Re: Problems -- rad_verify: invalid sig nature (err=2)! (shared secret is incorrect)
On 25/10/10 04:06, Xiaochen wrote: Hi all, I am using Fedora 12 and Freeradius 1.2.9 to do some COA test. When AAA sends Disconnect-request to my AGW, the AGW reply with a Disconnect-ACK, and my MS disconnects. But the rad_verify says: --- Received Disconnect-ACK packet from clinet 100.1.6.4 port 3799 with invalid signature (err=2)! (shared secret is incorrect. --- In fact the shared secret is correct!!! No it is not. The error message is unambiguous. You have made an error with the shared secret. Fix it. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problems -- rad_verify: invalid signatu re (err=2)! (shared secret is incorrect)
Hi all, I am using Fedora 12 and Freeradius 1.2.9 to do some COA test. When AAA sends Disconnect-request to my AGW, the AGW reply with a Disconnect-ACK, and my MS disconnects. But the rad_verify says: --- Received Disconnect-ACK packet from clinet 100.1.6.4 port 3799 with invalid signature (err=2)! (shared secret is incorrect. --- In fact the shared secret is correct!!! My disconnect packt.txt is like: --- Acct-Session-Id=0001 Calling-Station-Id=001E310008CC User-Name=wi...@zte.com X-Ascend-Session-Svr-Key=0123456789 NAS-IP-Address=100.1.6.4 NAS-Identifier=CATR WiMAX-DM-Action-Code=0x WiMAX-AAA-Session-Id=0002 --- I don’t know how to solve this problem, can you please give any suggestions? Thanks a lot! Xiaochen @ a WiMAX Lab - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: (err=2)! (Shared secret is incorrect.)
The shared secret is the password that clients use to connect to the RADIUS server. It's located in the client.conf file in your freeradius configuration directory. Note, that this shared secret is used to secure RADIUS traffic. User names and passwords of users which are authenticating via EAP are stored in the users file. -- Jason Wittlin-Cohen Yale Law School, Class of 2010 [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[2]: (err=2)! (Shared secret is incorrect.)
Title: Re[2]: (err=2)! (Shared secret is incorrect.) Jason, thank you for you prompt reply but i've already solved the problem withRe[2]: (err=2)! (Shared secret is incorrect.) But i met another one like this: 'rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=194, length=20' i think that the problem is in users file, but just now can not understand where exactly... Can you please help me with it? have a good day, ilya ilya vishnyov billing department baykalwestcom 68, 2-zheleznodorozhnaya str., irkutsk, 664005, russia gsm: +7 9025 113 992 e-mail: [EMAIL PROTECTED] icq #: 988-0-229 The shared secret is the password that clients use to connect to the RADIUS server. It's located in the "client.conf" file in your freeradius configuration directory. Note, that this shared secret is used to secure RADIUS traffic. User names and passwords of users which are authenticating via EAP are stored in the "users" file. -- Jason Wittlin-Cohen Yale Law School, Class of 2010 [EMAIL PROTECTED] radius.log Description: Binary data - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: (err=2)! (Shared secret is incorrect.)
for example:
clients.conf file:
client 192.168.1.0/24 {
secret= cisco
shortname = not_important
}
users file:
username Cleartext-password:=pasSw0rd
for test it local uncomment this section in clients.conf(if it is
commented):
client localhost {
ipaddr=127.0.0.1
secret= testing123
}
and test it like this(on the server local): radtest username pasSw0rd
localhost 0 testing123
Gabor
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re[2]: (err=2)! (Shared secret is incorrect.)
You say you read the FAQ. Did you see this: http://wiki.freeradius.org/FAQ#It_still_doesn.27t_work.21 Ivan Kalik Kalik Informatika ISP Jason, thank you for you prompt reply but i've already solved the problem with Re[2]: (err=2)! (Shared secret is incorrect.) But i met another one like this: 'rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=194, length=20 ' i think that the problem is in users file, but just now can not understand where exactly... Can you please help me with it? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(err=2)! (Shared secret is incorrect.)
i've read FAQ Hello i've got Linux 2.6.9-22 and freeRADIUS server v.2.1.1. I have the following problem - when i start radius in debuging mode it returns me the next message: rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=195, length=20 rad_verify: Received Access-Reject packet from client 127.0.0.1 port 1812 with invalid signature (err=2)! (Shared secret is incorrect.) [EMAIL PROTECTED] ~]# i tried to solve this problem by reading FAQ but without any success Because i can not find something like Login failed [user/password] . in log file (attached). Please can anyone help me? Great thanks in advance! have a good day, ilya ilya vishnyov billing department baykalwestcom 68, 2-zheleznodorozhnaya str., irkutsk, 664005, russia gsm: +7 9025 113 992 e-mail: [EMAIL PROTECTED] icq #: 988-0-229 radius.log Description: Binary data - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: (err=2)! (Shared secret is incorrect.)
