Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1180
Views
0
Helpful
3
Replies

CoA Session Query and invalid signature (err=2)!

kirancisco
Level 1
Level 1

‎11-16-2011 11:00 AM - edited ‎03-10-2019 06:33 PM

  1. When the portal/radius client sends a CoA-Req (session query); the ISG responds with a CoA-ACK however the portal receives an error message stating   “rad_verify: Received CoA-ACK packet from client 172.X.X.X port 3799 with invalid signature (err=2)!  (Shared secret is incorrect.)
  2. The same happens when the a CoA-Re (session query) is sent from the Radius Client with an invalid/non-existing portbundle number.

We were expecting an ACK in the first and a NAK in the second case!

Did any one see this before? Please provide inputs if any?

Thanks!

Labels:
0 Helpful
3 Replies 3

Tarik Admani
VIP Alumni
VIP Alumni

‎11-16-2011 03:49 PM

Please open a TAC case to have this issue looked at.

0 Helpful

kirancisco
Level 1
Level 1
In response to Tarik Admani

‎11-16-2011 07:33 PM

Thank You Admani, I have already done that but just wanted to know if anyone else noticed the same and have a solution if any?

0 Helpful

kirancisco
Level 1
Level 1

‎01-23-2012 02:10 PM

This seems to be a known bug and the work aroud is to add radius-server attribute 4 in the config.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents