[Serusers] JUST WANT TO USE CISCO GATEWAY (1760)

Akinsola Oyelakin aoy at emperion.net
Wed Sep 24 08:53:02 CEST 2003


Hi Everyone,
I am a newbie to SIP and I have a a network of voice routers (cisco 1760) I
normally use full mesh H323. now I want to use SIP and let every voice
router get in touch with the SIP server to know the IP address of the
destination pattern (number). So the SIP server will be playing the role of
a soft PBX.
PLEASE help out with what I am suppose to do on the SER and each router. (I
have the SER up and running.)

Regards,
Akin

-----Original Message-----
From: serusers-request at iptel.org [mailto:serusers-request at lists.iptel.org] 
Sent: Tuesday, September 23, 2003 12:38 PM
To: serusers at lists.iptel.org
Subject: Serusers Digest, Vol 5, Issue 50


Send Serusers mailing list submissions to
	serusers at lists.iptel.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.iptel.org/mailman/listinfo/serusers
or, via email, send a message with subject or body 'help' to
	serusers-request at lists.iptel.org

You can reach the person managing the list at
	serusers-owner at lists.iptel.org

When replying, please edit your Subject line so it is more specific than
"Re: Contents of Serusers digest..."


Today's Topics:

   1. RE: Troubles setting up radius authentication (Steve Dolloff)
   2. RE: Troubles setting up radius authentication (Steve Dolloff)
   3. Re: Troubles setting up radius authentication (Jan Janak)
   4. RE: Troubles setting up radius authentication (Steve Dolloff)
   5. Re: Troubles setting up radius authentication (Jan Janak)
   6. Re: Troubles setting up radius authentication (Jan Janak)


----------------------------------------------------------------------

Message: 1
Date: Tue, 23 Sep 2003 11:24:11 -0500
From: "Steve Dolloff" <sdolloff at noc.dls.net>
Subject: RE: [Serusers] Troubles setting up radius authentication
To: "Jan Janak" <jan at iptel.org>
Cc: Serusers <serusers at lists.iptel.org>
Message-ID:
	<ADCFA6B7CA0C754EB837B423E5A521D2543512 at mailbox.noc.dls.net>
Content-Type: text/plain;	charset="us-ascii"

Yes, I have added the SIP definitions to the radiusclient library.  It is
the dictionary file defined in the radiusclient.conf file as
/etc/sip_dictionary.  It was created using the dictionary file from
radiusclient and adding the information from the link that you refered to.

-----------------------

Hello,

if there is no radius traffic then radiusclient library has some problems
when buiding the request. Did you extend your radius dictionary as described
in http://iptel.org/ser/ser_radius.html ?

  Jan.

On 23-09 10:38, Steve Dolloff wrote:
> I am trying to switch from database authentication to radius 
> authentication.
> 
> I have compiled and installed the module.
> 
> I have added the following to my ser.cfg
> 
> modparam("auth_radius", "radius_config", "/etc/ser/radiusclient.conf") 
> modparam("auth_radius", "service_type",15)
> 
>                         if (method=="REGISTER") {
>                                 log(1,"authenticating");
>                                 if (!radius_www_authorize("test.net"))
{
>                                         log(1,"radius auth failure");
>                                         www_challenge("test.net",
"0");
>                                         break;
>                                 };
> 
> I have configured the following in /etc/ser/radiusclient.conf
> authserver      radius1.test.net:1812
> authserver      radius2.test.net:1812
> servers         /etc/servers
> dictionary      /etc/sip_dictionary
> 
> I have configured the following in /etc/servers
> 
> Radius1.test.net	secret
> Radius2.test.net	secret2
> 
> I get the following in my messages log.
> 
> Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: authenticating Sep 23 
> 10:39:03 voip2 /usr/sbin/ser[25945]: radius auth failure Sep 23 
> 10:39:30 voip2 /usr/sbin/ser[25947]: authenticating Sep 23 10:39:30 
> voip2 /usr/sbin/ser[25947]: radius auth failure Sep 23 10:39:30 voip2 
> /usr/sbin/ser[25949]: authenticating Sep 23 10:39:30 voip2 
> /usr/sbin/ser[25949]: radius auth failure Sep 23 10:39:34 voip2 
> /usr/sbin/ser[25948]: authenticating Sep 23 10:39:34 voip2 
> /usr/sbin/ser[25948]: radius auth failure Sep 23 10:39:34 voip2 
> /usr/sbin/ser[25945]: authenticating Sep 23 10:39:34 voip2 
> /usr/sbin/ser[25945]: radius auth failure
> 
> And ngrep port 1812 shows no traffic at all.  Where are these auth 
> request going?  How can I get more debug info?
> 
> Thanks for your help.
> 
> Stephen
> 
> 
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers


