Issue
This article explains how to decrypt RADIUS traffic captured by Wireshark when having authentication issues. Steps in this article explain how to decrypt the traffic to be able to see the username and passcode in plain text.
Resolution
You must know the RADIUS shared secret used in order to decrypt the packets.
You can follow the below steps to be able to decrypt the Radius Packets:
You can follow the below steps to be able to decrypt the Radius Packets:
- Capture RADIUS authentication traffic.
- Launch the Wireshark app.
- Open the capture of of the RADIUS traffic, typically in .pcap format.
- Go to Edit > Preferences.
- Click the + next to Protocols to expand the tree.
- Scroll down and select RADIUS.
- Key in the RADIUS shared secret and click Apply.
- The passcode in clear text.
Comments
Post a Comment