[Chilli] CoovaChilli uam secret / RADIUS secret causing random corrupt user passwords
Luis Ferreira
lferreira at cabocom.cv
Tue Apr 29 10:01:04 UTC 2014
Hi James,
What you are experiencing is not a random error. When you see that on radius
log, it means a wrong CHAP Challenge.
With us, it happens when a subscriber opens 2 login pages, but try to make
the login with the 1th one. For chilli and Radius, the correct CHAP
challenge is the second one (most recent for that IP), meaning that the
request being sent is not "readable/decrypted" by radius.
Check with the subscriber for several login pages being open, background
software that might use port 80 (causing login pages to popup), etc...
Luis Ferreira
-----Mensagem original-----
De: chilli-bounces at coova.org [mailto:chilli-bounces at coova.org] Em nome de
james at purple.so
Enviada: 29 de abril de 2014 06:06
Para: chilli at coova.org
Assunto: [Chilli] CoovaChilli uam secret / RADIUS secret causing random
corrupt user passwords
Hi All
We have a random problem that keeps showing up.
We have CoovaChilli configured to use a uam secret and radius secret as
normal, but randomly, we will have a user who tried to log on be rejected by
our FreeRADIUS server because of what appears to be a garbage/corrupt
password. Looking online this indicates that either the shared secret or
uamsecret is incorrect, but they are definitely correct, and all others
users can log on 99% of this time, so it's just random.
We can even have one user rejected and then another one who logs on straight
after with no issue, so the secrets must be correct.
Looking in our radius logs shows the garbage password, like:
User / Pass / Reply / Date
myusername / B=C2=D4=D0=0B=F9=EB=C8d=7E=A3=C0=E6=7CY=FAF=95=D6= /
Access-Reject / 2014-04-28 21:03:51
myusername2 / =04=DFH4:J=C9z=C8=8A=3D=82=C1=C9=DA2W=8D=19=60=3CN /
Access-Reject / 2014-04-28 21:03:52
Normal login show the expected password.
Can anyone shed any further light?
Thanks
James
_______________________________________________
Chilli mailing list
Chilli at coova.org
http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
More information about the Chilli
mailing list