------------------------------

Message: 2
Date: Tue, 23 Sep 2003 11:30:07 -0500
From: "Steve Dolloff" <sdolloff at noc.dls.net>
Subject: RE: [Serusers] Troubles setting up radius authentication
To: "Jan Janak" <jan at iptel.org>
Cc: Serusers <serusers at lists.iptel.org>
Message-ID:
	<ADCFA6B7CA0C754EB837B423E5A521D2543513 at mailbox.noc.dls.net>
Content-Type: text/plain;	charset="us-ascii"

Here is a copy of the stderr if I run from console.  

8(27147) qm_free(0x80bf800, 0x80cbc6c), called from parser/parse_via.c:
free_via_list(1973)
 8(27147) qm_free: freeing frag. 0x80cbc54 alloc'ed from
parser/msg_parser.c: get_hdr_field(109)
 8(27147) qm_free(0x80bf800, 0x80cbd10), called from parser/hf.c:
free_hdr_field_lst(170)
 8(27147) qm_free: freeing frag. 0x80cbcf8 alloc'ed from
parser/msg_parser.c: parse_headers(276)
 8(27147) qm_free(0x80bf800, 0x80cbc1c), called from parser/hf.c:
free_hdr_field_lst(170)
 8(27147) qm_free: freeing frag. 0x80cbc04 alloc'ed from
parser/msg_parser.c: parse_headers(276)
 8(27147) qm_free(0x80bf800, 0x80cbdb0), called from parser/parse_to.c:
free_to(778)
 8(27147) qm_free: freeing frag. 0x80cbd98 alloc'ed from
parser/msg_parser.c: get_hdr_field(149)
 8(27147) qm_free(0x80bf800, 0x80cbe04), called from parser/hf.c:
free_hdr_field_lst(170)
 8(27147) qm_free: freeing frag. 0x80cbdec alloc'ed from
parser/msg_parser.c: parse_headers(276)
 8(27147) qm_free(0x80bf800, 0x80cbd60), called from parser/hf.c:
free_hdr_field_lst(170)
 8(27147) qm_free: freeing frag. 0x80cbd48 alloc'ed from
parser/msg_parser.c: parse_headers(276)
 8(27147) qm_free(0x80bf800, 0x80c9da8), called from
parser/parse_cseq.c: free_cseq(102)
 8(27147) qm_free: freeing frag. 0x80c9d90 alloc'ed from
parser/msg_parser.c: get_hdr_field(128)
 8(27147) qm_free(0x80bf800, 0x80cbe54), called from parser/hf.c:
free_hdr_field_lst(170)
 8(27147) qm_free: freeing frag. 0x80cbe3c alloc'ed from
parser/msg_parser.c: parse_headers(276)
 8(27147) qm_free(0x80bf800, 0x80cc0d8), called from
parser/parse_param.c: do_free_params(420)
 8(27147) qm_free: freeing frag. 0x80cc0c0 alloc'ed from
parser/parse_param.c: parse_params(337)
 8(27147) qm_free(0x80bf800, 0x80cc084), called from
parser/contact/contact.c: free_contacts(293)
 8(27147) qm_free: freeing frag. 0x80cc06c alloc'ed from
parser/contact/contact.c: parse_contacts(194)
 8(27147) qm_free(0x80bf800, 0x80ca3cc), called from
parser/contact/parse_contact.c: free_contact(109)
 8(27147) qm_free: freeing frag. 0x80ca3b4 alloc'ed from
parser/contact/parse_contact.c: parse_contact(81)
 8(27147) qm_free(0x80bf800, 0x80cbea4), called from parser/hf.c:
free_hdr_field_lst(170)
