[Serusers] radius_authorize_sterman(): Failure
Jan Janak
jan at iptel.org
Tue Jan 27 10:07:15 CET 2004
Either you have incorrect shared secret (so the radiusclient library and
radius server are using different shared secrets) or you forgot to
extend the radiusclient dictionary.
See http://iptel.org/ser/ser_radius.html for more details.
Jan.
On 26-01 20:19, Gregory D. Burns wrote:
> Guys,
>
>
> Im trying to setup radius Authenticate but cant figure out why I keep
> getting the below error. I have SER 0.12 and freeradius 0.9.3 installed on
> the same server. What could I be missing?
>
> Freeradius has this config in the user file:
> greg Auth-Type := Digest, User-Password == "xxxxx"
> Reply-Message = "Authenticated"
>
> Debug:
>
> 0(6147) SIP Request:
> 0(6147) method: <REGISTER>
> 0(6147) uri: <sip:64.81.88.148>
> 0(6147) version: <SIP/2.0>
> 0(6147) parse_headers: flags=1
> 0(6147) end of header reached, state=5
> 0(6147) parse_headers: Via found, flags=1
> 0(6147) parse_headers: this is the first via
> 0(6147) After parse_msg...
> 0(6147) preparing to run routing scripts...
> 0(6147) logging so message came in 0(6147) DEBUG : is_maxfwd_present:
> searching for max_forwards header
> 0(6147) parse_headers: flags=128
> 0(6147) end of header reached, state=9
> 0(6147) DEBUG: get_hdr_field: <To> [36];
> uri=[sip:2012 at 64.81.88.148;user=phone]
> 0(6147) DEBUG: to body [<sip:2012 at 64.81.88.148;user=phone>
> ]
> 0(6147) get_hdr_field: cseq <CSeq>: <12> <REGISTER>
> 0(6147) DEBUG: get_hdr_body : content_length=0
> 0(6147) found end of header
> 0(6147) DEBUG: is_maxfwd_present: max_forwards header not found!
> 0(6147) DEBUG: add_param: tag=2161114233
> 0(6147) end of header reached, state=29
> 0(6147) parse_headers: flags=256
> 0(6147) find_first_route(): No Route headers found
> 0(6147) loose_route(): There is no Route HF
> 0(6147) check_nonce(): comparing [4015e5a000c7aec015d8da7e158f8720532f4d22]
> and [4015e5a000c7aec015d8da7e158f8720532f4d22]
> 0(6147) res: -2
> 0(6147) radius_authorize_sterman(): Failure
> 0(6147) build_auth_hf(): 'WWW-Authenticate: Digest realm="64.81.88.148",
> nonce="4015e5a1ed5da080d2f74b1e0a65e54e4b4bae8f", qop="auth"
> '
>
> It looks like the radius server is working ok :
>
> rlm_digest: Converting Digest-Attributes to something sane...
> Digest-User-Name = "greg"
> Digest-Realm = "64.81.88.148"
> Digest-Nonce = "4015e5a000c7aec015d8da7e158f8720532f4d22"
> Digest-Uri = "sip:64.81.88.148"
> Digest-Method = "REGISTER"
> Digest-Qop = "auth"
> Digest-Nonce-Count = "00000001"
> Digest-Cnonce = "05efa56c"
> modcall[authorize]: module "digest" returns ok for request 108
> rlm_realm: Proxy reply, or no User-Name. Ignoring.
> modcall[authorize]: module "suffix" returns noop for request 108
> users: Matched DEFAULT at 152
> users: Matched greg at 214
> modcall[authorize]: module "files" returns ok for request 108
> modcall[authorize]: module "mschap" returns noop for request 108
> modcall: group authorize returns ok for request 108
> rad_check_password: Found Auth-Type Digest
> rad_check_password: Auth-Type = Accept, accepting the user
> radius_xlat: 'Authenticated'
> Sending Access-Accept of id 25 to 127.0.0.1:4720
> Reply-Message = "Authenticated"
> Finished request 108
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
More information about the sr-users
mailing list