You just sent the debug output for the first message (the one creating
the challenge). The next message should contain the credentials, which
will be used for radius auth.
As far as I remember, by default radiusclient uses localhost to send its
radius requests. When the radius server is only listening on a physical
interface or remote server, you need to add a directive to
radiusclient.conf. I don't remember right now.
g-)
Daniel Corbe wrote:
Turned debug to 9, this is what I get
0(19309) SIP Request:
0(19309) method: <REGISTER>
0(19309) uri: <sip:192.168.1.109>
0(19309) version: <SIP/2.0>
0(19309) parse_headers: flags=1
0(19309) Found param type 235, <rport> = <n/a>; state=6
0(19309) Found param type 232, <branch> =
<z9hG4bK3AA0D153A44111DB884A0017F2C52DAE>; state=16
0(19309) end of header reached, state=5
0(19309) parse_headers: Via found, flags=1
0(19309) parse_headers: this is the first via
0(19309) After parse_msg...
0(19309) preparing to run routing scripts...
0(19309) parse_headers: flags=128
0(19309) end of header reached, state=9
0(19309) DEBUG: get_hdr_field: <To> [32]; uri=[sip:admin@192.168.1.109]
0(19309) DEBUG: to body [1234 <sip:admin@192.168.1.109>
]
0(19309) get_hdr_field: cseq <CSeq>: <40142> <REGISTER>
0(19309) DEBUG:maxfwd:is_maxfwd_present: value = 70
0(19309) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
0(19309) parse_headers: flags=256
0(19309) DEBUG: get_hdr_body : content_length=0
0(19309) found end of header
0(19309) find_first_route: No Route headers found
0(19309) loose_route: There is no Route HF
0(19309) XLOG: xl_print_log: final buffer length 26
0(19309) REGISTER request received
0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
0(19309) parse_headers: flags=64
0(19309) XLOG: xl_print_log: final buffer length 27
0(19309) NATed client, enabling NAT
0(19309) parse_headers: flags=4096
0(19309) pre_auth(): Credentials with given realm not found
0(19309) XLOG: xl_print_log: final buffer length 28
0(19309) No Digest, sending challenge 0(19309) build_auth_hf():
'WWW-Authenticate: Digest realm="192.168.1.109",
nonce="45aaa391b970a38171714c791e2feec0b390aeed"
'
0(19309) parse_headers: flags=-1
0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
0(19309) DEBUG:destroy_avp_list: destroying list 0x8b8b80b0
0(19309) receive_msg: cleaning up
0(19309) SIP Request:
0(19309) method: <REGISTER>
0(19309) uri: <sip:192.168.1.109>
0(19309) version: <SIP/2.0>
0(19309) parse_headers: flags=1
0(19309) Found param type 235, <rport> = <n/a>; state=6
0(19309) Found param type 232, <branch> =
<z9hG4bK3AA5DFEFA44111DB884A0017F2C52DAE>; state=16
0(19309) end of header reached, state=5
0(19309) parse_headers: Via found, flags=1
0(19309) parse_headers: this is the first via
0(19309) After parse_msg...
0(19309) preparing to run routing scripts...
0(19309) parse_headers: flags=128
0(19309) end of header reached, state=9
0(19309) DEBUG: get_hdr_field: <To> [32]; uri=[sip:admin@192.168.1.109]
0(19309) DEBUG: to body [1234 <sip:admin@192.168.1.109>
]
0(19309) get_hdr_field: cseq <CSeq>: <40143> <REGISTER>
0(19309) DEBUG:maxfwd:is_maxfwd_present: value = 70
0(19309) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
0(19309) parse_headers: flags=256
0(19309) DEBUG: get_hdr_body : content_length=0
0(19309) found end of header
0(19309) find_first_route: No Route headers found
0(19309) loose_route: There is no Route HF
0(19309) XLOG: xl_print_log: final buffer length 26
0(19309) REGISTER request received
0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
0(19309) parse_headers: flags=64
0(19309) XLOG: xl_print_log: final buffer length 27
0(19309) NATed client, enabling NAT
0(19309) check_nonce(): comparing
[45aaa391b970a38171714c791e2feec0b390aeed] and
[45aaa391b970a38171714c791e2feec0b390aeed]
0(19309) res: -1
0(19309) radius_authorize_sterman(): Failure
0(19309) XLOG: xl_print_log: final buffer length 28
0(19309) No Digest, sending challenge 0(19309) build_auth_hf():
'WWW-Authenticate: Digest realm="192.168.1.109",
nonce="45aaa391b970a38171714c791e2feec0b390aeed"
'
0(19309) parse_headers: flags=-1
0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
0(19309) DEBUG:destroy_avp_list: destroying list 0x8b8b80b0
0(19309) receive_msg: cleaning up
0(19309) udp_rcv_loop: probing packet received from 192.168.1.111 50195
0(19309) udp_rcv_loop: probing packet received from 192.168.1.111 50195
0(19309) SIP Request:
0(19309) method: <REGISTER>
0(19309) uri: <sip:192.168.1.109>
0(19309) version: <SIP/2.0>
0(19309) parse_headers: flags=1
0(19309) Found param type 235, <rport> = <n/a>; state=6
0(19309) Found param type 232, <branch> =
<z9hG4bK46BAEDC8A44111DB884A0017F2C52DAE>; state=16
0(19309) end of header reached, state=5
0(19309) parse_headers: Via found, flags=1
0(19309) parse_headers: this is the first via
0(19309) After parse_msg...