 8(27147) qm_free: freeing frag. 0x80cbe8c alloc'ed from
parser/msg_parser.c: parse_headers(276)
 8(27147) qm_free(0x80bf800, 0x80cbef4), called from parser/hf.c:
free_hdr_field_lst(170)
 8(27147) qm_free: freeing frag. 0x80cbedc alloc'ed from
parser/msg_parser.c: parse_headers(276)
 8(27147) qm_free(0x80bf800, 0x80cbf44), called from parser/hf.c:
free_hdr_field_lst(170)
 8(27147) qm_free: freeing frag. 0x80cbf2c alloc'ed from
parser/msg_parser.c: parse_headers(276)
 8(27147) qm_free(0x80bf800, 0x80cbf94), called from parser/hf.c:
free_hdr_field_lst(170)
 8(27147) qm_free: freeing frag. 0x80cbf7c alloc'ed from
parser/msg_parser.c: parse_headers(276)
 8(27147) qm_free(0x80bf800, 0x80c8934), called from data_lump.c:
free_lump(321)
 8(27147) qm_free: freeing frag. 0x80c891c alloc'ed from mf_funcs.c:
add_maxfwd_header(131)
 8(27147) qm_free(0x80bf800, 0x80cbfe4), called from data_lump.c:
free_lump_list(346)
 8(27147) qm_free: freeing frag. 0x80cbfcc alloc'ed from data_lump.c:
insert_new_lump_before(136)
 8(27147) qm_free(0x80bf800, 0x80cc034), called from data_lump.c:
free_lump_list(357)
 8(27147) qm_free: freeing frag. 0x80cc01c alloc'ed from data_lump.c:
anchor_lump(292)
 8(27147) qm_free(0x80bf800, 0x80cc174), called from data_lump.c:
free_lump(321)
 8(27147) qm_free: freeing frag. 0x80cc15c alloc'ed from nathelper.c:
fix_nated_contact_f(204)
 8(27147) qm_free(0x80bf800, 0x80cc124), called from data_lump.c:
free_lump_list(352)
 8(27147) qm_free: freeing frag. 0x80cc10c alloc'ed from data_lump.c:
insert_new_lump_after(111)
 8(27147) qm_free(0x80bf800, 0x80cc1dc), called from data_lump.c:
free_lump_list(357)
 8(27147) qm_free: freeing frag. 0x80cc1c4 alloc'ed from data_lump.c:
del_lump(262)
 8(27147) qm_free(0x80bf800, 0x80cc35c), called from data_lump_rpl.c:
free_lump_rpl(84)
 8(27147) qm_free: freeing frag. 0x80cc344 alloc'ed from
data_lump_rpl.c: build_lump_rpl(47)
 8(27147) qm_free(0x80bf800, 0x80c9cf0), called from data_lump_rpl.c:
free_lump_rpl(85)
 8(27147) qm_free: freeing frag. 0x80c9cd8 alloc'ed from
data_lump_rpl.c: build_lump_rpl(40)
 8(27147) qm_free(0x80bf800, 0x80cb918), called from receive.c:
receive_msg(187)
 8(27147) qm_free: freeing frag. 0x80cb900 alloc'ed from receive.c:
receive_msg(78)



-----Original Message-----
From: Jan Janak [mailto:jan at iptel.org] 
Sent: Tuesday, September 23, 2003 10:45 AM
To: Steve Dolloff
Cc: Serusers
Subject: Re: [Serusers] Troubles setting up radius authentication

Hello,

if there is no radius traffic then radiusclient library has some problems
when buiding the request. Did you extend your radius dictionary as described
in http://iptel.org/ser/ser_radius.html ?

  Jan.

