Default it seems that Dude is probing my radius server (mikrotik user-manager), the problem is that i use user-manager for personal user-accounts for every mikrotik routerboards, so there is a router config for the dude server also that make it possible for the dude session to connect to radius.
Dude server then try to log in with user TEST and flooding my log files.
Does anyone else have good idea howto still monitor radius, but keep dude from flooding radius logs.
Maybe make a TEST user in radius and then set the password accordingly to the probing request, so there is a successfull login instead of a failure. ???
Dude tries to connect to the radius with the user “TEST” and the radius (user-manager) is logging the attempt as a failure.
Work around could be to stop failure logging on the radius (user-manager), or stop probing the radius service in dude.
None of those options is a good solution.
In the dude configuration for radius I find “\x01D\0,0123456789012345\x01\x06TEST\x02\x12abcdefghijklmnop\0” and I’ve tried to change some of these setting without any luck.
Mmm.. that was my first thought as well, but i guess I have to use wireshark to find out what kind of password it tries (since I couldn’t figure out the string) . And I have to change the expected response in dude something else than the expected “\x03D” response.
Anyone who could enlighten me on this different strings?
You could simplify it by just checking if the port is open by creating a new udp probe set the port and click connect only.
Of course that doesn’t let you know if radius is actually working, just something is running on that port.
When you modified that string did the user “TEST” keep trying to log in?
For example try this? “\x01D\0,0123456789012345\x01\x06myuser\x02\x12mypass\0”
Here is the last post…
I had a similar problem and thought things needed to be changed as well then I came across this post from uldis on March 17, 2006
“you can change the contents of UDP packet that is sent in any way, but in
general it is not required to successfully authenticate with radius server,
dude just checks if reasonable response is received. (dude server should be
added to radius servers shared secret list).”
So I removed all the changes and created the dude in the shared secret list and it worked for me.
I made the suggestion of changing some of the fields but what we need is someone who knows which field is which…
I don’t know if they are using pap or chap or ms-chap or chapv2. I would assume that they are just using pap.
Does you radius server accept pap? I would not allow unencrypted password protocols.
Although you see “bad password” if your radius server only supports chapv2 and the dude is using pap you might get the same error.
You could temporarily enable pap but then if one of the real users computer is configured wrong “using pap” the password is being sent in the clear.
Maybe gsandul or normis can shed some light on the fields of the radius probe.
i had the same problem and i solved it.
i added dude ip in the router list of usermanager, and then i added the user TEST with, now i’ve got to understand how to change the password