[Serusers] radius error
Madan
madan.r at net4india.net
Fri Aug 8 11:51:58 CEST 2003
i already have that part in my radiusd.conf
i believe the following radius message is something to do with
dictionary part
"No authenticate method (Auth-Type) configuration found for the request:
Rejecting the user"
i would really appreciate if you can help me getting this up and running
regards,
Madan
Daniel-Constantin Mierla wrote:
> hello,
> try to put in radiusd.conf in authenticate section:
>
> Auth-Type DIGEST {
> digest
> }
>
> instead of "digest" if you didn't try it already.
>
> Daniel
>
>
> Madan wrote:
>
>> Hi Daniel
>> Yes- I have configured freeradius to use rlm_digest and as per your
>> advice i did nt load the auth_db module and also auth module was
>> placed before auth_radius
>>
>> Yes- my raddb/users file contains Auth-Type for Digest
>>
>> test Auth-Type := Digest, User-Password = "test"
>> Reply-Message = "Hello, test with digest"
>>
>>
>> but this does nt seems to help me
>>
>> regards,
>> Madan
>>
>> I forgot to tell you -- for each user you want to authenticate with
>> digest the Auth-Type must be set to DIGEST (in users database of
>> radius server).
>>
>> Daniel
>>
>> Daniel-Constantin Mierla wrote:
>>
>>> Hello,
>>> have you set up FreeRADIUS to load digest authentication module
>>> (rlm_digest)? You should have uncommented some lines in radiusd.conf
>>> (see comments in that file).
>>>
>>> If you use RADIUS authentication module the auth_db may be useless
>>> and is better to load auth module prior to auth_radius.
>>>
>>> Daniel
>>>
>>> Madan wrote:
>>>
>>>> hi
>>>> i have installed ser with acc/mysql/radius module
>>>> while registering a user 'm getting the following error message
>>>>
>>>> can somebody please point me as to what is wrong and where
>>>>
>>>> rad_recv: Access-Request packet from host myhost:33532, id=69,
>>>> length=294
>>>> Thread 3 assigned request 2
>>>> Waking up in 2 seconds...
>>>> Thread 3 handling request 2, (1 handled so far)
>>>> User-Name = "sip:test at myhost"
>>>> Digest-Attributes = "\n\034sip:test at myhost"
>>>> Digest-Attributes = "\001\023myhost"
>>>> Digest-Attributes =
>>>> "\002*3f338410ec3d4e634e2883b85928416ef3c364e5"
>>>> Digest-Attributes = "\004\027sip:myhost"
>>>> Digest-Attributes = "\003\nREGISTER"
>>>> Digest-Attributes = "\005\006auth"
>>>> Digest-Attributes = "\t\n00000001"
>>>> Digest-Attributes = "\010"34555301336645129540719731434531"
>>>> Digest-Response = "acdd6400b4c16da2a04f85334d871415"
>>>> Service-Type = IAPP-Register
>>>> SIP-URI-User = "test"
>>>> NAS-IP-Address = 127.0.0.1
>>>> NAS-Port = 5060
>>>> auth: No authenticate method (Auth-Type) configuration found for
>>>> the request: Rejecting the user
>>>> auth: Failed to validate the user.
