Problems registering OpenWRT in Controller OpenWisp
986 views
Skip to first unread message
Alberto Crespo
Mar 22, 2017, 10:38:51 AM3/22/17
to OpenWISP
Hi everybody.
I am using the Unifi AP Lite ( https://wiki.openwrt.org/toh/hwdata/ubiquiti/ubiquiti_unifi_apac_lite ) which uses OpenWRT version Trunk version ( https://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/openwrt-ar71xx-generic-ubnt-unifiac-lite-squashfs-sysupgrade.bin ).
I have installed the openWisp-config version: openwisp-config-openssl_0.4.6a-1_all.ipk ( http://downloads.openwisp.org/openwisp-config/latest/openwisp-config-openssl_0.4.6a-1_all.ipk )
root@ConselhoQuarterao1:~# openwisp_config --version
openwisp-config 0.4.6a
/etc/config/openwisp file :
config controller 'http'
option url 'https://PUBLIC_IP'
#option interval '120'
option verify_ssl '0'
option shared_secret 'coma1kat'
#option consistent_key '1'
option mac_interface 'eth1'
option merge_config '1'
#option test_config '1'
#option test_script '/usr/sbin/mytest'
option uuid ''
option key ''
list unmanaged 'system.@led'
list unmanaged 'network.loopback'
list unmanaged 'network.@switch'
list unmanaged 'network.@switch_vlan'
# curl options
#option connect_timeout '15'
#option max_time '30'
#option capath '/etc/ssl/certs'
#option cacert '/etc/ssl/certs/ca-certificates.crt'
# hooks
#option pre_reload_hook '/usr/sbin/my_pre_reload_hook'
Controller installation date: 21/03/2017
Controller playbook.yml
- hosts: openwisp2
roles:
- openwisp.openwisp2
vars:
openwisp2_shared_secret: coma1kat
Controller hosts
[openwisp2]
PUBLIC_IP
LOGS:
Unifi
logread | grep openwisp
Wed Mar 22 14:12:24 2017 daemon.info openwisp: OpenWISP config agent started
Wed Mar 22 14:12:24 2017 daemon.info openwisp: Registering device...
Wed Mar 22 14:12:25 2017 daemon.err openwisp: Registration failed!
Wed Mar 22 14:12:30 2017 daemon.info openwisp: Registering device...
Wed Mar 22 14:12:31 2017 daemon.err openwisp: Registration failed!
Wed Mar 22 14:12:36 2017 daemon.info openwisp: Registering device...
Wed Mar 22 14:12:36 2017 daemon.err openwisp: Registration failed!
Wed Mar 22 14:12:41 2017 daemon.info openwisp: Registering device...
Wed Mar 22 14:12:42 2017 daemon.err openwisp: Registration failed!
Wed Mar 22 14:12:47 2017 daemon.info openwisp: Registering device...
Wed Mar 22 14:12:47 2017 daemon.err openwisp: Registration failed!
Wed Mar 22 14:12:52 2017 daemon.info openwisp: Registering device...
Wed Mar 22 14:12:53 2017 daemon.err openwisp: Registration failed!
Wed Mar 22 14:12:53 2017 daemon.info procd: Instance openwisp_config::instance1 s in a crash loop 6 crashes, 0 seconds since last crash
Controller
tail -f /opt/openwisp2/log/uwsgi.log
[pid: 954|app: 0|req: 33/52] 186.225.62.169 () {38 vars in 541 bytes} [Wed Mar 22 14:28:07 2017] POST /controller/register/ => generated 19 bytes in 5 msecs (HTTP/1.1 403) 3 headers in 110 bytes (1 switches on core 0)
[pid: 954|app: 0|req: 33/52] 186.225.62.169 () {38 vars in 541 bytes} [Wed Mar 22 14:28:13 2017] POST /controller/register/ => generated 19 bytes in 5 msecs (HTTP/1.1 403) 3 headers in 110 bytes (1 switches on core 1)
[pid: 954|app: 0|req: 33/52] 186.225.62.169 () {38 vars in 541 bytes} [Wed Mar 22 14:28:19 2017] POST /controller/register/ => generated 19 bytes in 5 msecs (HTTP/1.1 403) 3 headers in 110 bytes (1 switches on core 0)
[pid: 954|app: 0|req: 33/52] 186.225.62.169 () {38 vars in 541 bytes} [Wed Mar 22 14:28:25 2017] POST /controller/register/ => generated 19 bytes in 5 msecs (HTTP/1.1 403) 3 headers in 110 bytes (1 switches on core 1)
[pid: 954|app: 0|req: 33/52] 186.225.62.169 () {38 vars in 541 bytes} [Wed Mar 22 14:28:31 2017] POST /controller/register/ => generated 19 bytes in 5 msecs (HTTP/1.1 403) 3 headers in 110 bytes (1 switches on core 0)
[pid: 954|app: 0|req: 33/52] 186.225.62.169 () {38 vars in 541 bytes} [Wed Mar 22 14:28:37 2017] POST /controller/register/ => generated 19 bytes in 5 msecs (HTTP/1.1 403) 3 headers in 110 bytes (1 switches on core 1)