On 23-09 10:38, Steve Dolloff wrote:
> I am trying to switch from database authentication to radius 
> authentication.
> 
> I have compiled and installed the module.
> 
> I have added the following to my ser.cfg
> 
> modparam("auth_radius", "radius_config", "/etc/ser/radiusclient.conf") 
> modparam("auth_radius", "service_type",15)
> 
>                         if (method=="REGISTER") {
>                                 log(1,"authenticating");
>                                 if (!radius_www_authorize("test.net"))
{
>                                         log(1,"radius auth failure");
>                                         www_challenge("test.net",
"0");
>                                         break;
>                                 };
> 
> I have configured the following in /etc/ser/radiusclient.conf
> authserver      radius1.test.net:1812
> authserver      radius2.test.net:1812
> servers         /etc/servers
> dictionary      /etc/sip_dictionary
> 
> I have configured the following in /etc/servers
> 
> Radius1.test.net	secret
> Radius2.test.net	secret2
> 
> I get the following in my messages log.
> 
> Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: authenticating Sep 23 
> 10:39:03 voip2 /usr/sbin/ser[25945]: radius auth failure Sep 23 
> 10:39:30 voip2 /usr/sbin/ser[25947]: authenticating Sep 23 10:39:30 
> voip2 /usr/sbin/ser[25947]: radius auth failure Sep 23 10:39:30 voip2 
> /usr/sbin/ser[25949]: authenticating Sep 23 10:39:30 voip2 
> /usr/sbin/ser[25949]: radius auth failure Sep 23 10:39:34 voip2 
> /usr/sbin/ser[25948]: authenticating Sep 23 10:39:34 voip2 
> /usr/sbin/ser[25948]: radius auth failure Sep 23 10:39:34 voip2 
> /usr/sbin/ser[25945]: authenticating Sep 23 10:39:34 voip2 
> /usr/sbin/ser[25945]: radius auth failure
> 
> And ngrep port 1812 shows no traffic at all.  Where are these auth 
> request going?  How can I get more debug info?
> 
> Thanks for your help.
> 
> Stephen
> 
> 
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers


------------------------------

Message: 3
Date: Tue, 23 Sep 2003 18:30:35 +0200
From: Jan Janak <jan at iptel.org>
Subject: Re: [Serusers] Troubles setting up radius authentication
To: Steve Dolloff <sdolloff at noc.dls.net>
Cc: Serusers <serusers at lists.iptel.org>
Message-ID: <20030923163035.GJ766 at localhost.localdomain>
Content-Type: text/plain; charset=iso-8859-2

Hello,

>From the information below I can't say where the problem is, but I 
>would
say some attribute definitions are missing.

Unfortunatelly the stable version of auth_radius module doesn't print much
debugging messages when something goes wrong.

Did you compile your server from sources or do you use binary packages ? You
can try unstable version branch from the CVS, that should tell you where the
problem is, or I can send you a patch to stable version if you can apply it
and compile from sources.

  Jan.

