[Serusers] SER & freeradius !

Tue Mar 16 04:07:17 CET 2004

Hello Daniel-Constantin & List

My Freeradius works well with Openh323gatekeeper on authentification as well
as on accounting (actually, Freeradius do all this stuff via Postgresql )

I'll send a sample of REGISTER/401 sequence that SIPPC sends to ser when the
authentication is on soon. (Sorry, I'm busy this day, so have not time to do
the test).

Thank you & best regards,
Anton

----- Original Message ----- 
From: "Daniel-Constantin Mierla" <daniel at iptel.org>
To: "Anton" <antontran at fptnet.com.vn>
Cc: <serusers at lists.iptel.org>
Sent: Monday, March 15, 2004 4:49 PM
Subject: Re: [Serusers] SER & freeradius !

> Hello,
>
> On 3/15/2004 5:34 AM, Anton wrote:
>
> >Hello Daniel-Constantin Mierla & List
> >
> >I've followed your advice, and still not see any reply from ser when
monitor
> >net traffic by ethereal .
> >
> >
> did you see the log messages written by
>
> xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
>
> for REGISTER requests?
>
> To see more debug messages into console, set
>
> debug=7
>
> into your config file.
>
> Have you tested your radius configuration as described in RADIUS  How-To?
(http://iptel.org/ser/doc/ser_radius/ser_radius.html#AEN146).
>
> .Daniel
>
> >Please, help me configure SER.
> >Thank you very much & best regard
> >Anton
> >
> >PS:  Here is my ser.cfg:
> >==================
> >debug=3
> >fork=yes
> >log_stderror=yes
> >
> >check_via=no # (cmd. line: -v)
> >dns=no           # (cmd. line: -r)
> >rev_dns=no      # (cmd. line: -R)
> >port=5060
> >children=4
> >fifo="/tmp/ser_fifo"
> >alias="fptnet.vn"
> >alias="hnluat.edu"
> >alias="sgluat.edu"
> >alias="sg.fptnet.com"
> >alias="fptnet.com"
> >
> >#loadmodule "/usr/local/lib/ser/modules/mysql.so"
> >loadmodule "/usr/local/lib/ser/modules/sl.so"
> >loadmodule "/usr/local/lib/ser/modules/tm.so"
> >loadmodule "/usr/local/lib/ser/modules/rr.so"
> >loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> >loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> >loadmodule "/usr/local/lib/ser/modules/registrar.so"
> >#loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
> >#loadmodule "/usr/local/lib/ser/modules/uri.so"
> >loadmodule "/usr/local/lib/ser/modules/auth.so"
> >#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
> >loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
> >#loadmodule "/usr/local/lib/ser/modules/acc.so"
> >loadmodule "/usr/local/lib/ser/modules/xlog.so"
> >
> >modparam("usrloc", "db_mode",   0)
> >#modparam("uri_radius", "service_type", 11)
> >modparam("rr", "enable_full_lr", 1)
> >modparam("auth_radius", "radius_config",
> >"/usr/local/etc/radiusclient/radiusclient.conf")
> >#modparam("acc", "radius_config",
> >"/usr/local/etc/radiusclient/radiusclient.conf")
> >#modparam("xlog", "buf_size", 8192)
> >
> >
> >###
> >#modparam("acc", "log_level", 1)
> >#modparam("acc", "log_flag", 1)
> >#modparam("acc", "radius_flag", 1)
> >modparam("tm", "fr_inv_timer", 15 )
> >modparam("tm", "fr_timer", 10 )
> >modparam("auth", "secret", "testing123")
> >modparam("auth_radius", "service_type", 15)
> >###
> >
> >
> >route{
> >
> > if (!mf_process_maxfwd_header("10")) {
> >  sl_send_reply("483","Too Many Hops");
> >  break;
> > };
> ># if ( msg:len > max_len ) {
> >#  sl_send_reply("513", "Message too big");
> >#  break;
> ># };
> >
> > record_route();
> > if (loose_route()) {
> >  t_relay();
> >  break;
> > };
> >
> > if (uri==myself) {
> >  xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
> >  if (method=="REGISTER") {
> >   # if (!www_authorize("mydomain", "subscriber")) {
> >   if (!radius_www_authorize("fptnet.vn")) {
> >    www_challenge("fptnet.vn", "0");
> >    break;
> >   };
> >
> >   save("location");
> >   break;
> >  };
> >
> >  setflag(1);
> >  if (method=="INVITE") record_route();
> >
> >  if (method=="REGISTER") {
> >         log(1, "REGISTER received\n");
> >         } else {
> >                 log(1, "non-REGISTER received\n");
> >         };
> >         if (uri=~"sip:.*[@:]fptnet.vn") {
> >                 log(1, "request for fptnet.vn\n");
> >         } else {
> >                 log(1, "request for other domain received\n");
> >         };
> >
> >  if (!lookup("location")) {
> >   sl_send_reply("404", "Not Found");
> >   break;
> >  };
> > #};
> >  if (!t_relay()) {
> >   sl_reply_error();
> >  };
> >
> > };
> >}
> >
> >
> >
> >=============================
> >
> >----- Original Message ----- 
> >From: "Daniel-Constantin Mierla" <daniel at iptel.org>
> >To: "Anton" <antontran at fptnet.com.vn>
> >Cc: <serusers at lists.iptel.org>
> >Sent: Friday, March 12, 2004 5:07 PM
> >Subject: Re: [Serusers] SER & freeradius !
> >
> >
> >
> >
