[Serusers] Radius Authentication
Klaus Darilion
klaus.mailinglists at pernau.at
Tue Aug 2 12:25:35 CEST 2005
Use ethereal to capture the radius packets. Verify if there is really no
username in the radius request, or if it is a problem in the radius server
klaus
Ryan Pagquil wrote:
> Guys,
> I'm testing SER to authenticate with radius. But when I start
> authenticating I see this on the radius log:
>
> rad_recv: Access-Request packet from host 127.0.0.1:1131, id=222,
> length=262
> User-Name = "rpagquil at server4all"
> Digest-Attributes = "\n\nrpagquil"
> Digest-Attributes = "\001\014server4all"
> Digest-Attributes = "\002*42ef48a123c4e75c2d998852eaa5d4fb14bc9917"
> Digest-Attributes = "\004\020sip:server4all"
> Digest-Attributes = "\003\nREGISTER"
> Digest-Response = "1df283adcf333605c0007d8a86a2e332"
> Service-Type = Sip-Session
> Sip-URI-User = "rpagquil"
> Cisco-AVPair = "call-id=CE373D63037311DABFB500E04CAB4AB4 at server4all"
> NAS-IP-Address = 127.0.0.1
> NAS-Port = 5060
> modcall: entering group authorize for request 150
> modcall[authorize]: module "preprocess" returns ok for request 150
> modcall[authorize]: module "chap" returns noop for request 150
> modcall[authorize]: module "eap" returns noop for request 150
> rlm_digest: Converting Digest-Attributes to something sane...
> Digest-User-Name = "rpagquil"
> Digest-Realm = "server4all"
> Digest-Nonce = "42ef48a123c4e75c2d998852eaa5d4fb14bc9917"
> Digest-URI = "sip:server4all"
> Digest-Method = "REGISTER"
> rlm_digest: Adding Auth-Type = DIGEST
> modcall[authorize]: module "digest" returns ok for request 150
> rlm_realm: Looking up realm "server4all" for User-Name =
> "rpagquil at server4all"
> rlm_realm: No such realm "server4all"
> modcall[authorize]: module "suffix" returns noop for request 150
> users: Matched rpagquil at server4all at 138
> modcall[authorize]: module "files" returns ok for request 150
> modcall[authorize]: module "mschap" returns noop for request 150
> modcall: group authorize returns ok for request 150
> rad_check_password: Found Auth-Type Digest
> auth: type "Digest"
> modcall: entering group Auth-Type for request 150
> A1 = rpagquil:server4all:test
> A2 = REGISTER:sip:server4all
> KD =
> 94b43b69398cb3ca2eef355e9875d36f:42ef48a123c4e75c2d998852eaa5d4fb14bc9917:33f62c1688cd77a13c84b07b3877bb1c
>
> *rlm_digest: FAILED authentication
> modcall[authenticate]: module "digest" returns reject for request 150
> modcall: group Auth-Type returns reject for request 150
> auth: Failed to validate the user.
> Login incorrect: [rpagquil at server4all/<no User-Password attribute>]
> (from client me2 port 5060)*
>
>
> It says that there is no User-Password attribute contained in my
> authentication request. What could be the problem?
>
> Thanks,
>
More information about the sr-users
mailing list