On 23-09 11:24, Steve Dolloff wrote:
> Yes, I have added the SIP definitions to the radiusclient library.  It 
> is the dictionary file defined in the radiusclient.conf file as 
> /etc/sip_dictionary.  It was created using the dictionary file from 
> radiusclient and adding the information from the link that you refered 
> to.
> 
> -----------------------
> 
> Hello,
> 
> if there is no radius traffic then radiusclient library has some 
> problems when buiding the request. Did you extend your radius 
> dictionary as described in http://iptel.org/ser/ser_radius.html ?
> 
>   Jan.
> 
> On 23-09 10:38, Steve Dolloff wrote:
> > I am trying to switch from database authentication to radius 
> > authentication.
> > 
> > I have compiled and installed the module.
> > 
> > I have added the following to my ser.cfg
> > 
> > modparam("auth_radius", "radius_config", 
> > "/etc/ser/radiusclient.conf") modparam("auth_radius", 
> > "service_type",15)
> > 
> >                         if (method=="REGISTER") {
> >                                 log(1,"authenticating");
> >                                 if 
> > (!radius_www_authorize("test.net"))
> {
> >                                         log(1,"radius auth failure");
> >                                         www_challenge("test.net",
> "0");
> >                                         break;
> >                                 };
> > 
> > I have configured the following in /etc/ser/radiusclient.conf
> > authserver      radius1.test.net:1812
> > authserver      radius2.test.net:1812
> > servers         /etc/servers
> > dictionary      /etc/sip_dictionary
> > 
> > I have configured the following in /etc/servers
> > 
> > Radius1.test.net	secret
> > Radius2.test.net	secret2
> > 
> > I get the following in my messages log.
> > 
> > Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: authenticating Sep 23 
> > 10:39:03 voip2 /usr/sbin/ser[25945]: radius auth failure Sep 23 
> > 10:39:30 voip2 /usr/sbin/ser[25947]: authenticating Sep 23 10:39:30 
> > voip2 /usr/sbin/ser[25947]: radius auth failure Sep 23 10:39:30 
> > voip2 /usr/sbin/ser[25949]: authenticating Sep 23 10:39:30 voip2 
> > /usr/sbin/ser[25949]: radius auth failure Sep 23 10:39:34 voip2 
> > /usr/sbin/ser[25948]: authenticating Sep 23 10:39:34 voip2 
> > /usr/sbin/ser[25948]: radius auth failure Sep 23 10:39:34 voip2 
> > /usr/sbin/ser[25945]: authenticating Sep 23 10:39:34 voip2 
> > /usr/sbin/ser[25945]: radius auth failure
> > 
> > And ngrep port 1812 shows no traffic at all.  Where are these auth 
> > request going?  How can I get more debug info?
> > 
> > Thanks for your help.
> > 
> > Stephen
> > 
> > 
> > _______________________________________________
> > Serusers mailing list
> > serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
> 
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers


------------------------------

Message: 4
Date: Tue, 23 Sep 2003 11:39:53 -0500
From: "Steve Dolloff" <sdolloff at noc.dls.net>
Subject: RE: [Serusers] Troubles setting up radius authentication
To: "Jan Janak" <jan at iptel.org>
Cc: Serusers <serusers at lists.iptel.org>
Message-ID:
	<ADCFA6B7CA0C754EB837B423E5A521D2543514 at mailbox.noc.dls.net>
Content-Type: text/plain;	charset="us-ascii"

This is my current info.

ser -V
version: ser 0.8.12dev-t16 (i386/linux)
flags: STATS:Off, USE_IPV6, USE_TCP, DISABLE_NAGLE, DNS_IP_HACK, SHM_MEM,
SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024, BUF_SIZE 65535
@(#) $Id: main.c,v 1.167 2003/07/07 14:08:26 jiri Exp $
main.c compiled on 10:02:36 Sep 11 2003 with gcc 3.2

this was built from source off of CVS.  If there is a newer version that
would give more info, I will recompile.

Stephen


Hello,

>From the information below I can't say where the problem is, but I 
>would
say some attribute definitions are missing.

Unfortunatelly the stable version of auth_radius module doesn't print much
debugging messages when something goes wrong.

Did you compile your server from sources or do you use binary packages ? You
can try unstable version branch from the CVS, that should tell you where the
problem is, or I can send you a patch to stable version if you can apply it
and compile from sources.

  Jan.

On 23-09 11:24, Steve Dolloff wrote:
> Yes, I have added the SIP definitions to the radiusclient library.  It 
> is the dictionary file defined in the radiusclient.conf file as 
> /etc/sip_dictionary.  It was created using the dictionary file from 
> radiusclient and adding the information from the link that you refered 
> to.
> 
> -----------------------
> 
> Hello,
> 
> if there is no radius traffic then radiusclient library has some 
> problems when buiding the request. Did you extend your radius
dictionary
> as described in http://iptel.org/ser/ser_radius.html ?
> 
>   Jan.
> 
> On 23-09 10:38, Steve Dolloff wrote:
> > I am trying to switch from database authentication to radius 
> > authentication.
> > 
> > I have compiled and installed the module.
> > 
> > I have added the following to my ser.cfg
> > 
> > modparam("auth_radius", "radius_config",
"/etc/ser/radiusclient.conf")
> > modparam("auth_radius", "service_type",15)
> > 
> >                         if (method=="REGISTER") {
> >                                 log(1,"authenticating");
> >                                 if
(!radius_www_authorize("test.net"))
> {
> >                                         log(1,"radius auth
failure");
> >                                         www_challenge("test.net",
> "0");
> >                                         break;
> >                                 };
> > 
> > I have configured the following in /etc/ser/radiusclient.conf
> > authserver      radius1.test.net:1812
> > authserver      radius2.test.net:1812
> > servers         /etc/servers
> > dictionary      /etc/sip_dictionary
> > 
> > I have configured the following in /etc/servers
> > 
> > Radius1.test.net	secret
> > Radius2.test.net	secret2
> > 
> > I get the following in my messages log.
> > 
> > Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: authenticating Sep 23 
> > 10:39:03 voip2 /usr/sbin/ser[25945]: radius auth failure Sep 23 
> > 10:39:30 voip2 /usr/sbin/ser[25947]: authenticating Sep 23 10:39:30 
> > voip2 /usr/sbin/ser[25947]: radius auth failure Sep 23 10:39:30 
> > voip2 /usr/sbin/ser[25949]: authenticating Sep 23 10:39:30 voip2 
> > /usr/sbin/ser[25949]: radius auth failure Sep 23 10:39:34 voip2 
> > /usr/sbin/ser[25948]: authenticating Sep 23 10:39:34 voip2 
> > /usr/sbin/ser[25948]: radius auth failure Sep 23 10:39:34 voip2 
> > /usr/sbin/ser[25945]: authenticating Sep 23 10:39:34 voip2 
> > /usr/sbin/ser[25945]: radius auth failure
> > 
> > And ngrep port 1812 shows no traffic at all.  Where are these auth 
> > request going?  How can I get more debug info?
> > 
> > Thanks for your help.
> > 
> > Stephen
> > 
> > 
> > _______________________________________________
> > Serusers mailing list
> > serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
> 
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers


------------------------------

Message: 5
Date: Tue, 23 Sep 2003 18:40:34 +0200
From: Jan Janak <jan at iptel.org>
Subject: Re: [Serusers] Troubles setting up radius authentication
To: Steve Dolloff <sdolloff at noc.dls.net>
Cc: Serusers <serusers at lists.iptel.org>
Message-ID: <20030923164034.GK766 at localhost.localdomain>
Content-Type: text/plain; charset=iso-8859-2

Hello,

this should be recent enough. Try to look for messages like this:

sterman(): Unable to add PW_DIGEST_REALM attribute

(see sip_router/modules/auth_radius/sterman.c for more details).

The file contains functions that build and send radius messages.

 Jan.

On 23-09 11:39, Steve Dolloff wrote:
> This is my current info.
> 
> ser -V
> version: ser 0.8.12dev-t16 (i386/linux)
> flags: STATS:Off, USE_IPV6, USE_TCP, DISABLE_NAGLE, DNS_IP_HACK, 
> SHM_MEM, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, FAST_LOCK-ADAPTIVE_WAIT 
> ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, 
> MAX_URI_SIZE 1024, BUF_SIZE 65535
> @(#) $Id: main.c,v 1.167 2003/07/07 14:08:26 jiri Exp $ main.c 
> compiled on 10:02:36 Sep 11 2003 with gcc 3.2
> 
> this was built from source off of CVS.  If there is a newer version 
> that would give more info, I will recompile.
> 
> Stephen
> 
> 
> Hello,
> 
> >From the information below I can't say where the problem is, but I 
> >would
> say some attribute definitions are missing.
> 
> Unfortunatelly the stable version of auth_radius module doesn't print 
> much debugging messages when something goes wrong.
> 
> Did you compile your server from sources or do you use binary packages 
> ? You can try unstable version branch from the CVS, that should tell 
> you where the problem is, or I can send you a patch to stable version 
> if you can apply it and compile from sources.
> 
>   Jan.
> 
> On 23-09 11:24, Steve Dolloff wrote:
> > Yes, I have added the SIP definitions to the radiusclient library.  
> > It is the dictionary file defined in the radiusclient.conf file as 
> > /etc/sip_dictionary.  It was created using the dictionary file from 
> > radiusclient and adding the information from the link that you 
> > refered to.
> > 
> > -----------------------
> > 
> > Hello,
> > 
> > if there is no radius traffic then radiusclient library has some 
> > problems when buiding the request. Did you extend your radius
> dictionary
> > as described in http://iptel.org/ser/ser_radius.html ?
> > 
> >   Jan.
> > 
> > On 23-09 10:38, Steve Dolloff wrote:
> > > I am trying to switch from database authentication to radius 
> > > authentication.
> > > 
> > > I have compiled and installed the module.
> > > 
> > > I have added the following to my ser.cfg
> > > 
> > > modparam("auth_radius", "radius_config",
> "/etc/ser/radiusclient.conf")
> > > modparam("auth_radius", "service_type",15)
> > > 
> > >                         if (method=="REGISTER") {
> > >                                 log(1,"authenticating");
> > >                                 if
> (!radius_www_authorize("test.net"))
> > {
> > >                                         log(1,"radius auth
> failure");
> > >                                         www_challenge("test.net",
> > "0");
> > >                                         break;
> > >                                 };
> > > 
> > > I have configured the following in /etc/ser/radiusclient.conf
> > > authserver      radius1.test.net:1812
> > > authserver      radius2.test.net:1812
> > > servers         /etc/servers
> > > dictionary      /etc/sip_dictionary
> > > 
> > > I have configured the following in /etc/servers
> > > 
> > > Radius1.test.net	secret
> > > Radius2.test.net	secret2
> > > 
> > > I get the following in my messages log.
> > > 
> > > Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: authenticating Sep 23 
> > > 10:39:03 voip2 /usr/sbin/ser[25945]: radius auth failure Sep 23 
> > > 10:39:30 voip2 /usr/sbin/ser[25947]: authenticating Sep 23 
> > > 10:39:30 voip2 /usr/sbin/ser[25947]: radius auth failure Sep 23 
> > > 10:39:30 voip2 /usr/sbin/ser[25949]: authenticating Sep 23 
> > > 10:39:30 voip2 /usr/sbin/ser[25949]: radius auth failure Sep 23 
> > > 10:39:34 voip2 /usr/sbin/ser[25948]: authenticating Sep 23 
> > > 10:39:34 voip2 /usr/sbin/ser[25948]: radius auth failure Sep 23 
> > > 10:39:34 voip2 /usr/sbin/ser[25945]: authenticating Sep 23 
> > > 10:39:34 voip2 /usr/sbin/ser[25945]: radius auth failure
> > > 
> > > And ngrep port 1812 shows no traffic at all.  Where are these auth 
> > > request going?  How can I get more debug info?
> > > 
> > > Thanks for your help.
> > > 
> > > Stephen
> > > 
> > > 
> > > _______________________________________________
> > > Serusers mailing list
> > > serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
> > 
> > _______________________________________________
> > Serusers mailing list
> > serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers


------------------------------

Message: 6
Date: Tue, 23 Sep 2003 18:46:27 +0200
From: Jan Janak <jan at iptel.org>
Subject: Re: [Serusers] Troubles setting up radius authentication
To: Steve Dolloff <sdolloff at noc.dls.net>
Cc: Serusers <serusers at lists.iptel.org>
Message-ID: <20030923164627.GL766 at localhost.localdomain>
Content-Type: text/plain; charset=iso-8859-2

Looking at modification time of sterman.c I realized that your sources are
not recent enough. The file was last modified on September 12 and you built
your server on September 11, so please try to update from the cvs, at least
auth_radius module.

  Jan.

On 23-09 11:39, Steve Dolloff wrote:
> This is my current info.
> 
> ser -V
> version: ser 0.8.12dev-t16 (i386/linux)
> flags: STATS:Off, USE_IPV6, USE_TCP, DISABLE_NAGLE, DNS_IP_HACK, 
> SHM_MEM, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, FAST_LOCK-ADAPTIVE_WAIT 
> ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, 
> MAX_URI_SIZE 1024, BUF_SIZE 65535
> @(#) $Id: main.c,v 1.167 2003/07/07 14:08:26 jiri Exp $ main.c 
> compiled on 10:02:36 Sep 11 2003 with gcc 3.2
> 
> this was built from source off of CVS.  If there is a newer version 
> that would give more info, I will recompile.
> 
> Stephen
> 
> 
> Hello,
> 
> >From the information below I can't say where the problem is, but I 
> >would
> say some attribute definitions are missing.
> 
> Unfortunatelly the stable version of auth_radius module doesn't print 
> much debugging messages when something goes wrong.
> 
> Did you compile your server from sources or do you use binary packages 
> ? You can try unstable version branch from the CVS, that should tell 
> you where the problem is, or I can send you a patch to stable version 
> if you can apply it and compile from sources.
> 
>   Jan.
> 
> On 23-09 11:24, Steve Dolloff wrote:
> > Yes, I have added the SIP definitions to the radiusclient library.  
> > It is the dictionary file defined in the radiusclient.conf file as 
> > /etc/sip_dictionary.  It was created using the dictionary file from 
> > radiusclient and adding the information from the link that you 
> > refered to.
> > 
> > -----------------------
> > 
> > Hello,
> > 
> > if there is no radius traffic then radiusclient library has some 
> > problems when buiding the request. Did you extend your radius
> dictionary
> > as described in http://iptel.org/ser/ser_radius.html ?
> > 
> >   Jan.
> > 
> > On 23-09 10:38, Steve Dolloff wrote:
> > > I am trying to switch from database authentication to radius 
> > > authentication.
> > > 
> > > I have compiled and installed the module.
> > > 
> > > I have added the following to my ser.cfg
> > > 
> > > modparam("auth_radius", "radius_config",
> "/etc/ser/radiusclient.conf")
> > > modparam("auth_radius", "service_type",15)
> > > 
> > >                         if (method=="REGISTER") {
> > >                                 log(1,"authenticating");
> > >                                 if
> (!radius_www_authorize("test.net"))
> > {
> > >                                         log(1,"radius auth
> failure");
> > >                                         www_challenge("test.net",
> > "0");
> > >                                         break;
> > >                                 };
> > > 
> > > I have configured the following in /etc/ser/radiusclient.conf
> > > authserver      radius1.test.net:1812
> > > authserver      radius2.test.net:1812
> > > servers         /etc/servers
> > > dictionary      /etc/sip_dictionary
> > > 
> > > I have configured the following in /etc/servers
> > > 
> > > Radius1.test.net	secret
> > > Radius2.test.net	secret2
> > > 
> > > I get the following in my messages log.
> > > 
> > > Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: authenticating Sep 23 
> > > 10:39:03 voip2 /usr/sbin/ser[25945]: radius auth failure Sep 23 
> > > 10:39:30 voip2 /usr/sbin/ser[25947]: authenticating Sep 23 
> > > 10:39:30 voip2 /usr/sbin/ser[25947]: radius auth failure Sep 23 
> > > 10:39:30 voip2 /usr/sbin/ser[25949]: authenticating Sep 23 
> > > 10:39:30 voip2 /usr/sbin/ser[25949]: radius auth failure Sep 23 
> > > 10:39:34 voip2 /usr/sbin/ser[25948]: authenticating Sep 23 
> > > 10:39:34 voip2 /usr/sbin/ser[25948]: radius auth failure Sep 23 
> > > 10:39:34 voip2 /usr/sbin/ser[25945]: authenticating Sep 23 
> > > 10:39:34 voip2 /usr/sbin/ser[25945]: radius auth failure
> > > 
> > > And ngrep port 1812 shows no traffic at all.  Where are these auth 
> > > request going?  How can I get more debug info?
> > > 
> > > Thanks for your help.
> > > 
> > > Stephen
> > > 
> > > 
> > > _______________________________________________
> > > Serusers mailing list
> > > serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
> > 
> > _______________________________________________
> > Serusers mailing list
> > serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers


------------------------------

_______________________________________________
Serusers mailing list
serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers


End of Serusers Digest, Vol 5, Issue 50
***************************************




More information about the sr-users mailing list