usr-hiper and freeradius 2.1.5 accounting problem

haries fajar nugroho hariesfn at gmail.com
Fri May 22 04:00:20 CEST 2009


Hi All,

I wanna migrate my radius server from icradius to freeradius 2.1.5. i
have two ras modem for my nas (patton and usr-hiper).
When I do some migration simulation, client that connect from patton
goes normally (authentication,accounting,authorization).
But when they use usr-hiper (system version :V5.1.6/Non-Encr), the
client could connect to the network but the accounting goes wrong.

In my freeradius debugging mode, the error message was :
rad_recv: Accounting-Request packet from host x.x.x.x (* encrypted ip)
port 1646, id=63, length=405
Received Accounting-Request packet from x.x.x.x (* encrypted ip) with
invalid signature!  (Shared secret is incorrect.) Dropping packet
without response.
Going to the next request
Waking up in 0.9 seconds.

The usr-hiper accounting settings :

HiPer>> sh accounting

RADIUS ACCOUNTING SETTINGS
The Primary Server Status is:              ENABLED
Primary Server is:                         x.x.x.x(* encrypted ip)
Primary First Backup Server is:            0.0.0.0
Primary Second Backup Server is:           0.0.0.0
Primary Destination Port is:               1648
Primary First Backup Destination Port:     1646
Primary Second Backup Destination Port:    1646
Primary Preference:                        1
Primary First Backup Preference:           2
Primary Second Backup Preference:          3
Max Primary Retransmissions:               0
The Secondary Server Status is:            ENABLED
Secondary Server is:                       0.0.0.0
Secondary First Backup Server is:          0.0.0.0
Secondary Second Backup Server is:         0.0.0.0
Secondary Destination Port is:             1646
Secondary First Backup Destination Port:   1646
Secondary Second Backup Destination Port:  1646
Secondary Preference :                     1
Secondary First Backup Preference:         2
Secondary Second Backup Preference:        3

What I have tried to solve it :
1. I've tried to make multi port for accounting packet (1646 & 1648),
because i thought that the error message refer to wrong accounting
port.
But the accounting still wrong.

2. I've tried to use default freeradius secret at the freeradius side
with testing123 without changing the secret at the ras modem. But
still failed.


Do you have another solution ?

Thanks before :)



More information about the Freeradius-Users mailing list