cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1099
Views
0
Helpful
2
Replies

Shared Secret mismatch Radius

2 of our managed UPS's are currently being used with an incorrect secret and Radius only authentication. Due to this we recently discovered that we are unable to login. Is there a way to allow ACS (we have 5.5) to tell us what the shared secret is that the 2 UPS's are sending us in some logs, or is there a way to allow access from these 2 IP addresses, even though the shared secret is wrong?

 

The cost to get someone out to the branch and console in would be very high, so we wanted to make sure there was not a cheaper/easier way.

 

Thank you!

2 Replies 2

jan.nielsen
Rising star
Rising star

No, the secret key is not sent in the radius packets, it is used to protect the users password when being sent over radius, which is why your authentication fails. If you have configured a fallback to a local user in your APS radius config, you could try to block it's access to the radius server to login.

We tried that, and we are pretty sure that it is set to radius only, and not radius first local authorization second. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers