receives 1 request --> proxy 2 requests?

Torsten Förster snapman at freenet.de
Tue Jul 7 15:54:34 CEST 2009 

Hi there,
 
i installed a new server with ubuntu 8.04 lts and
freeradius 2.1.0
behind this radius are 2 other radius-server (failover)
after configuration i always get an error-message after
succesfull login of an user.
 
Error: Received Accounting-Response packet from client
x.x.xx port 1813 with invalid signature (err=2)!  (Shared
secret is incorrect.) Dropping packet without response.
...after 30 sec. again
 
this is the debug:
rad_recv: Accounting-Request packet from host x.x.x.x port
3989, id=185, length=135
        User-Name = \"111111 at test\"
        NAS-Port = 1967
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Address = 172.x.x.x
        Class = 0x346d613475
        Calling-Station-Id = \"x.x.x.x\"
        Acct-Status-Type = Start
        Acct-Session-Id = \"DB900337\"
        Tunnel-Client-Endpoint:0 = \"x.x.x.x\"
        Acct-Authentic = RADIUS
        Acct-Delay-Time = 0
        NAS-IP-Address = 172x.x.x
        NAS-Port-Type = Virtual
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] Hashing \'NAS-Port = 1967,Client-IP-Address =
172.x.x.x,NAS-IP-Address = 172.x.x.x,Acct-Session-Id =
\"DB900337\",User-Name = \"111111 at test\"\'
[acct_unique] Acct-Unique-Session-ID =
\"a6246460a4bd5acf\".
++[acct_unique] returns ok
[suffix] Looking up realm \"test\" for User-Name =
\"111111 at test\"
[suffix] Found realm \"test\"
[suffix] Adding Realm = \"test\"
[suffix] Proxying request from user 111111 to realm test
[suffix] Preparing to proxy accounting request to realm
\"test\"
++[suffix] returns updated
[prefix] Request already proxied.  Ignoring.
++[prefix] returns ok
++[files] returns noop
+- entering group accounting {...}
        expand:
/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d
-> /var/log/freeradius/radacct/172.x.x.x/detail-20090707
[detail]
/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to
/var/log/freeradius/radacct/172.x.x.x/detail-20090707
        expand: %t -> Tue Jul  7 13:42:39 2009
++[detail] returns ok
        expand: /var/log/freeradius/radutmp ->
/var/log/freeradius/radutmp
        expand: %{User-Name} -> 111111 at test
++[radutmp] returns ok
        expand: %{User-Name} -> 111111 at test
 attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
Sending Accounting-Request of id 252 to 172.y.y.y port 1813
        User-Name = \"111111 at test\"
        NAS-Port = 1967
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Address = 172.x.x.x
        Class = 0x346d613475
        Calling-Station-Id = \"x.x.x.x\"
        Acct-Status-Type = Start
        Acct-Session-Id = \"DB900337\"
        Tunnel-Client-Endpoint:0 = \"x.x.x.x\"
        Acct-Authentic = RADIUS
        Acct-Delay-Time = 0
        NAS-IP-Address = 172x.x.x
        NAS-Port-Type = Virtual
        Proxy-State = 0x313835
Proxying request 0 to home server 172.y.y.y port 1813
Sending Accounting-Request of id 252 to 172.y.y.y port 1813
        User-Name = \"111111 at test\"
        NAS-Port = 1967
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Address = 172.x.x.x
        Class = 0x346d613475
        Calling-Station-Id = \"x.xx.x\"
        Acct-Status-Type = Start
        Acct-Session-Id = \"DB900337\"
        Tunnel-Client-Endpoint:0 = \"x.x.x.x\"
        Acct-Authentic = RADIUS
        Acct-Delay-Time = 0
        NAS-IP-Address = 172.x.x.x
        NAS-Port-Type = Virtual
        Proxy-State = 0x313835
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Accounting-Response packet from host 172.y.y.y
port 1813, id=252, length=140
Received Accounting-Response packet from client 172.y.y.y
port 1813 with invalid signature (err=2)!  (Shared secret is
incorrect.) Dropping packet without response.
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Accounting-Request packet from host 172.x.x.x
port 3989, id=185, length=135
Sending duplicate reply to client XXX port 3989 - ID: 185
Cleaning up request 0 ID 185 with timestamp +6
Ready to process requests.
 
Is the second Accounting-Request the normal way? for me it
looks like a  repeat of the request.
 
thanks!




#adBox3 {display:none;}


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090707/60bd6dc3/attachment.html>

More information about the Freeradius-Users mailing list