Fedora 4, freeradius 1.0.4On 1/6/06, Wolfgang Rosenauer [EMAIL PROTECTED] wrote: On 2006-01-06 at 12:51:51 -0800, Richard Marriner II wrote (shortened): I have setup freeradius to authincate against my postgresql database. But I am getting odd errors about my secrets. They are the same every where. Can someone help me out with this? Here is the output from my login attempt: rad_recv: Access-Reject packet from host 127.0.0.1:1645 http://127.0.0.1:1645, id=184, length=20 rad_decode: Received Access-Reject packet from 127.0.0.1:1645 http://127.0.0.1:1645 with invalid signature (err=2)!(Shared secret is incorrect.) Sending Access-Request of id 185 to 127.0.0.1:1645 http://127.0.0.1:1645 User-Name = chrisr User-Password = test1 NAS-IP-Address = scooby Here is the logs from my radius.log file: Fri Jan6 09:11:42 2006 : Auth: Login incorrect: [chrisr/\362\354A2\317\227\374\237\273J\300-#\373\217] (from client localhost port 0) Fri Jan6 09:11:45 2006 : Auth: Login incorrect: [chrisr/\357U*\345\330sG\353\3417-F\226\005\327] (from client localhost port 0) Fri Jan6 09:11:48 2006 : Auth: Login incorrect: [chrisr/5\315\237\373\3417r\344\300J\255\363] (from client localhost port 0)just to make sure:Which version of FreeRadius do you use on which platform? Wolfgang-List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html-- Jonathan CarpenterLinux System AdministratorWindows System Administrator The Unix Geek - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(err=2)! (Shared secret is incorrect.)
I have setup freeradius to authincate against my postgresql database. But I am getting odd errors about my secrets. They are the same every where. Can someone help me out with this? Here is the output from my login attempt: rad_recv: Access-Reject packet from host 127.0.0.1:1645, id=184, length=20 rad_decode: Received Access-Reject packet from 127.0.0.1:1645 with invalid signature (err=2)! (Shared secret is incorrect.) Sending Access-Request of id 185 to 127.0.0.1:1645 User-Name = chrisr User-Password = test1 NAS-IP-Address = scooby Here is the logs from my radius.log file: Fri Jan 6 09:11:42 2006 : Auth: Login incorrect: [chrisr/\362\354A2\317\227\374\237\273J\300-#\373\217] (from client localhost port 0) Fri Jan 6 09:11:45 2006 : Auth: Login incorrect: [chrisr/\357U*\345\330sG\353\3417-F\226\005\327] (from client localhost port 0) Fri Jan 6 09:11:48 2006 : Auth: Login incorrect: [chrisr/5\315\237\373\3417r\344\300J\255\363] (from client localhost port 0) Thanks,-- Jonathan CarpenterLinux System AdministratorWindows System AdministratorThe Unix Geek - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: (err=2)! (Shared secret is incorrect.)
Jonathan Carpenter [EMAIL PROTECTED] wrote: I have setup freeradius to authincate against my postgresql database. But I am getting odd errors about my secrets. They are the same every where. Can someone help me out with this? Fix the shared secret? What part of that error message is unclear? Here is the logs from my radius.log file: sigh I guess it's impossible to use debug mode. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: (err=2)! (Shared secret is incorrect.)
On 1/6/06, Jonathan Carpenter [EMAIL PROTECTED] wrote: Yes, I finally found out what was causing the issue. But now I am having problems and I do not have any error messages. Now I am really lost. Here is what I get when I try to authincate: Re-sending Access-Request of id 82 to 127.0.0.1:1812 User-Name = test User-Password = \255`-(d\246\021;@\215?\325Lp\246\202 NAS-IP-Address = scooby NAS-Port = 1645 radclient: no response from server for ID 82 Nothing ever shows up on my /var/log/radius/radius.log and everytime I try to authincate the last line of radclient: no response from server for ID ? the ID # changes everytime I try. The only tables I have data in is the radcheck table is: id | username | attribute | op | value +--+---++--- 1 | test | User-Password | == | test Should I have more data in my database? On 1/6/06, Richard Marriner II [EMAIL PROTECTED] wrote: Make sure you have a client config for 127.0.0.1 instead of your actualIP address in the clients.conf config file and that the secret for it is the same as your other clients.. Jonathan Carpenter wrote: I have setup freeradius to authincate against my postgresql database. But I am getting odd errors about my secrets. They are the same every where. Can someone help me out with this? Here is the output from my login attempt: rad_recv: Access-Reject packet from host 127.0.0.1:1645 http://127.0.0.1:1645 , id=184, length=20 rad_decode: Received Access-Reject packet from 127.0.0.1:1645 http://127.0.0.1:1645 with invalid signature (err=2)!(Shared secret is incorrect.) Sending Access-Request of id 185 to 127.0.0.1:1645 http://127.0.0.1:1645 User-Name = chrisr User-Password = test1 NAS-IP-Address = scooby Here is the logs from my radius.log file: Fri Jan6 09:11:42 2006 : Auth: Login incorrect: [chrisr/\362\354A2\317\227\374\237\273J\300-#\373\217] (from client localhost port 0) Fri Jan6 09:11:45 2006 : Auth: Login incorrect: [chrisr/\357U*\345\330sG\353\3417-F\226\005\327] (from client localhost port 0) Fri Jan6 09:11:48 2006 : Auth: Login incorrect: [chrisr/5\315\237\373\3417r\344\300J\255\363] (from client localhost port 0) Thanks, -- Jonathan Carpenter Linux System Administrator Windows System Administrator The Unix Geek-List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html--Richard Marriner IIMaingear.NetSr. Network ConsultantI.T. Consulting [EMAIL PROTECTED] www.maingear.net-List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Jonathan CarpenterLinux System AdministratorWindows System AdministratorThe Unix Geek -- Jonathan CarpenterLinux System AdministratorWindows System AdministratorThe Unix Geek - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: (err=2)! (Shared secret is incorrect.)