> >>Hello,
> >>it might be possible that the condition uri=~"fptnet.vn" does not match.
> >>It is better to use uri==myself and put alias="fptnet.vn" and other
> >>hostnames you may have just below the line fifo="/tmp/ser_fifo".
> >>
> >>If still doesnt work, watch the network (using ngrep or ethereal) and
> >>see how the SIP messages are routed. Also you can set log_stderror=yes,
> >>start ser from a console and you will be able to see lot of debug
> >>
> >>
> >messages.
> >
> >
> >>.Daniel
> >>
> >>On 3/12/2004 4:22 AM, Anton wrote:
> >>
> >>
> >>
> >>>Hello List,
> >>>
> >>>Please help me!
> >>>I've installed Ser & followed the RADIUS Howto in ser website.
> >>>Every thing seems to run, but radius is idle all the time, SIPPS
> >>>cannot registre with SER.
> >>>
> >>>Here is my ser.cfg file
> >>>
> >>>What I'm wrong ?
> >>>Any info is appreciated,
> >>>Best regards,
> >>>Anton
> >>>
> >>>=============================ser.cfg file ===============
> >>>
> >>>debug=7
> >>>fork=yes
> >>>log_stderror=no
> >>>
> >>>check_via=no # (cmd. line: -v)
> >>>dns=no           # (cmd. line: -r)
> >>>rev_dns=no      # (cmd. line: -R)
> >>>port=5060
> >>>children=4
> >>>fifo="/tmp/ser_fifo"
> >>>
> >>>#loadmodule "/usr/local/lib/ser/modules/mysql.so"
> >>>loadmodule "/usr/local/lib/ser/modules/sl.so"
> >>>loadmodule "/usr/local/lib/ser/modules/tm.so"
> >>>loadmodule "/usr/local/lib/ser/modules/rr.so"
> >>>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> >>>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> >>>loadmodule "/usr/local/lib/ser/modules/registrar.so"
> >>>#loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
> >>>#loadmodule "/usr/local/lib/ser/modules/uri.so"
> >>>loadmodule "/usr/local/lib/ser/modules/auth.so"
> >>>#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
> >>>loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
> >>>#loadmodule "/usr/local/lib/ser/modules/acc.so"
> >>>loadmodule "/usr/local/lib/ser/modules/xlog.so"
> >>>
> >>>modparam("usrloc", "db_mode",   0)
> >>>#modparam("uri_radius", "service_type", 11)
> >>>modparam("rr", "enable_full_lr", 1)
> >>>modparam("auth_radius", "radius_config",
> >>>"/usr/local/etc/radiusclient/radiusclient.conf")
> >>>#modparam("acc", "radius_config",
> >>>"/usr/local/etc/radiusclient/radiusclient.conf")
> >>>#modparam("xlog", "buf_size", 8192)
> >>>
> >>>
> >>>###
> >>>#modparam("acc", "log_level", 1)
> >>>#modparam("acc", "log_flag", 1)
> >>>#modparam("acc", "radius_flag", 1)
> >>>modparam("tm", "fr_inv_timer", 15 )
> >>>modparam("tm", "fr_timer", 10 )
> >>>modparam("auth", "secret", "testing123")
> >>>modparam("auth_radius", "service_type", 15)
> >>>###
> >>>
> >>>
> >>>route{
> >>>
> >>>    if (!mf_process_maxfwd_header("10")) {
> >>>          sl_send_reply("483","Too Many Hops");
> >>>          break;
> >>>     };
> >>># if ( msg:len > max_len ) {
> >>>#  sl_send_reply("513", "Message too big");
> >>>#  break;
> >>># };
> >>>
> >>>     record_route();
> >>>     if (loose_route()) {
> >>>          t_relay();
> >>>          break;
> >>>     };
> >>>
> >>>     if (uri=~"fptnet.vn") {
> >>>          xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
> >>>          if (method=="REGISTER") {
> >>>   # if (!www_authorize("mydomain", "subscriber")) {
> >>>               if (!radius_www_authorize("fptnet.com.vn")) {
> >>>                    www_challenge("fptnet.com.vn", "0");
> >>>                    break;
> >>>               };
> >>>
> >>>               save("location");
> >>>               break;
> >>>          };
> >>>
> >>>          setflag(1);
> >>>          if (method=="INVITE") record_route();
> >>>
> >>>          if (method=="REGISTER") {
> >>>             log(1, "REGISTER received\n");
> >>>             } else {
> >>>                 log(1, "non-REGISTER received\n");
> >>>             };
> >>>         if (uri=~"sip:.*[@:]fptnet.vn") {
> >>>                 log(1, "request for fptnet.vn\n");
> >>>         } else {
> >>>                 log(1, "request for other domain received\n");
> >>>         };
> >>>
> >>>  if (!lookup("location")) {
> >>>   sl_send_reply("404", "Not Found");
> >>>   break;
> >>>  };
> >>> #};
> >>>  if (!t_relay()) {
> >>>   sl_reply_error();
> >>>  };
> >>>
> >>> };
> >>>}
> >>>
> >>>
> >>>
> >>>
> >>>
>
>>>------------------------------------------------------------------------
> >>>
> >>>_______________________________________________
> >>>Serusers mailing list
> >>>serusers at lists.iptel.org
> >>>http://lists.iptel.org/mailman/listinfo/serusers
> >>>
> >>>
> >>>
> >
> >_______________________________________________
> >Serusers mailing list
> >serusers at lists.iptel.org
> >http://lists.iptel.org/mailman/listinfo/serusers
> >
> >
> >