[Serusers] SER & freeradius !
Daniel-Constantin Mierla
daniel at iptel.org
Mon Mar 15 10:51:11 CET 2004
Send us a sample of REGISTER/401 sequence that SIPPC sends to ser when
the authentication is on.
.Daniel
On 3/15/2004 8:20 AM, Anton wrote:
>Hello Daniel-Constantin Mierla & List
>
>Very interesting that when I've commented out the line about to
>authentification, e.g:
>
> if (!radius_www_authorize("fptnet.vn")) {
> www_challenge("fptnet.vn", "0");
> break;
> };
>
>it works ! SIPPC can registred with SER !
>
>What am I wrong ?
>Please HELP !
>Multiple thanks & regards,
>Anton
>
>----- Original Message -----
>From: "Anton" <antontran at fptnet.com.vn>
>To: <daniel at iptel.org>
>Cc: <serusers at lists.iptel.org>
>Sent: Monday, March 15, 2004 11:34 AM
>Subject: Re: [Serusers] SER & freeradius !
>
>
>
>
>>Hello Daniel-Constantin Mierla & List
>>
>>I've followed your advice, and still not see any reply from ser when
>>
>>
>monitor
>
>
>>net traffic by ethereal .
>>
>>Please, help me configure SER.
>>Thank you very much & best regard
>>Anton
>>
>>PS: Here is my ser.cfg:
>>==================
>>debug=3
>>fork=yes
>>log_stderror=yes
>>
>>check_via=no # (cmd. line: -v)
>>dns=no # (cmd. line: -r)
>>rev_dns=no # (cmd. line: -R)
>>port=5060
>>children=4
>>fifo="/tmp/ser_fifo"
>>alias="fptnet.vn"
>>alias="hnluat.edu"
>>alias="sgluat.edu"
>>alias="sg.fptnet.com"
>>alias="fptnet.com"
>>
>>#loadmodule "/usr/local/lib/ser/modules/mysql.so"
>>loadmodule "/usr/local/lib/ser/modules/sl.so"
>>loadmodule "/usr/local/lib/ser/modules/tm.so"
>>loadmodule "/usr/local/lib/ser/modules/rr.so"
>>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>>#loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
>>#loadmodule "/usr/local/lib/ser/modules/uri.so"
>>loadmodule "/usr/local/lib/ser/modules/auth.so"
>>#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>>loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
>>#loadmodule "/usr/local/lib/ser/modules/acc.so"
>>loadmodule "/usr/local/lib/ser/modules/xlog.so"
>>
>>modparam("usrloc", "db_mode", 0)
>>#modparam("uri_radius", "service_type", 11)
>>modparam("rr", "enable_full_lr", 1)
>>modparam("auth_radius", "radius_config",
>>"/usr/local/etc/radiusclient/radiusclient.conf")
>>#modparam("acc", "radius_config",
>>"/usr/local/etc/radiusclient/radiusclient.conf")
>>#modparam("xlog", "buf_size", 8192)
>>
>>
>>###
>>#modparam("acc", "log_level", 1)
>>#modparam("acc", "log_flag", 1)
>>#modparam("acc", "radius_flag", 1)
>>modparam("tm", "fr_inv_timer", 15 )
>>modparam("tm", "fr_timer", 10 )
>>modparam("auth", "secret", "testing123")
>>modparam("auth_radius", "service_type", 15)
>>###
>>
>>
>>route{
>>
>> if (!mf_process_maxfwd_header("10")) {
>> sl_send_reply("483","Too Many Hops");
>> break;
>> };
>># if ( msg:len > max_len ) {
>># sl_send_reply("513", "Message too big");
>># break;
>># };
>>
>> record_route();
>> if (loose_route()) {
>> t_relay();
>> break;
>> };
>>
>> if (uri==myself) {
>> xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
>> if (method=="REGISTER") {
>> # if (!www_authorize("mydomain", "subscriber")) {
>> if (!radius_www_authorize("fptnet.vn")) {
>> www_challenge("fptnet.vn", "0");
>> break;
>> };
>>
>> save("location");
>> break;
>> };
>>
>> setflag(1);
>> if (method=="INVITE") record_route();
>>
>> if (method=="REGISTER") {
>> log(1, "REGISTER received\n");
>> } else {
>> log(1, "non-REGISTER received\n");
>> };
>> if (uri=~"sip:.*[@:]fptnet.vn") {
>> log(1, "request for fptnet.vn\n");
>> } else {
>> log(1, "request for other domain received\n");
>> };
>>
>> if (!lookup("location")) {
>> sl_send_reply("404", "Not Found");
>> break;
>> };
>> #};
>> if (!t_relay()) {
>> sl_reply_error();
>> };
>>
>> };
>>}
>>
>>
>>
>>=============================
>>
>>----- Original Message -----
>>From: "Daniel-Constantin Mierla" <daniel at iptel.org>
>>To: "Anton" <antontran at fptnet.com.vn>
>>Cc: <serusers at lists.iptel.org>
>>Sent: Friday, March 12, 2004 5:07 PM
>>Subject: Re: [Serusers] SER & freeradius !