Yes, I finally found out what was causing the issue. But now I am having problems and I do not have any error messages. Now I am really lost. Here is what I get when I try to authincate: Re-sending Access-Request of id 82 to 127.0.0.1:1812 User-Name = test User-Password = \255`-(d\246\021;@\215?\325Lp\246\202 NAS-IP-Address = scooby NAS-Port = 1645 radclient: no response from server for ID 82 Nothing ever shows up on my /var/log/radius/radius.log and everytime I try to authincate the last line of radclient: no response from server for ID ? the ID # changes everytime I try. The only tables I have data in is the radcheck table is: id | username | attribute | op | value +--+---++--- 1 | test | User-Password | == | test Should I have more data in my database? On 1/6/06, Richard Marriner II [EMAIL PROTECTED] wrote: Make sure you have a client config for 127.0.0.1 instead of your actualIP address in the clients.conf config file and that the secret for it isthe same as your other clients.. Jonathan Carpenter wrote: I have setup freeradius to authincate against my postgresql database. But I am getting odd errors about my secrets. They are the same every where. Can someone help me out with this? Here is the output from my login attempt: rad_recv: Access-Reject packet from host 127.0.0.1:1645 http://127.0.0.1:1645 , id=184, length=20 rad_decode: Received Access-Reject packet from 127.0.0.1:1645 http://127.0.0.1:1645 with invalid signature (err=2)!(Shared secret is incorrect.) Sending Access-Request of id 185 to 127.0.0.1:1645 http://127.0.0.1:1645 User-Name = chrisr User-Password = test1 NAS-IP-Address = scooby Here is the logs from my radius.log file: Fri Jan6 09:11:42 2006 : Auth: Login incorrect: [chrisr/\362\354A2\317\227\374\237\273J\300-#\373\217] (from client localhost port 0) Fri Jan6 09:11:45 2006 : Auth: Login incorrect: [chrisr/\357U*\345\330sG\353\3417-F\226\005\327] (from client localhost port 0) Fri Jan6 09:11:48 2006 : Auth: Login incorrect: [chrisr/5\315\237\373\3417r\344\300J\255\363] (from client localhost port 0) Thanks, -- Jonathan Carpenter Linux System Administrator Windows System Administrator The Unix Geek-List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html--Richard Marriner IIMaingear.NetSr. Network ConsultantI.T. Consulting[EMAIL PROTECTED] www.maingear.net-List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Jonathan CarpenterLinux System AdministratorWindows System AdministratorThe Unix Geek - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: (err=2)! (Shared secret is incorrect.)
On 2006-01-06 at 12:51:51 -0800, Richard Marriner II wrote (shortened): I have setup freeradius to authincate against my postgresql database. But I am getting odd errors about my secrets. They are the same every where. Can someone help me out with this? Here is the output from my login attempt: rad_recv: Access-Reject packet from host 127.0.0.1:1645 http://127.0.0.1:1645, id=184, length=20 rad_decode: Received Access-Reject packet from 127.0.0.1:1645 http://127.0.0.1:1645 with invalid signature (err=2)! (Shared secret is incorrect.) Sending Access-Request of id 185 to 127.0.0.1:1645 http://127.0.0.1:1645 User-Name = chrisr User-Password = test1 NAS-IP-Address = scooby Here is the logs from my radius.log file: Fri Jan 6 09:11:42 2006 : Auth: Login incorrect: [chrisr/\362\354A2\317\227\374\237\273J\300-#\373\217] (from client localhost port 0) Fri Jan 6 09:11:45 2006 : Auth: Login incorrect: [chrisr/\357U*\345\330sG\353\3417-F\226\005\327] (from client localhost port 0) Fri Jan 6 09:11:48 2006 : Auth: Login incorrect: [chrisr/5\315\237\373\3417r\344\300J\255\363] (from client localhost port 0) just to make sure: Which version of FreeRadius do you use on which platform? Wolfgang - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
