Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 3:20 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Sat Oct 13, 2012 6:07 pm 
Offline

Joined: Sat Oct 13, 2012 5:39 pm
Posts: 1
I have done the setup according to the instruction for YubiRADIUS Virtual Appliance version 3.5.3 but have a problem to verify my radius-settings. I can validate OTP and ping localhost from the YubiRADIUS server.

When i try to verify my settings withh RadTest I get the following result:
Code:
RadTest Response:  Failed!
rad_verify: Received Access-Reject packet from home server 127.0.0.1 port 1812 with invalid signature!  (Shared secret is incorrect.)
rad_verify: Received Access-Reject packet from home server 127.0.0.1 port 1812 with invalid signature!  (Shared secret is incorrect.)
rad_verify: Received Access-Reject packet from home server 127.0.0.1 port 1812 with invalid signature!  (Shared secret is incorrect.)
radclient: no response from server for ID 139 socket 3
Sending Access-Request of id 139 to 127.0.0.1 port 1812
   User-Name = "xxxx.yyy"
   User-Password = "XXXXXXXyyyyyyyyyyyyyyyyyyyyyyyyyyyy"
   NAS-IP-Address = 127.0.0.1
   NAS-Port = 0
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=139, length=20
Sending Access-Request of id 139 to 127.0.0.1 port 1812
   User-Name = "xxxx.yyy"
   User-Password = "XXXXXXXyyyyyyyyyyyyyyyyyyyyyyyyyyyy"
   NAS-IP-Address = 127.0.0.1
   NAS-Port = 0
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=139, length=20
Sending Access-Request of id 139 to 127.0.0.1 port 1812
   User-Name = "xxxx.yyy"
   User-Password = "XXXXXXXyyyyyyyyyyyyyyyyyyyyyyyyyyyy"
   NAS-IP-Address = 127.0.0.1
   NAS-Port = 0
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=139, length=20

I have set my shared secret for the following networks, 127.0.0.1 network was for debugging purposes:
Code:
127.0.0.1/24   2012-10-13 18:29:27   
192.168.1.0/24   2012-10-13 18:18:04

The freeradius log is almost empty, I have checked that I have logging enabled.
Code:
/var/log/freeradius/radius.log
Sat Oct 13 18:29:27 2012 : Info: Exiting normally.
Sat Oct 13 18:29:27 2012 : Info: Loaded virtual server inner-tunnel
Sat Oct 13 18:29:27 2012 : Info: Loaded virtual server <default>
Sat Oct 13 18:29:27 2012 : Info: Ready to process requests.

The three logfiles yk*.log contain no or no usable information.

I have also tried with an external radius client on the 192.168.1.0/24 network with the following result:
Code:
RADIUS access denied


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Mon Oct 15, 2012 3:22 pm 
Offline
Yubico Team
Yubico Team

Joined: Mon Feb 22, 2010 9:49 am
Posts: 183
Hello,

It seems that you have not provided the right shared secret to the radtest.

Please make sure your clients.conf should have the shared secret entry as per your radtest.

Eg.
client 127.0.0.1 {
secret = xxxxx
shortname = 1_127.0.0.1
}

If you are still facing the same issue, please write to "support@yubico.com" along with error screenshot and log details.

Thanks and best regards,
Samir.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group