Yeap. Me.!
Cheers
Ricardo Martinez
-----Mensaje original----- De: O-Zone [mailto:liste@zerozone.it] Enviado el: Miércoles, 22 de Diciembre de 2004 11:12 Para: ser users Asunto: [Serusers] SER + RADIUS
Someone use SER with Radius Auth ?
Oz
I am, too
A couple months ago I documented,here in this list, some "hidden" features of RADIUS acct on SER 0.8.14
I'm not very satisfied with the results so I'm awaiting to see if 0.9-stable has better RADIUS support (or not)
RADIUS auth works but without check_to and check_from (to solve this, use an Exec-Program-Wait script to deny the access). Sorry, no SIP Session-timeout
acct works but not automatically as it should (the start packets. the stop packets are OK. unfortunately the stop packets doesn't have the session time attribute to calculate call length)
Cheers !3runo
Ricardo Martinez wrote:
Yeap. Me.!
Cheers
Ricardo Martinez
-----Mensaje original----- De: O-Zone [mailto:liste@zerozone.it] Enviado el: Miércoles, 22 de Diciembre de 2004 11:12 Para: ser users Asunto: [Serusers] SER + RADIUS
Someone use SER with Radius Auth ?
Oz
With regards to the check_to functionality when using RADIUS, you can always add an additional check constraint for Sip-Uri-User which does the same job.
-----Original Message----- From: serusers-bounces@iptel.org [mailto:serusers-bounces@lists.iptel.org]On Behalf Of Bruno Lopes F. Cabral Sent: 22 December 2004 14:48 To: serusers@lists.iptel.org Subject: Re: [Serusers] SER + RADIUS
I am, too
A couple months ago I documented,here in this list, some "hidden" features of RADIUS acct on SER 0.8.14
I'm not very satisfied with the results so I'm awaiting to see if 0.9-stable has better RADIUS support (or not)
RADIUS auth works but without check_to and check_from (to solve this, use an Exec-Program-Wait script to deny the access). Sorry, no SIP Session-timeout
acct works but not automatically as it should (the start packets. the stop packets are OK. unfortunately the stop packets doesn't have the session time attribute to calculate call length)
Cheers !3runo
Ricardo Martinez wrote:
Yeap. Me.!
Cheers
Ricardo Martinez
-----Mensaje original----- De: O-Zone [mailto:liste@zerozone.it] Enviado el: Miércoles, 22 de Diciembre de 2004 11:12 Para: ser users Asunto: [Serusers] SER + RADIUS
Someone use SER with Radius Auth ?
Oz
_______________________________________________ Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
------------------------------------------------------------------------------------------------------- This email, and any files transmitted with it, is copyright and may contain confidential information. The contents are intended for the use of the addressee(s) only. Unauthorized use may be unlawful. If you receive this email by mistake, please advise sender immediately. The views of the author may not necessarily constitute the views of Telco Electronics Limited. Nothing in this mail shall bind Telco Electronics Limited in any contract or obligation.
Telco Electronics Limited 6-8 Oxford Court Brackley Northants NN13 7XY
Tel 01280 761600 Fax 01280 841174
Hello List,
I'm trying to use RADIUS Auth, I followed the steps in Radius How to, but SER doesn't send requests to Radius (I saw in tcpdump) and it log this message rc_send_server: no reply from RADIUS server xxxxx...
Anyone can I help me?
Thanks, Carlos Mauricio
----- Original Message ----- From: "Bruno Lopes F. Cabral" bruno@openline.com.br To: serusers@lists.iptel.org Sent: Wednesday, December 22, 2004 12:48 PM Subject: Re: [Serusers] SER + RADIUS
I am, too
A couple months ago I documented,here in this list, some "hidden" features of RADIUS acct on SER 0.8.14
I'm not very satisfied with the results so I'm awaiting to see if 0.9-stable has better RADIUS support (or not)
RADIUS auth works but without check_to and check_from (to solve this, use an Exec-Program-Wait script to deny the access). Sorry, no SIP Session-timeout
acct works but not automatically as it should (the start packets. the stop packets are OK. unfortunately the stop packets doesn't have the session time attribute to calculate call length)
Cheers !3runo
Ricardo Martinez wrote:
Yeap. Me.!
Cheers
Ricardo Martinez
-----Mensaje original----- De: O-Zone [mailto:liste@zerozone.it] Enviado el: Miércoles, 22 de Diciembre de 2004 11:12 Para: ser users Asunto: [Serusers] SER + RADIUS
Someone use SER with Radius Auth ?
Oz
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Hello List,
Hello ...
I'm trying to use RADIUS Auth, I followed the steps in Radius How to, but SER doesn't send requests to Radius (I saw in tcpdump) and it log this message rc_send_server: no reply from RADIUS server xxxxx...
- Mmmm, many steps ... First, make sure you've compiled your ser with support for all modules (I did it that way and worked for me) ... At compiling with support for all modules you won't fail, although you are compiling modules you don't need.
make exclude_modules="" modules.
- Compile the radiusclient library. With the help of the Radius-HowTo you should get that going. TAKE CARE WITH DICTIONARIES. You need to add both dictionary.sip and dictionary.ser to your radius' dictionary.
