Solved: Radius authentication question

sarahr202 · ‎12-12-2015

Hi everybody,

I am trying to learn Radius authentication . Here is my lab set up:

R1( 107.107.107.10)-------(107.107.107.4)-WIN2008(RADIUS SERVER)

Below is radius config on R1:

aaa authentication login default group radius local

radius-server host 107.107.107.4 auth-port 1645 acct-port 1646
radius-server key cisco

I have a few questions:

1) Above I do not specify any encryption on R1, what encryption will be used by R1 by default ?

In the attached file, we see password is encrypted but there is no config on R1 to use particular encryption

2) We also see " authenticator" which is I believe is R1 i.e host name encrypted with shared secret . Am I right?.

Much appreciated and have a great weekend!!

johnd2310 · ‎12-17-2015

Hi,

The Radius Protocol encrypts the user-password by default. i think Radius uses MD5.

The authenticator is a random string generated by the client and is used in the process of encrypting the password.

Thanks

John

**Please rate posts you find helpful**

View solution in original post

Nadav · ‎12-18-2015

Take a look at:

http://www.untruth.org/~josh/security/radius/radius-auth.html

It'll answer both your questions fully.

johnd2310 · ‎12-17-2015

Hi,