shared secret is incorrect.) Dropping packet without response.
Here is radtest command: radtest -x selftest password 127.0.0.1 0 secret
Here is my edit of /etc/freeradius/clients.conf:
client selftest {
ipaddr = 127.0.0.1
secret = secret
}
Here is my edit of /etc/freeradius/users:
selftest Cleartext-Password := "password"
Here is the full output from radtest:
radtest -x selftest password 127.0.0.1 0 secret
Sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "selftest"
User-Password = "password"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
Do you see what is wrong?
[UPDATE]
Thanks arran-cudbard-bell, I change to "testing123", it is better, it got reject, but this is better.
Indeed I made some changes in /etc/hosts which could be the reason, it is like this:
127.0.0.1 localhost <== pre-existed
127.0.0.1 selftest <== my edit
The reason I add the line is, without it, I cannot even run radtest, I get this error:
# radtest -x -t pap localhost password 127.0.0.1 0 testing123
radclient:: Failed to find IP address for test-server
radclient: Nothing to send.
You know how to solve it?
Best Answer
It's probably not loading the right clients.conf or you have another definition for 127.0.0.1.
Try using
testing123which is the default for the localhost client definition. If it works, you know the problem is a pre-existing definition.