rad_verify: Received Disconnect-ACK packet from home server with invalid signature! (Shared secret is incorrect.) for CoA, and PoD
Alan DeKok
aland at deployingradius.com
Wed Sep 7 15:45:58 CEST 2011
Martin wrote:
> This is the debug output of radclient command:
>
> echo "User-Name='{am=1}543B4DAC6723E8BB0156BA2BBDE133DB at alvarion.ro',
> WiMAX-AAA-Session-Id =
> 18ed983f3c2371c6f4bc692e0c89dffe,Calling-Station-Id = 00-17-c4-3d-41-ea"
> | /usr/local/freeradius2.10/bin/radclient -c '1' -n '3' -r '3' -t '3' -s
> -xx '192.168.60.122:3799' 'disconnect' 'secret' 2>&1
You really don't need '' around everything.
> Sending Disconnect-Request of id 117 to 192.168.60.122 port 3799
> User-Name = "{am=1}543B4DAC6723E8BB0156BA2BBDE133DB at alvarion.ro"
> WiMAX-AAA-Session-Id =
> 0x3138656439383366336332333731633666346263363932653063383964666665
> Calling-Station-Id = "00-17-c4-3d-41-ea"
> rad_recv: Disconnect-ACK packet from host 192.168.60.122 port 3799,
> id=117, length=20
> rad_verify: Received Disconnect-ACK packet from home server
> 192.168.60.122 port 3799 with invalid signature! (Shared secret is
> incorrect.)
So use the *correct* shared secret.
> In radius log there is nothing related to this
It doesn't show the server receiving a Disconnect-Request?
It doesn't show the shared secret for the client IP address? You
can't use that shared secret in the "radclient" command above?
Alan DeKok.
More information about the Freeradius-Users
mailing list