[Serusers] Radius Authentication

Klaus Darilion klaus.mailinglists at pernau.at
Tue Aug 2 12:25:35 CEST 2005


Use ethereal to capture the radius packets. Verify if there is really no 
username in the radius request, or if it is a problem in the radius server

klaus

Ryan Pagquil wrote:
> Guys,
>       I'm testing SER to authenticate with radius. But when I start 
> authenticating I see this on the radius log:
> 
> rad_recv: Access-Request packet from host 127.0.0.1:1131, id=222, 
> length=262
>        User-Name = "rpagquil at server4all"
>        Digest-Attributes = "\n\nrpagquil"
>        Digest-Attributes = "\001\014server4all"
>        Digest-Attributes = "\002*42ef48a123c4e75c2d998852eaa5d4fb14bc9917"
>        Digest-Attributes = "\004\020sip:server4all"
>        Digest-Attributes = "\003\nREGISTER"
>        Digest-Response = "1df283adcf333605c0007d8a86a2e332"
>        Service-Type = Sip-Session
>        Sip-URI-User = "rpagquil"
>        Cisco-AVPair = "call-id=CE373D63037311DABFB500E04CAB4AB4 at server4all"
>        NAS-IP-Address = 127.0.0.1
>        NAS-Port = 5060
> modcall: entering group authorize for request 150
>  modcall[authorize]: module "preprocess" returns ok for request 150
>  modcall[authorize]: module "chap" returns noop for request 150
>  modcall[authorize]: module "eap" returns noop for request 150
>    rlm_digest: Converting Digest-Attributes to something sane...
>        Digest-User-Name = "rpagquil"
>        Digest-Realm = "server4all"
>        Digest-Nonce = "42ef48a123c4e75c2d998852eaa5d4fb14bc9917"
>        Digest-URI = "sip:server4all"
>        Digest-Method = "REGISTER"
> rlm_digest: Adding Auth-Type = DIGEST
>  modcall[authorize]: module "digest" returns ok for request 150
>    rlm_realm: Looking up realm "server4all" for User-Name = 
> "rpagquil at server4all"
>    rlm_realm: No such realm "server4all"
>  modcall[authorize]: module "suffix" returns noop for request 150
>    users: Matched rpagquil at server4all at 138
>  modcall[authorize]: module "files" returns ok for request 150
>  modcall[authorize]: module "mschap" returns noop for request 150
> modcall: group authorize returns ok for request 150
>  rad_check_password:  Found Auth-Type Digest
> auth: type "Digest"
> modcall: entering group Auth-Type for request 150
> A1 = rpagquil:server4all:test
> A2 = REGISTER:sip:server4all
> KD = 
> 94b43b69398cb3ca2eef355e9875d36f:42ef48a123c4e75c2d998852eaa5d4fb14bc9917:33f62c1688cd77a13c84b07b3877bb1c 
> 
> *rlm_digest: FAILED authentication
>  modcall[authenticate]: module "digest" returns reject for request 150
> modcall: group Auth-Type returns reject for request 150
> auth: Failed to validate the user.
> Login incorrect: [rpagquil at server4all/<no User-Password attribute>] 
> (from client me2 port 5060)*
> 
> 
> It says that there is no User-Password attribute contained in my 
> authentication request. What could be the problem?
> 
> Thanks,
> 




More information about the sr-users mailing list