user=phone does not have anything to do with it. I think I remember polycom being a bit ticklish when it comes to settings. Something about a non-intuitive name on a setting related to domain?  You see, the calculation in the digest algorithm is based on both sides using the same data... I don't have the polycom setup here, sorry. Take a look at the authorization header in the challenge and reply.
If you debug your radius server, you will probably see wrong password (i.e. wrong digest).
g-)

Natambu Obleton wrote:

Ok. I have two clients setup. One is X-Lite and the other is a polycom 601. I am doing radius authentication, but for some reason it doesn’t work with the polycom 601 phone. In the debug the only thing that is different about them is something in the uri.

 

 

Aug 30 09:16:51 laplata ser[25968]: DEBUG: get_hdr_field: <To> [72]; uri=[sip:311@voip.fasttrackcomm.net

 

Works, but..

 

Aug 30 09:17:53 laplata ser[25970]: DEBUG: get_hdr_field: <To> [45]; uri=[sip:311@voip.fasttrackcomm.net;user=phone]

 

 

Doesn’t. Like it doesn’t even send an authentication request to my radius server. I think it is the ‘;user=phone’ part that is confusing it? So what I want to do is remove that part from the URI as a test. I just added a subst to remove it, but still isn’t working with radius. It acts like the realm is no longer local.

 

 

Here is my config file:

http://www.natambu.com/serconf.html

 

 

Natambu Obleton

Network Engineer

FastTrack Communications

nobleton@fasttrackcomm.net

(970) 247-3366 office

(970) 247-2426 fax

 

 


_______________________________________________ Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers