[Serusers] SER and IC-RADIUS
Bruno Lopes F. Cabral
bruno at openline.com.br
Tue Nov 16 21:19:05 CET 2004
Hi
I'm playing with this right now, so I'll try to comment a bit
Lucas Aimaretto wrote:
> ... And this is the radclient OUTPUT ...
>
> Received response ID 86, code 2, length = 52
> Vendor-9-Attr-102 =
> 0x683332332d6372656469742d616d6f756e743d31392e3030
the correct response should be
Login OK: [test] (from client localhost port 0)
Sending Access-Accept of id 188 to 127.0.0.1:32769
Reply-Message = "Hello, test with digest"
if I recall correctly, IC-RADIUS is based on Cistron
RADIUS. Cistron RADIUS don't have digest auth support,
and it seems never will. Cistron's author recommend
to use FreeRADIUS instead, which has the Digest
support and correctly give the result shown above
so... I drop my Cistron RADIUS and installed FreeRADIUS
to see how it behave on my test server
> Questions:
>
> 1) Although I sent to radius diferent ATTRIBUTES, RADIUS recognized all
> of them (except for one, Digest-Response) as Digest-Attributes. Why is
> that?
may be because IC-RADIUS doesn't have digest support?
> 2) All of the values sent to RADIUS, for each attribute, are different
> from the ones originally sent. For example ...
>
> sent: Digest-Method = "INVITE"
> received: Digest-Attributes = "\003\010INVITE"
>
> So you see the "\003\010" chars in front of the string "INVITE"
> ... Why is that?
I also noticed that with FreeRADIUS. no clue on this one
> Well, I hope you can clarify some (better if all of them ;-) )
> of my doubts.
one thing I could not find was an example ser.cfg that logs
the calls via RADIUS. All posts I found tend to guide to
http://www.iptel.org/ser/doc/modules/html/acc.html
but I'm far new to SER to be able to convert the man page
on a working example ;-)
I'm using pretty much the etc/nathelper.cfg example config
on my tests.
hope this helps
Cheers
!3runo
More information about the sr-users
mailing list