[Serusers] help with radius installation

varala ramakanth varala_kanth at yahoo.com
Wed Jun 2 13:12:15 CEST 2004 

thanks klaus,

i followed your steps from 1 to 6 successfully 

when executing the 7th step 

i get the err as


Errors reading dictionary: dict_init:
/usr/local/etc/raddb/dictionary[22]: Couldn't open
dictionary " 
/usr/local/etc/radiusclient/dictionary.ser": No such
file or directory
Errors reading radiusd.conf


i kept in another location i.e in /usr/local/share 

and checked with that path also

still the same message so please tell me 

where iam going wrong


thanks in advance


one more doubt can we run the ser with the gdb
debugger

so that we can trace back step by step

with regards
rama kanth varala


--- Klaus Darilion <klaus.mailinglists at pernau.at>
wrote:
> > it says error in reading the file
> > usr/loca/freeradius/dictionary
> > 
> > could not able to open
> > /usr/local/radiusclien/dictionray.ser
> > 
> > so what may be the problem
> > 
> 
> typos in your paths?
> 
> I've tried ser+radius once, and it worked fine with
> me!
> 
> Here is the step-by-step tutorial how I did it!
> 
> regards,
> klaus
> 
> 19.4.2004: ser+radius installation on mandrake 10.0;
> klaus darilion
> Note: This installation uses unstable ser, therefore
> the new 
> radiusclient library is necessary (radiusclient-ng).
> ser 0.8.12 stable still requires the original radius
> library from: 
> http://www.mcs.de/~lf/radius
> 
> In this setup, radius is only used for
> authentication, not for accounting!
> 
> 1. get ser:
> mkdir ser
> cd ser/
> export
>
CVSROOT=:pserver:anonymous at cvs.berlios.de:/cvsroot/ser
> cvs login
> cvs co sip_router
> cd ..
> 
> 2. get the new radiusclient
> mkdir radiusclient-ng
> cd radiusclient-ng/
> export
>
CVSROOT=:pserver:anonymous at cvs.berlios.de:/cvsroot/radiusclient-ng
> cvs login
> cvs co radiusclient-ng
> cd ..
> 
> 3. compile and install the radius client
> cd radiusclient-ng/radiusclient-ng
> ./configure
> ./make
> su
> ./make install
> exit
> cd ../..
> 
> 4. compile and install ser
> cd ser/sip_router
> make all
> make modules modules=modules/auth_radius
> su
> make install
> cp modules/auth_radius/auth_radius.so
> /usr/local/lib/ser/modules/
> cp rpm/ser.init /etc/init.d/ser
> vi /etc/init.d/ser
> -> change ser=/usr/sbin/ser to
> ser=/usr/local/sbin/ser, save and exit
> -> check if ser starts!
> /etc/init.d/ser start
> ps -A
> --> there should be plenty of ser processes
> /etc/init.d/ser stop
> ps -A
> --> all the ser processes should be stopped
> exit
> cd ../..
> 
> 5. configure radius client
> --> if the radius server is on another machine, edit
> 
> /usr/local/etc/radiusclient/radiusclient.conf and
> set authserver and 
> acctserver to the proper machine.
> --> configure the shared secret for your radius
> server in 
> /usr/local/etc/radiusclient/servers, e.g. I used:
> localhost testsecret
> --> add ser's sip dictionary (dictionary.ser ) to
> the dictionary of the 
> radius client:
> cd ser/sip_router
> su
> cp etc/dictionary.ser /usr/local/etc/radiusclient/
> cat /usr/local/etc/radiusclient/dictionary.ser 
>  >>/usr/local/etc/radiusclient/dictionary
> exit
> cd ../..
> 
> 6. installing a radius server, in this case
> freeradius
> -->get freeradius
> mkdir freeradius
> cd freeradius
> wget
>
ftp://ftp.freeradius.org/pub/radius/freeradius-0.9.3.tar.gz
> tar -xvzf freeradius-0.9.3.tar.gz
> cd freeradius-0.9.3
> ./configure
> make
> su
> make install
> vi /usr/local/etc/raddb/clients.conf
> --> set the shared secret in clients.conf, in my
> case: testsecret for 
> 127.0.0.1
> vi /usr/local/etc/raddb/dictionary
> --> add the following at the end the dictionary
> file: $INCLUDE 
> /usr/local/etc/radiusclient/dictionary.ser
> vi /usr/local/etc/raddb/radiusd.conf
> -->uncomment the word "digest" in the "authorize"
> and "authenticate" section
> vi /usr/local/etc/raddb/users
> -->insert a testuser:
> 	test Auth-Type := Digest, User-Password == "test"
> 		Reply-Message = "Hello, test with digest"
> 
> 7. test the radius server
> --> start freeradus in debug mode
> radiusd -X
> --> create a file called "digest" with the following
> content (everything 
> in one line)
> User-Name = "test", Digest-Response = 
> "631d6d73147add2f9e437f59bbc3aeb7", Digest-Realm =
> "testrealm", 
> Digest-Nonce = "1234abcd" , Digest-Method =
> "INVITE", Digest-URI = 
> "sip:5555551212 at example.com", Digest-Algorithm =
> "MD5", Digest-User-Name 
> = "test"
> --> send the request to the server
> radclient -f digest localhost auth testsecret
> -->this sould return:
> Received response ID 160, code 2, length = 45
>          Reply-Message = "Hello, test with digest"
> 
> 8. reconfigure ser for radius things
> --> RADIUS-related modules are not compiled by
> default. To compile them, 
> edit Makefile, find variable exclude_modules and you
> should see 
> "auth_radius", "group_radius", and "uri_radius"
> among excluded modules. 
> Simply remove the three modules from the list.
> -->If you need RADIUS accounting then edit also 
> sip_router/modules/acc/Makefile and uncomment lines
> containing:
> DEFS+=-DRAD_ACC
> LIBS=-L$(LOCALBASE)/lib -lradiusclient
> 
> 9. add radiusclient library to library path
> vi /etc/ld.so.conf
> --> add /usr/local/lib to the conf file
> ldconfig -v
> 
> 10. edit ser.cfg
> loadmodule "/usr/local/lib/ser/modules/auth.so"
> loadmodule
> "/usr/local/lib/ser/modules/auth_radius.so"
> -------------------------
> modparam("auth_radius", "radius_config", 
> "/usr/local/etc/radiusclient/radiusclient.conf")
> modparam("auth_radius", "service_type", 15)
> -------------------------
> # Uncomment this if you want to use digest
> authentication
>                          if
> (!radius_www_authorize("")) {
>                                  www_challenge("",
> "0");
>                                  break;
>                          };
> 
> 11. run ser
> 
> 



	
		
__________________________________
Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/

More information about the sr-users mailing list