[Serusers] Vovida's B2BUA and SER ?
Iqbal
iqbal at gigo.co.uk
Thu Apr 28 18:10:00 CEST 2005
You could give your users a password ='.' that would make it work
:-), or use asterisk B2BUA, or there is a commercial one called sippy.
From vovida doc
http://www.vovida.org/downloads/b2bua/README-b2bua-1.4.0.txt
1. Currently B2BUA assumes that all calls reaching it are already
authenticated and the message includes embedded authorization data. The
assumption is that the previous hop to the B2BUA will do the user
authentication and the INVITE coming to B2BUA would contain the
Proxy-authorization field containing the User ID. The UserID is taken as
the raw data and sent to the RADIUS server for authorization. It is
assumued that even if the User ID is encrypted the server would do the
right thing.
2. The password sent for authorization is hard-coded to "." . To suit a
specific vendor in the future, there is a plan to incorporate a vendor
specific password in the B2BUA configuration file. This password can
also come from provisioning.
Hope that helps
Iqbal
Lucas Aimaretto wrote:
>Hi there,
>
>You know I've got good results with Vovida's b2bua, because I'm trying
>to use the session-timeout attribute for prepaid users. It works nicely.
>Nicely if the User has NO PASSWORD ASSIGNED ...
>
>This is the configuration:
>
>
>UA <----> B2BUA <---> SER
> |
> |
> RADIUS
>
>AT Register Time, there are no problems. b2bua sends the REGISTER
>message ( with digest-attrbiutes ) to radius, and the UA gets
>registered, with no problems ( with or without password it works fine ).
>
>When an INVITE is sent ... b2bua sends Authorization to RADIUS ... but
>as User-Password value, it sends a dot ( yes!!! a DOT "." ) ... look
>
>rad_recv: Access-Request packet from host 192.168.1.253:1024, id=1,
>length=82
> User-Name = "1992001"
> User-Password = "."
> NAS-IP-Address = 192.168.1.253
> NAS-Port = 1000
> Called-Station-Id = "543515684478"
> Calling-Station-Id = "1992001"
> Processing the authorize section of radiusd.conf
>modcall: entering group authorize for request 228
> modcall[authorize]: module "preprocess" returns ok for request 228
> modcall[authorize]: module "attr_filter" returns noop for request 228
> modcall[authorize]: module "chap" returns noop for request 228
> modcall[authorize]: module "digest" returns noop for request 228
> rlm_realm: No '@' in User-Name = "1992001", looking up realm NULL
> rlm_realm: No such realm "NULL"
> modcall[authorize]: module "suffix" returns noop for request 228
>radius_xlat: '1992001'
>rlm_sql (sql): sql_set_user escaped user --> '1992001'
>radius_xlat: 'rad_authorize_check_query '1992001''
>rlm_sql (sql): Reserving sql socket id: 1
>radius_xlat: ''
>radius_xlat: 'rad_authorize_reply_query '1992001','543515684478''
>radius_xlat: ''
>rlm_sql (sql): No matching entry in the database for request from user
>[1992001]
>rlm_sql (sql): Released sql socket id: 1
> modcall[authorize]: module "sql" returns notfound for request 228
>modcall: group authorize returns ok for request 228
> Entro a rad_check_password
>auth: No authenticate method (Auth-Type) configuration found for the
>request: Rejecting the user
>auth: Failed to validate the user.
>
>.... obviously, the user will never authenticate.
>
>I know this is not the place for asking this, but vovidas mailing list
>is not working and I thought that someone my have been thru this problem
>already.
>
>Any help would be really appreciated.... if not, any help with other
>b2bua would be very helpful too.
>
>Regards,
>
>Lucas
>
>
>
More information about the sr-users
mailing list