>>
>>
>>
>>
>>>Hello,
>>>it might be possible that the condition uri=~"fptnet.vn" does not match.
>>>It is better to use uri==myself and put alias="fptnet.vn" and other
>>>hostnames you may have just below the line fifo="/tmp/ser_fifo".
>>>
>>>If still doesnt work, watch the network (using ngrep or ethereal) and
>>>see how the SIP messages are routed. Also you can set log_stderror=yes,
>>>start ser from a console and you will be able to see lot of debug
>>>
>>>
>>messages.
>>
>>
>>>.Daniel
>>>
>>>On 3/12/2004 4:22 AM, Anton wrote:
>>>
>>>
>>>
>>>>Hello List,
>>>>
>>>>Please help me!
>>>>I've installed Ser & followed the RADIUS Howto in ser website.
>>>>Every thing seems to run, but radius is idle all the time, SIPPS
>>>>cannot registre with SER.
>>>>
>>>>Here is my ser.cfg file
>>>>
>>>>What I'm wrong ?
>>>>Any info is appreciated,
>>>>Best regards,
>>>>Anton
>>>>
>>>>=============================ser.cfg file ===============
>>>>
>>>>debug=7
>>>>fork=yes
>>>>log_stderror=no
>>>>
>>>>check_via=no # (cmd. line: -v)
>>>>dns=no # (cmd. line: -r)
>>>>rev_dns=no # (cmd. line: -R)
>>>>port=5060
>>>>children=4
>>>>fifo="/tmp/ser_fifo"
>>>>
>>>>#loadmodule "/usr/local/lib/ser/modules/mysql.so"
>>>>loadmodule "/usr/local/lib/ser/modules/sl.so"
>>>>loadmodule "/usr/local/lib/ser/modules/tm.so"
>>>>loadmodule "/usr/local/lib/ser/modules/rr.so"
>>>>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>>>>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>>>>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>>>>#loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
>>>>#loadmodule "/usr/local/lib/ser/modules/uri.so"
>>>>loadmodule "/usr/local/lib/ser/modules/auth.so"
>>>>#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>>>>loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
>>>>#loadmodule "/usr/local/lib/ser/modules/acc.so"
>>>>loadmodule "/usr/local/lib/ser/modules/xlog.so"
>>>>
>>>>modparam("usrloc", "db_mode", 0)
>>>>#modparam("uri_radius", "service_type", 11)
>>>>modparam("rr", "enable_full_lr", 1)
>>>>modparam("auth_radius", "radius_config",
>>>>"/usr/local/etc/radiusclient/radiusclient.conf")
>>>>#modparam("acc", "radius_config",
>>>>"/usr/local/etc/radiusclient/radiusclient.conf")
>>>>#modparam("xlog", "buf_size", 8192)
>>>>
>>>>
>>>>###
>>>>#modparam("acc", "log_level", 1)
>>>>#modparam("acc", "log_flag", 1)
>>>>#modparam("acc", "radius_flag", 1)
>>>>modparam("tm", "fr_inv_timer", 15 )
>>>>modparam("tm", "fr_timer", 10 )
>>>>modparam("auth", "secret", "testing123")
>>>>modparam("auth_radius", "service_type", 15)
>>>>###
>>>>
>>>>
>>>>route{
>>>>
>>>> if (!mf_process_maxfwd_header("10")) {
>>>> sl_send_reply("483","Too Many Hops");
>>>> break;
>>>> };
>>>># if ( msg:len > max_len ) {
>>>># sl_send_reply("513", "Message too big");
>>>># break;
>>>># };
>>>>
>>>> record_route();
>>>> if (loose_route()) {
>>>> t_relay();
>>>> break;
>>>> };
>>>>
>>>> if (uri=~"fptnet.vn") {
>>>> xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
>>>> if (method=="REGISTER") {
>>>> # if (!www_authorize("mydomain", "subscriber")) {
>>>> if (!radius_www_authorize("fptnet.com.vn")) {
>>>> www_challenge("fptnet.com.vn", "0");
>>>> break;
>>>> };
>>>>
>>>> save("location");
>>>> break;
>>>> };
>>>>
>>>> setflag(1);
>>>> if (method=="INVITE") record_route();
>>>>
>>>> if (method=="REGISTER") {
>>>> log(1, "REGISTER received\n");
>>>> } else {
>>>> log(1, "non-REGISTER received\n");
>>>> };
>>>> if (uri=~"sip:.*[@:]fptnet.vn") {
>>>> log(1, "request for fptnet.vn\n");
>>>> } else {
>>>> log(1, "request for other domain received\n");
>>>> };
>>>>
>>>> if (!lookup("location")) {
>>>> sl_send_reply("404", "Not Found");
>>>> break;
>>>> };
>>>> #};
>>>> if (!t_relay()) {
>>>> sl_reply_error();
>>>> };
>>>>
>>>> };
>>>>}
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>------------------------------------------------------------------------
>>
>>
>>>>_______________________________________________
>>>>Serusers mailing list
>>>>serusers at lists.iptel.org
>>>>http://lists.iptel.org/mailman/listinfo/serusers
>>>>
>>>>
>>>>
>
>
>
>
More information about the sr-users
mailing list