[Serusers] SER with freeradius
gagan tewari
gagantewari at rediffmail.com
Sat Oct 9 11:57:26 CEST 2004
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20041009/35f42963/attachment.htm>
-------------- next part --------------
Hi,
I am trying to do the authentication of users trying to REGISTER with the SER through freeradius.
However all the authentication request coming to the freeradius fails because there is no User-Password being sent by the SER.
I am presenting below my output of radiusd -X.
I have searched a lot for this in the mailing list but so far not able to find out where the problem lies.
I have configured the freeradius and the SER according to the Radius HOW TO document and have the user myuser in the users file of the radius.
I will highly appriciate any guidance in this regards.
Thnx in advance.
Gagan
---------------------Radiusd -X output --------------------------------
rad_recv: Access-Request packet from host 192.168.0.127:1677, id=37, length=268
User-Name = "myuser at 192.168.0.127"
Digest-Attributes = "\n\010myuser"
Digest-Attributes = "\001\017192.168.0.127"
Digest-Attributes = "\002*41678a51d2fcd76cbd9549862c28ac3b8dec2e10"
Digest-Attributes = "\004\023sip:192.168.0.127"
Digest-Attributes = "\003\nREGISTER"
Digest-Response = "9feae6633ef373fb17a808f6fbc2c9ef"
Service-Type = SIP
Sip-URI-User = "myuser"
Cisco-AVPair = "call-id=1C19E4E150F94542A929598DBC3BC743 at 192.168.0.127"
NAS-IP-Address = 192.168.0.127
NAS-Port = 5060
Sat Oct 9 15:12:41 2004 : Debug: Processing the authorize section of radiusd.conf
Sat Oct 9 15:12:41 2004 : Debug: modcall: entering group authorize for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modcall[authorize]: module "preprocess" returns ok for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modcall[authorize]: module "chap" returns noop for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modcall[authorize]: module "mschap" returns noop for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: calling digest (rlm_digest) for request 3
Sat Oct 9 15:12:41 2004 : Debug: rlm_digest: Converting Digest-Attributes to something sane...
Digest-User-Name = "myuser"
Digest-Realm = "192.168.0.127"
Digest-Nonce = "41678a51d2fcd76cbd9549862c28ac3b8dec2e10"
Digest-URI = "sip:192.168.0.127"
Digest-Method = "REGISTER"
Sat Oct 9 15:12:41 2004 : Debug: rlm_digest: Adding Auth-Type = DIGEST
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: returned from digest (rlm_digest) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modcall[authorize]: module "digest" returns ok for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 3
Sat Oct 9 15:12:41 2004 : Debug: rlm_realm: Looking up realm "192.168.0.127" for User-Name = "myuser at 192.168.0.127"
Sat Oct 9 15:12:41 2004 : Debug: rlm_realm: No such realm "192.168.0.127"
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modcall[authorize]: module "suffix" returns noop for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 3
Sat Oct 9 15:12:41 2004 : Debug: rlm_eap: No EAP-Message, not doing EAP
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modcall[authorize]: module "eap" returns noop for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: calling files (rlm_files) for request 3
Sat Oct 9 15:12:41 2004 : Debug: users: Matched DEFAULT at 152
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modcall[authorize]: module "files" returns ok for request 3
Sat Oct 9 15:12:41 2004 : Debug: modcall: group authorize returns ok for request 3
Sat Oct 9 15:12:41 2004 : Debug: rad_check_password: Found Auth-Type DIGEST
Sat Oct 9 15:12:41 2004 : Debug: auth: type "digest"
Sat Oct 9 15:12:41 2004 : Debug: Processing the authenticate section of radiusd.conf
Sat Oct 9 15:12:41 2004 : Debug: modcall: entering group authenticate for request 3
Sat Oct 9 15:12:41 2004 : Debug: modsingle[authenticate]: calling digest (rlm_digest) for request 3
Sat Oct 9 15:12:41 2004 : Auth: rlm_digest: Configuration item "User-Password" is required for authentication.Sat Oct 9 15:12:41 2004 : Debug: modsingle[authenticate]: returned from digest (rlm_digest) for request 3
Sat Oct 9 15:12:41 2004 : Debug: modcall[authenticate]: module "digest" returns invalid for request 3
Sat Oct 9 15:12:41 2004 : Debug: modcall: group authenticate returns invalid for request 3
Sat Oct 9 15:12:41 2004 : Debug: auth: Failed to validate the user.
Sat Oct 9 15:12:41 2004 : Auth: Login incorrect: [myuser at 192.168.0.127/<no User-Password attribute>] (from client linux0 port 5060)
More information about the sr-users
mailing list