<span style>Hello gents,</span><div style><br></div><div style>I've been trying to solve this problem for a couple of days now. I'm asking for your expert advise since I'm not getting anywhere near a solution:</div>
<div style><br></div><div style>The problem is when FreeRADIUS receives a Accounting-Request it drops the packet without response due to a problem with the signature:</div><div style><br></div><div style><div><font face="'courier new', monospace">rad_recv: Accounting-Request packet from host x.x.x.x port 64514, id=1, length=287</font></div>
<div><font face="'courier new', monospace">Received Accounting-Request packet from x.x.x.x with invalid signature! (Shared secret is incorrect.) Dropping packet without response.</font></div></div><div style><div style="font-family:arial,sans-serif">
<br></div><div style="font-family:arial,sans-serif"><font face="arial, helvetica, sans-serif">The Access-Request are ok:</font></div><div style="font-family:arial,sans-serif"><font face="arial, helvetica, sans-serif"><br>
</font></div><div style="font-family:arial,sans-serif"><div><font face="'courier new', monospace">rad_recv: Access-Request packet from host x.x.x.x port 64986, id=236, length=102</font></div><div><font face="'courier new', monospace"> User-Name = "test"</font></div>
<div><font face="'courier new', monospace"> User-Password = "\2517Rq\2308Uv\"\204\220\341\377\244(\363"</font></div><div><font face="'courier new', monospace"> NAS-IP-Address = x.x.x.x</font></div>
<div><font face="'courier new', monospace"> NAS-Identifier = "NPR_GGSN_01"</font></div><div><font face="'courier new', monospace"> Called-Station-Id = "<a href="http://wap1.btcbahamas.com/" target="_blank" style="color:rgb(17,85,204)">wap1.btcbahamas.com</a>"</font></div>
<div><font face="'courier new', monospace"> Framed-Protocol = GPRS-PDP-Context</font></div><div><font face="'courier new', monospace"> Service-Type = Framed-User</font></div><div><font face="'courier new', monospace"> NAS-Port-Type = Virtual</font></div>
<div><font face="'courier new', monospace">+- entering group authorize {...}</font></div><div><font face="'courier new', monospace">++[preprocess] returns ok</font></div><div><font face="'courier new', monospace">++[chap] returns noop</font></div>
<div><font face="'courier new', monospace">++[mschap] returns noop</font></div></div><div style="font-family:arial,sans-serif"><div><font face="'courier new', monospace">[suffix] No '@' in User-Name = "test", looking up realm NULL</font></div>
<div><font face="'courier new', monospace">[suffix] No such realm "NULL"</font></div><div><font face="'courier new', monospace">++[suffix] returns noop</font></div><div><font face="'courier new', monospace">[eap] No EAP-Message, not doing EAP</font></div>
<div><font face="'courier new', monospace">++[eap] returns noop</font></div><div><font face="'courier new', monospace">++[unix] returns notfound</font></div><div><font face="'courier new', monospace">[files] users: Matched entry DEFAULT at line 61</font></div>
<div><font face="'courier new', monospace">++[files] returns ok</font></div><div><font face="'courier new', monospace">++[expiration] returns noop</font></div><div><font face="'courier new', monospace">++[logintime] returns noop</font></div>
<div><font face="'courier new', monospace">[pap] Found existing Auth-Type, not changing it.</font></div><div><font face="'courier new', monospace">++[pap] returns noop</font></div><div><font face="'courier new', monospace">Found Auth-Type = Accept</font></div>
<div><font face="'courier new', monospace">Auth-Type = Accept, accepting the user</font></div><div><font face="'courier new', monospace">+- entering group post-auth {...}</font></div><div><font face="'courier new', monospace">++[exec] returns noop</font></div>
<div><font face="'courier new', monospace">Sending Access-Accept of id 236 to x.x.x.x port 64986</font></div><div style="font-family:arial,helvetica,sans-serif"><br></div></div><div style="font-family:arial,helvetica,sans-serif">
The shared secret key has special characters in it such as $-sign and /-sign.</div><div style="font-family:arial,helvetica,sans-serif"><br></div><div style="font-family:arial,helvetica,sans-serif">The client is a Juniper NAS.</div>
<div style="font-family:arial,helvetica,sans-serif"><br></div><div style="font-family:arial,helvetica,sans-serif">These are the questions I have:</div><div style="font-family:arial,sans-serif"><ul><li style="margin-left:15px">
<font face="arial, helvetica, sans-serif">Any issues with FreeRADIUS Accounting-Request in combination with a secret key containing special characters?</font></li><li style="margin-left:15px"><font face="arial, helvetica, sans-serif">Why is the access-request having no issues with these special characters?</font></li>
<li style="margin-left:15px"><font face="arial, helvetica, sans-serif">Anyone bumped into a similar problems in combination with a juniper NAS</font></li><li style="margin-left:15px"><span style="font-family:arial,helvetica,sans-serif">Is there a way to figure out the secret-key the client is using?</span><br>
</li></ul><div><span style="font-family:arial,helvetica,sans-serif">Thank you.</span><br></div></div><div style="font-family:arial,sans-serif"><font face="arial, helvetica, sans-serif"><br></font></div><div style="font-family:arial,sans-serif">
<font face="arial, helvetica, sans-serif">Regards,</font></div><div style="font-family:arial,sans-serif"><font face="arial, helvetica, sans-serif">Shurbann Martes</font></div></div>