tail -f /opt/openwisp2/log/nginx.access.log
186.225.62.169 - - [22/Mar/2017:11:13:46 -0300] "POST /controller/register/ HTTP/1.1" 403 30 "-" "curl/7.50.0"
186.225.62.169 - - [22/Mar/2017:11:13:51 -0300] "POST /controller/register/ HTTP/1.1" 403 30 "-" "curl/7.50.0"
186.225.62.169 - - [22/Mar/2017:11:13:57 -0300] "POST /controller/register/ HTTP/1.1" 403 30 "-" "curl/7.50.0"
186.225.62.169 - - [22/Mar/2017:11:14:02 -0300] "POST /controller/register/ HTTP/1.1" 403 30 "-" "curl/7.50.0"
186.225.62.169 - - [22/Mar/2017:11:14:08 -0300] "POST /controller/register/ HTTP/1.1" 403 30 "-" "curl/7.50.0"
186.225.62.169 - - [22/Mar/2017:11:14:13 -0300] "POST /controller/register/ HTTP/1.1" 403 30 "-" "curl/7.50.0"
HTTP 403 Forbidden status? What I am doing wrong?
Thank you
Federico Capoano
Mar 22, 2017, 11:11:56 AM3/22/17
to Alberto Crespo, OpenWISP
Hey Alberto,
I think I've understood what is wrong.
The latest release of the system does not use "openwisp2_shared_secret" anymore because each organization has its own shared secret.
Go in the admin to organizations > default organization > and see the value of the shared_secret, which should be automatically generated. You may also change its value to one of your liking (you may also want to change the default organization name and other details).
Try again after doing the previous steps and let me know.
I tried to explain this new behaviour in the readme of ansible-openwisp2:
Now proceed with the following steps:
- change the password (and the username if you like) of the superuser as soon as possible
- edit the information of the default organization
- in the default organization you just updated, note down the automatically generated shared secret option, you will need it to use the auto-registration feature of openwisp-config
Did you notice this section in the README? Do you think I should make it more evident?
I am also working to make this misconfiguration issue more evident in the logs on OpenWRT/LEDE. I will update you on this shortly.
--
You received this message because you are subscribed to the Google Groups "OpenWISP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openwisp+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Federico Capoano
Mar 22, 2017, 11:29:48 AM3/22/17
to Alberto Crespo, OpenWISP
On Wed, Mar 22, 2017 at 4:11 PM Federico Capoano <federico...@gmail.com> wrote:
I am also working to make this misconfiguration issue more evident in the logs on OpenWRT/LEDE. I will update you on this shortly.
I've pushed this minor improvement:
Here's the build:
if you use this version of the openwrt package, you should get this error in the logread output:
Wed Mar 22 16:22:09 2017 daemon.err openwisp: Registration failed! unrecognized secret
I hope it helps.
Federico
Alberto Crespo
Mar 22, 2017, 11:45:11 AM3/22/17
to OpenWISP
Perfect Federico! All working perfectly.
The next steps will be adding Geographic-Monitoring and Captive-Portals-Manager.
Thank you!
Alberto Crespo
Mar 22, 2017, 11:54:23 AM3/22/17
to OpenWISP
Yes I saw these steps.
My error was follow the Youtube Video.
Sorry.
Federico Capoano
Mar 22, 2017, 11:56:51 AM3/22/17
to Alberto Crespo, OpenWISP
On Wed, Mar 22, 2017 at 4:54 PM Alberto Crespo <alberto....@gmail.com> wrote:
Yes I saw these steps.My error was follow the Youtube Video.Sorry.
Now I understand. I will need to update the videos. I wonder if it's possible to replace the existing videos with modified videos.
Thank you for reporting. Don't be afraid to explain how you got where you are. I'm sure that by setting up the documentation and video properly this kind of stuff wouldn't happen. It's just a matter to find the resources to keep that material up to date and is not always possible.
Federico
Yoovraj Shinde
Apr 15, 2018, 3:07:31 AM4/15/18
to OpenWISP
Yes even I had to figure out for openwisp2 that it uses secret of default organization.
Thanks for the post.
Reply all
Reply to author
Forward
0 new messages