0(19309) preparing to run routing scripts...
0(19309) parse_headers: flags=128
0(19309) end of header reached, state=9
0(19309) DEBUG: get_hdr_field: <To> [32]; uri=[sip:admin@192.168.1.109]
0(19309) DEBUG: to body [1234 <sip:admin@192.168.1.109>
]
0(19309) get_hdr_field: cseq <CSeq>: <40144> <REGISTER>
0(19309) DEBUG:maxfwd:is_maxfwd_present: value = 70
0(19309) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
0(19309) parse_headers: flags=256
0(19309) DEBUG: get_hdr_body : content_length=0
0(19309) found end of header
0(19309) find_first_route: No Route headers found
0(19309) loose_route: There is no Route HF
0(19309) XLOG: xl_print_log: final buffer length 26
0(19309) REGISTER request received
0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
0(19309) parse_headers: flags=64
0(19309) XLOG: xl_print_log: final buffer length 27
0(19309) NATed client, enabling NAT
0(19309) parse_headers: flags=4096
0(19309) pre_auth(): Credentials with given realm not found
0(19309) XLOG: xl_print_log: final buffer length 28
0(19309) No Digest, sending challenge 0(19309) build_auth_hf():
'WWW-Authenticate: Digest realm="192.168.1.109",
nonce="45aaa3a5f0d6c451172fad0e9784ef0e7a83193e"
'
0(19309) parse_headers: flags=-1
0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
0(19309) DEBUG:destroy_avp_list: destroying list 0x8b8b80b0
0(19309) receive_msg: cleaning up
0(19309) SIP Request:
0(19309) method: <REGISTER>
0(19309) uri: <sip:192.168.1.109>
0(19309) version: <SIP/2.0>
0(19309) parse_headers: flags=1
0(19309) Found param type 235, <rport> = <n/a>; state=6
0(19309) Found param type 232, <branch> =
<z9hG4bK46BF0C4DA44111DB884A0017F2C52DAE>; state=16
0(19309) end of header reached, state=5
0(19309) parse_headers: Via found, flags=1
0(19309) parse_headers: this is the first via
0(19309) After parse_msg...
0(19309) preparing to run routing scripts...
0(19309) parse_headers: flags=128
0(19309) end of header reached, state=9
0(19309) DEBUG: get_hdr_field: <To> [32]; uri=[sip:admin@192.168.1.109]
0(19309) DEBUG: to body [1234 <sip:admin@192.168.1.109>
]
0(19309) get_hdr_field: cseq <CSeq>: <40145> <REGISTER>
0(19309) DEBUG:maxfwd:is_maxfwd_present: value = 70
0(19309) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
0(19309) parse_headers: flags=256
0(19309) DEBUG: get_hdr_body : content_length=0
0(19309) found end of header
0(19309) find_first_route: No Route headers found
0(19309) loose_route: There is no Route HF
0(19309) XLOG: xl_print_log: final buffer length 26
0(19309) REGISTER request received
0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
0(19309) parse_headers: flags=64
0(19309) XLOG: xl_print_log: final buffer length 27
0(19309) NATed client, enabling NAT
0(19309) check_nonce(): comparing
[45aaa3a5f0d6c451172fad0e9784ef0e7a83193e] and
[45aaa3a5f0d6c451172fad0e9784ef0e7a83193e]
0(19309) res: -1
0(19309) radius_authorize_sterman(): Failure
0(19309) XLOG: xl_print_log: final buffer length 28
0(19309) No Digest, sending challenge 0(19309) build_auth_hf():
'WWW-Authenticate: Digest realm="192.168.1.109",
nonce="45aaa3a5f0d6c451172fad0e9784ef0e7a83193e"
'
0(19309) parse_headers: flags=-1
0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
0(19309) DEBUG:destroy_avp_list: destroying list 0x8b8b80b0
0(19309) receive_msg: cleaning up
0(19309) udp_rcv_loop: probing packet received from 192.168.1.111 50195
On 1/14/07, Daniel Corbe <daniel.junkmail(a)gmail.com> wrote:
I cannot get my SER to talk to my RADIUS server,
its just blindly
401ing things without ever making contact with RADIUS.
SER config looks like this
if (method == "REGISTER") {
if (!radius_www_authorize("")) {
www_challenge("", "1");
break;
};
save("location");
};
radiusclient-ng servers file:
192.168.1.103 heslo
radiusclient.conf:
auth_order radius,local
login_tries 4
login_timeout 60
authserver 192.168.1.103:1812
acctserver 192.168.1.103:1813
dictionary /usr/local/etc/radiusclient-ng/dictionary
FreeRADIUS clients.conf:
client 192.168.1.109 {
secret = heslo
shortname = proxy1
nastype = other
Not sure what to do!
_______________________________________________
Serusers mailing list
Serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers