[Serusers] Making SER to work with Cisco RADIUS

Ilya Pekshev ilya.pekshev at fns.ru
Thu Apr 15 17:36:58 CEST 2004 

Hi,
 
i'm pretty new to ser and I'd love to know has anybody came across
making SER to work with Cisco ACS RADIUS server?
 
So far I can see they talking to each other, but Cisco loggs an error :
"Bad Request from NAS". I can see that username is passed
to the RADIUS server but SER shows an error:
 
 5(15475) receive_msg: cleaning up
 5(15475) tcp_read_req: content-length= 0
 5(15475) SIP Request:
 5(15475)  method:  <REGISTER>
 5(15475)  uri:     <sip:sip.fns.ru>
 5(15475)  version: <SIP/2.0>
 5(15475) parse_headers: flags=1
 5(15475) end of header reached, state=5
 5(15475) parse_headers: Via found, flags=1
 5(15475) parse_headers: this is the first via
 5(15475) After parse_msg...
 5(15475) preparing to run routing scripts...
 5(15475) DEBUG : is_maxfwd_present: searching for max_forwards header
 5(15475) parse_headers: flags=128
 5(15475) DEBUG: is_maxfwd_present: value = 70 
 5(15475) parse_headers: flags=8
 5(15475) DEBUG: add_param: tag=3de46d9fa4774112b66632d744e28ea5
 5(15475) DEBUG: add_param: epid=442289156c
 5(15475) end of header reached, state=29
 5(15475) parse_headers: flags=256
 5(15475) end of header reached, state=9
 5(15475) DEBUG: get_hdr_field: <To> [25]; uri=[sip:222333 at sip.fns.ru] 
 5(15475) DEBUG: to body [<sip:222333 at sip.fns.ru>
]
 5(15475) get_hdr_field: cseq <CSeq>: <2> <REGISTER>
 5(15475) DEBUG: get_hdr_body : content_length=0
 5(15475) found end of header
 5(15475) find_first_route(): No Route headers found
 5(15475) loose_route(): There is no Route HF
 5(15475) check_self - checking if host==us: 10==13 &&  [sip.fns.ru] ==
[192.168.14.18]
 5(15475) check_self - checking if port 5060 matches port 5060
 5(15475) check_self - checking if host==us: 10==9 &&  [sip.fns.ru] ==
[127.0.0.1]
 5(15475) check_self - checking if port 5060 matches port 5060
 5(15475) check_nonce(): comparing
[407f0b2e50ed56354282e03c50b13d45299cf105] and
[407f0b2e50ed56354282e03c50b13d45299cf105]
 5(15475) res: -2
 5(15475) radius_authorize_sterman(): Failure
 5(15475) build_auth_hf(): 'WWW-Authenticate: Digest realm="sip.fns.ru",
nonce="407f0b2e50ed56354282e03c50b13d45299cf105"
'
 5(15475) parse_headers: flags=-1
 5(15475) check_via_address(192.168.14.20, 192.168.14.20, 0)
 5(15475) tcp_send: tcp connection found (0x2832fde8), acquiring fd
 6(15476) tcp_main_loop: read response= 2832fde8, 1 from 5 (15475)
 5(15475) tcp_send, c= 0x2832fde8, n=8
 5(15475) tcp_send: after receive_fd: c= 0x2832fde8 n=4 fd=16
 5(15475) tcp_send: sending...
 5(15475) tcp_send: after write: c= 0x2832fde8 n=638 fd=16
 5(15475) tcp_send: buf=
SIP/2.0 401 Unauthorized
Via: SIP/2.0/TCP 192.168.14.20:13032
From:
<sip:222333 at sip.fns.ru>;tag=3de46d9fa4774112b66632d744e28ea5;epid=442289
156c
To: <sip:222333 at sip.fns.ru>;tag=ec4c46ea134bd13f46d10e4005923970.4590
Call-ID: 3b6cf7a1117541f38ed499a4b2c6b815 at 192.168.14.20
CSeq: 2 REGISTER
WWW-Authenticate: Digest realm="sip.fns.ru",
nonce="407f0b2e50ed56354282e03c50b13d45299cf105"
Server: Sip EXpress router ACS Build(0.8.12 (i386/freebsd))
Content-Length: 0
Warning: 392 192.168.14.18:5060 "Noisy feedback tells:  pid=15475
req_src_ip=192.168.14.20 req_src_port=2004 in_uri=sip:sip.fns.ru
out_uri=sip:sip.fns.ru via_cnt==1"
 5(15475) receive_msg: cleaning up
 5(15475) tcp_read: EOF on 0x2832fde8, FD 12
 5(15475) tcp_read_req: EOF
 5(15475) releasing con 0x2832fde8, state -1, fd=12, id=1
 5(15475)  extra_data 0x0
 6(15476) tcp_main_loop: reader response= 2832fde8, -1 from 0 
 6(15476) tcp_main_loop: destroying connection

 
Any help will be greatly appreciated!
 
Thanks,
Ilya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20040415/d2a9f79d/attachment.htm>

More information about the sr-users mailing list