- Be sure your radius supports digest authentication. With MD5, at least, you're done ...
- Be sure to load the auth_radius.so module in the ser.cfg file.
loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
- You might need to configure the auth_radius.so module ... This is my configuration ... May need to vary something.
# -- RADIUS AUTH -- modparam("auth_radius", "radius_config", "/etc/radiusclient.conf") modparam("auth_radius", "service_type", 15)
- Configure ser.cfg like this for doing authentication at REGISTER time ...
if (uri==myself) {
if (method=="REGISTER") {
# Lo siguiente es para auth con RADIUS if (!radius_www_authorize("")) { www_challenge("", "0"); break; }; save("location"); break; };
Hope this helps ...
Lucas
Lucas, I have struggled with this RADIUS setup for 2 full days. Would you mind if I sent you my configs to have a look over? I am not getting *any* RADIUS packets leaving my SER box at all, and can't understand why. I have followed your instructions to the *letter*.
----- Original Message ----- From: "Lucas Aimaretto" lucas@cyneric.com Sent: Wednesday, December 22, 2004 9:35 PM Subject: [Serusers] SER + RADIUS
Hello List,
Hello ...
I'm trying to use RADIUS Auth, I followed the steps in Radius How to, but SER doesn't send requests to Radius (I saw in tcpdump) and it log this message rc_send_server: no reply from RADIUS server xxxxx...
- Mmmm, many steps ... First, make sure you've compiled your ser with
support for all modules (I did it that way and worked for me) ... At compiling with support for all modules you won't fail, although you are compiling modules you don't need.
make exclude_modules="" modules.
- Compile the radiusclient library. With the help of the Radius-HowTo
you should get that going. TAKE CARE WITH DICTIONARIES. You need to add both dictionary.sip and dictionary.ser to your radius' dictionary.
- Be sure your radius supports digest authentication. With MD5, at
least, you're done ...
- Be sure to load the auth_radius.so module in the ser.cfg file.
loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
- You might need to configure the auth_radius.so module ... This is my
configuration ... May need to vary something.
# -- RADIUS AUTH -- modparam("auth_radius", "radius_config", "/etc/radiusclient.conf") modparam("auth_radius", "service_type", 15)
- Configure ser.cfg like this for doing authentication at REGISTER time
...
if (uri==myself) {
if (method=="REGISTER") { # Lo siguiente es para auth con RADIUS if (!radius_www_authorize("")) { www_challenge("", "0"); break; }; save("location"); break; };Hope this helps ...
Lucas
-- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.4 - Release Date: 22/12/2004
I'm sure this will seem extremely silly to those who know about RADIUS configuration but the offending statement was hidden deep in my radiusclient.conf....
binaddr localhost
I simply needed to change 'localhost' to the ip address of my ethernet card, and presto, RADIUS packets.
----- Original Message ----- From: "Rod Bacon" rod.bacon@empoweredcomms.com.au To: "Lucas Aimaretto" lucas@cyneric.com Cc: serusers@lists.iptel.org Sent: Friday, March 11, 2005 8:30 AM Subject: Re: [Serusers] SER + RADIUS
Lucas, I have struggled with this RADIUS setup for 2 full days. Would you mind if I sent you my configs to have a look over? I am not getting *any* RADIUS packets leaving my SER box at all, and can't understand why. I have followed your instructions to the *letter*.
----- Original Message ----- From: "Lucas Aimaretto" lucas@cyneric.com Sent: Wednesday, December 22, 2004 9:35 PM Subject: [Serusers] SER + RADIUS
Hello List,
Hello ...
I'm trying to use RADIUS Auth, I followed the steps in Radius How to, but SER doesn't send requests to Radius (I saw in tcpdump) and it log this message rc_send_server: no reply from RADIUS server xxxxx...
- Mmmm, many steps ... First, make sure you've compiled your ser with
support for all modules (I did it that way and worked for me) ... At compiling with support for all modules you won't fail, although you are compiling modules you don't need.
make exclude_modules="" modules.
- Compile the radiusclient library. With the help of the Radius-HowTo
you should get that going. TAKE CARE WITH DICTIONARIES. You need to add both dictionary.sip and dictionary.ser to your radius' dictionary.
- Be sure your radius supports digest authentication. With MD5, at
least, you're done ...
- Be sure to load the auth_radius.so module in the ser.cfg file.
loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
- You might need to configure the auth_radius.so module ... This is my
configuration ... May need to vary something.
# -- RADIUS AUTH -- modparam("auth_radius", "radius_config", "/etc/radiusclient.conf") modparam("auth_radius", "service_type", 15)
- Configure ser.cfg like this for doing authentication at REGISTER time
...
if (uri==myself) {
if (method=="REGISTER") { # Lo siguiente es para auth con RADIUS if (!radius_www_authorize("")) { www_challenge("", "0"); break; }; save("location"); break; };Hope this helps ...
Lucas
-- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.4 - Release Date: 22/12/2004
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
-
Bruno Lopes F. Cabral -
Carlos Mauricio -
hostmaster@telcoelectronics.co.uk -
Lucas Aimaretto -
Ricardo Martinez -
Rod Bacon