[Serusers] RADIUS between multiple domains + Fail Over Gateways
Alan Litster
alitster at telcoelectronics.co.uk
Thu Apr 29 16:24:18 CEST 2004
Hello List,
I've been using SER with RADIUS successfully now for a few months and am
very pleased with the result. It's used for authenticating users accessing
our gateways.
I know have a new requirement to extend this to provide authentication for
remote domains.
The setup being as follows.
We've got SER running with FreeRADIUS, then at the remote sites we will have
the same plus Asterisk that is to act as a local gateway.
I've configured the local FreeRADIUS instance to proxy the requests for the
remote SIP domains to the remote RADIUS server. Unfortunately this doesn't
work and I'm not sure why.
The SUA gets asked by the remote SIP proxy to authenticate, it then forwards
the INVITE to the local SER instance which then gets the LOCAL RADIUS to do
another auth. This doesn't work. However if I disable the local auth and
leave the remote auth enabled it works fine.
Has anyone successfully managed to get proxied radius auth to work?
My other question is to do with getting SER to send the INVITE to a
different gateway if the primary one is at capacity/out of action? Is there
an example of this sort of config?
Kind Regards,
Alan
-------------------------------------------------------------------------------------------------------
This email, and any files transmitted with it, is copyright and may contain confidential information.
The contents are intended for the use of the addressee(s) only.
Unauthorized use may be unlawful.
If you receive this email by mistake, please advise sender immediately.
The views of the author may not necessarily constitute the views of Telco Electronics Limited.
Nothing in this mail shall bind Telco Electronics Limited in any contract or obligation.
Telco Electronics Limited
6-8 Oxford Court
Brackley
Northants
NN13 7XY
Tel 07000 701999
Fax 07000 701777
More information about the sr-users
mailing list