>>>> Delaying request 2 for 1 seconds
>>>> Finished request 2
>>>>
>>>> FYI-
>>>> OS- RH 7.2
>>>> SER- latest from cvs with acc/mysql and radius
>>>> RADIUS- freeradius
>>>> ------------------------------------ser.cfg---------------------------------
>>>>
>>>> #
>>>> # $Id: ser.cfg,v 1.21 2003/06/04 13:47:36 jiri Exp $
>>>> #
>>>> # simple quick-start config script
>>>> #
>>>>
>>>> # ----------- global configuration parameters ------------------------
>>>>
>>>> debug=3 # debug level (cmd line: -dddddddddd)
>>>> fork=no
>>>> log_stderror=yes # (cmd line: -E)
>>>>
>>>> /* Uncomment these lines to enter debugging mode
>>>> debug=7
>>>> fork=no
>>>> log_stderror=yes
>>>> */
>>>>
>>>> check_via=no # (cmd. line: -v)
>>>> dns=no # (cmd. line: -r)
>>>> rev_dns=no # (cmd. line: -R)
>>>> port=5060
>>>> children=4
>>>> fifo="/tmp/ser_fifo"
>>>> mhomed=yes
>>>> listen=myhost
>>>> # ------------------ module loading ----------------------------------
>>>>
>>>> # Uncomment this if you want to use SQL database
>>>>
>>>> loadmodule "/usr/local/lib/ser/modules/mysql.so"
>>>> loadmodule "/usr/local/lib/ser/modules/sl.so"
>>>> loadmodule "/usr/local/lib/ser/modules/tm.so"
>>>> loadmodule "/usr/local/lib/ser/modules/rr.so"
>>>> loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>>>> loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>>>> loadmodule "/usr/local/lib/ser/modules/registrar.so"
>>>> loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
>>>> loadmodule "/usr/local/lib/ser/modules/uri.so"
>>>> loadmodule "/usr/local/lib/ser/modules/auth.so"
>>>> loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>>>> loadmodule "/usr/local/lib/ser/modules/acc.so"
>>>>
>>>> modparam("usrloc", "db_mode", 1)
>>>> modparam("auth_radius",
>>>> "radius_config","/usr/local/etc/radiusclient/radiusclient.conf")
>>>>
>>>> # -- rr params --
>>>> # add value to ;lr param to make some broken UAs happy
>>>> modparam("rr", "enable_full_lr", 1)
>>>> modparam("acc", "log_level", 1)
>>>> modparam("acc", "radius_flag", 1)
>>>> # ------------------------- request routing logic -------------------
>>>>
>>>> # main routing logic
>>>> alias=myhost
>>>> route{
>>>>
>>>> # initial sanity checks -- messages with
>>>> # max_forwards==0, or excessively long requests
>>>>
>>>> if (!mf_process_maxfwd_header("10")) {
>>>> sl_send_reply("483","Too Many Hops");
>>>> break;
>>>> };
>>>> if (len_gt( max_len )) {
>>>> sl_send_reply("513", "Message too big");
>>>> break;
>>>> };
>>>>
>>>> # we record-route all messages -- to make sure that
>>>> # subsequent messages will go through our proxy; that's
>>>> # particularly good if upstream and downstream entities
>>>> # use different transport protocol
>>>>
>>>>
>>>> record_route();
>>>> # if (loose_route()) {
>>>> # t_relay();
>>>> # break;
>>>> # };
>>>> #
>>>> # if the request is for other domain use UsrLoc
>>>> # (in case, it does not work, use the following command
>>>> # with proper names and addresses in it)
>>>> if (uri=~"myhost") {
>>>>
>>>> if (method=="REGISTER") {
>>>> log(1, "REGISTER: Authenticating user\n");
>>>>
>>>> if (!radius_www_authorize("")) {
>>>> log(1, "REGISTER: challenging user\n");
>>>> www_challenge("", "1");
>>>> break;
>>>> };
>>>> save("location");
>>>> break;
>>>> };
>>>>
>>>>
>>>>
>>>> if (method=="INVITE") {
>>>>
>>>> log(1, "INVITE\n");
>>>> setflag(1); /* set for accounting (the same value as in
>>>> log_flag!) */
>>>> };
>>>>
>>>> if (method=="MESSAGE") {
>>>> log(1, "MESSAGE\n");
>>>> setflag(1); /* set for accounting (the same value as in
>>>> log_flag!) */
>>>> };
>>>>
>>>> if (method=="BYE" || method=="CANCEL") {
>>>> log (1, "BYE or CANCEL\n");
>>>> setflag(1);
>>>>
>>>>
>>>> };
>>>>
>>>> # native SIP destinations are handled using our
>>>> USRLOC DB
>>>> if (!lookup("location")) {
>>>> sl_send_reply("404", "Not Found");
>>>> break;
>>>> };
>>>> #};
>>>> # forward to current uri now; use stateful forwarding; that
>>>> # works reliably even if we forward from TCP to UDP
>>>> if (!t_relay()) {
>>>> sl_reply_error();
>>>> };
>>>>
>>>> };
>>>> }
>>>> -------------------------------------------end----------------------------------------------------------
>>>>
>>>>
>>>> i dunno what is wrong here..if you need any other config files to
>>>> help me out please let me know
>>>> regards,
>>>> Madan
>>>>
>>>> _______________________________________________
>>>> Serusers mailing list
>>>> serusers at lists.iptel.org
>>>> http://lists.iptel.org/mailman/listinfo/serusers
>>>>
>>>
>>>
>>> _______________________________________________
>>> Serusers mailing list
>>> serusers at lists.iptel.org
>>> http://lists.iptel.org/mailman/listinfo/serusers
>>>
>>
>>
>>
>> .
>>
>>
>>
>> _______________________________________________
>> Serusers mailing list
>> serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>
>
>
> .
>
More information about the sr-users
mailing list