Debain

Jed Gainer jedgainer at gmail.com
Mon Dec 23 18:51:54 CET 2013 

I have just made a switch from Arch Linux to Debian because Arch Linux has
started using FR 3.x which does not support my SQL counters. I am running
into issues getting CoovaChilli to work with FreeRADIUS I keep getting the
following:

Ready to process requests.
rad_recv: Accounting-Request packet from host 127.0.0.1 port 50139, id=0,
length=173
Received Accounting-Request packet from client 127.0.0.1 with invalid
signature!  (Shared secret is incorrect.) Dropping packet without response.
Going to the next request
Waking up in 0.9 seconds.
Cleaning up request 0 ID 0 with timestamp +7
Ready to process requests.
rad_recv: Accounting-Request packet from host 127.0.0.1 port 50139, id=0,
length=173
Received Accounting-Request packet from client 127.0.0.1 with invalid
signature!  (Shared secret is incorrect.) Dropping packet without response.
Going to the next request
Waking up in 0.9 seconds.
Cleaning up request 1 ID 0 with timestamp +18
Ready to process requests.
rad_recv: Accounting-Request packet from host 127.0.0.1 port 50139, id=0,
length=173
Received Accounting-Request packet from client 127.0.0.1 with invalid
signature!  (Shared secret is incorrect.) Dropping packet without response.
Going to the next request
Waking up in 0.9 seconds.
Cleaning up request 2 ID 0 with timestamp +28
Ready to process requests.

But the shared secret is the same in both the NAS and FR:

root at hotspot2:/etc/freeradius# cat clients.conf | grep secret
        #  The shared secret use to "encrypt" and "sign" packets between
        #  the NAS and FreeRADIUS.  You MUST change this secret from the
        #  default, otherwise it's not a secret any more!
        #  The secret can be any string, up to 8k characters in length.
        #  depends COMPLETELY on this secret!  We recommend using a
        #  shared secret that is composed of:
        #  length.  The secret MUST be random, and should not be words,
        #  The default secret below is only for testing, and should
        secret          = z6B3YT1B57rX9Bkwzqc9QSldGQDKXpDS
#       secret          = testing123
#       secret          = testing123
#       secret          = testing123
#  You can now specify one secret for a network of clients.
#       secret          = testing123-1
#       secret          = testing123-2
#       # secret and password are mapped through the "secrets" file.
#       secret      = testing123
#               secret = testing123
root at hotspot2:/etc/freeradius#

root at hotspot2:/etc/chilli# cat config | grep HS_RADSECRET
HS_RADSECRET=z6B3YT1B57rX9Bkwzqc9QSldGQDKXpDS
# HS_RADPROXY_SECRET=$HS_RADSECRET
root at hotspot2:/etc/chilli#

Any ideas?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131223/b72a1841/attachment.html>

More information about the Freeradius-Users mailing list