Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This article explains how to decrypt RADIUS traffic captured by Wireshark when having authentication issues.  Steps in this article explain how to decrypt the traffic to be able to see the username and passcode in plain text.

Capture RADIUS packets

  1. Launch the Wireshark app.Capture the traffic
  2. Select "Capture | Options"
    Image Added
  3. Enter "UDP" in the Capture filter to capture UDP packet only
  4. Click the "Start" button to start capture
  5. Click "Capture | Stop" to end capture

Decrypt RADIUS packets

  1. Go to Edit > Preferences
  2. Click to expand the Protocols tree
  3. Scroll down and select RADIUS



  4. Enter the RADIUS shared secret and click OK to save
  5. Enter "radius" in the display filter to display RADIUS traffic only
  6. Select the "Access-Request" packet to examine, and check the Attribute Value Pairs to find the decrypted username and password

...