You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

This article explains how to decrypt RADIUS traffic captured by Wireshark when having authentication issues.  Steps in this article explain how to decrypt the traffic to be able to see the username and passcode in plain text.

Capture RADIUS packets

  1. Launch the Wireshark app
  2. Select "Capture | Options"
  3. Enter "UDP" in the Capture filter to capture UDP packet only
  4. Click the "Start" button to start capture
  5. Click "Capture | Stop" to end capture

Decrypt RADIUS packets

  1. Go to Edit > Preferences
  2. Click to expand the Protocols tree
  3. Scroll down and select RADIUS

  4. Enter the RADIUS shared secret and click OK to save
  5. Enter "radius" in the display filter to display RADIUS traffic only
  6. Select the "Access-Request" packet to examine, and check the Attribute Value Pairs to find the decrypted username and password