Message-Authenticator Fails Verification

When a packet fails to be verified, the shared secret is wrong. Fix it!

RADIUS uses a 'shared secret' to authenticate clients and servers. This is a key which is known only to the client and server.

When the secret doesn’t match, the server cannot authenticate it, the packet is invalid, and the server discards it. The server also produces an error in debug mode. That error describes the specific reason why the packet was discarded.

Whatever the reason or error message, the underlying cause is the same. The shared secret on the client and server are not the same. To resolve this issue, check that the shared secret is identical on both the client and server. In many cases, you should just re-enter the shared secret on both sides.