MikroTik

Posted: **Thu Jul 31, 2008 2:14 am**

I'm having trouble with PoD.

root@nabuco:~# echo "User-Name := eduardo" | radclient -x 192.168.2.100 disconnect secret
Sending Disconnect-Request of id 23 to 192.168.2.100 port 1700
User-Name := "eduardo"
rad_recv: Disconnect-ACK packet from host 192.168.2.100 port 1700, id=23, length=34
rad_verify: Received Disconnect-ACK packet from client 192.168.2.100 port 1700 with invalid signature (err=2)! (Shared secret is incorrect.)
Sending Disconnect-Request of id 23 to 192.168.2.100 port 1700
User-Name := "eduardo"
rad_recv: Disconnect-NAK packet from host 192.168.2.100 port 1700, id=23, length=40
rad_verify: Received Disconnect-NAK packet from client 192.168.2.100 port 1700 with invalid signature (err=2)! (Shared secret is incorrect.)

When I run the radclient command, Mikrotik drops the connection and returns an ACK. But somewhere in the process, something goes wrong and the radclient try to send again the PoD, but the connection is already dropped and it goes into a loop.

I don't know what can be this. The secret is correct. I tried to change the localhost secret to, now they are the same (localhost and mikrotik).

Posted: **Fri Aug 01, 2008 1:22 am**

??

The command disconnected the client successfully, but after that it started to get loop errors. But it 'worked'.

In other topics I have read that it worked well. Only CoA does not work with PPPoE, but with Hotspots works nice.

Thanks for the answer.

Posted: **Sat Aug 09, 2008 12:53 am**

Is there any documentation somewhere on how the disconnect message is used? I haven't been able to dig anything up.

Posted: **Mon Jan 26, 2009 4:22 am**

RouterOS doesn't support POD (Packet of Disconnect) the other RADIUS access request packet that performs a similar function as Disconnect Message.

Is there any chance to support this option. It is very important and I believe it will be useful

Until that day, I need to hack freeRadius with

#cat packet.txt | radclient -r 1 192.168.1.1:1700 disconnect secret

Notice

-r 1

which means retry only once and give up.

Posted: **Mon Jan 26, 2009 6:52 am**

rad_verify: Received Disconnect-ACK packet from client 192.168.2.100 port 1700 with invalid signature (err=2)! (Shared secret is incorrect.)

I'll sort that bit out before even going any further with this...

Posted: **Mon Jan 26, 2009 7:04 am**

And just FYI - I suggest you read a few RFC documents. You need to send the NAS more information than just the User-Name. Please see the post at http://forum.mikrotik.com/viewtopic.php ... disconnect where it was discussed and imlpemented successfully, when MT introduced the radius listener into MT.

From experience, you can definately disconnect PPPoE connections from within Radius using a Disconnect Message as Normis said, not a POD.

Posted: **Thu Feb 12, 2009 11:57 am**

is the problem solved? if yes write how please
i have same problem

Posted: **Sun Jun 21, 2009 2:44 am**

No it is not solved...

Use my trick shown above ...

Another option is to use Mtik API...

MikroTik

PPPoE + freeradius + PoD Problem

PPPoE + freeradius + PoD Problem

Re: PPPoE + freeradius + PoD Problem

Re: PPPoE + freeradius + PoD Problem

Re: PPPoE + freeradius + PoD Problem

Re: PPPoE + freeradius + PoD Problem

Re: PPPoE + freeradius + PoD Problem

Re: PPPoE + freeradius + PoD Problem

Re: PPPoE + freeradius + PoD Problem