[Users] Radius Authentication

Daniel-Constantin Mierla daniel at voice-system.ro
Sun Mar 12 13:35:51 CET 2006 

Hello,

I searched on google the error message ("Received invalid reply digest 
from server") and it is due to the fact that the radius client and 
server do not agree on share secret. You have to check that the same 
share secret is set for radiusclient as well as for freeradius server.  
Note that the latest versions of freeradius uses two files for 
configuring the radius client attributes: 'clients' and 'clients.conf'. 
In the radiusclient side you have to check the 'servers' file.

Cheers,
Daniel

On 03/09/06 00:49, Edson wrote:
> First, let me cut the length of this e-mail... ;)
>
> Now, the only message that appears is the one that I sended You in the
> previous e-mail.
>
> I played arround with the libradiusclient (file lib/sendserver.c) setting
> DIGEST_DEBUG (see a diff below) and recompile all stuff. Than I run openser
> with -TDdd and look the output. It shows me that the MD5 isn't equal. I try
> this after find this comments:
> http://lists.cistron.nl/pipermail/freeradius-users/2003-February/015851.html
>
> If it helps I can share an access to You in our server. Let me know about...
>
> Edson...
>
> =========================================================================
> 23a24,25
>   
>> #define DIGEST_DEBUG 1
>>
>>     
> 404a407,410
>   
>> #ifdef DIGEST_DEBUG
>>         unsigned char   *ptr=NULL;
>> #endif
>>
>>     
> 445c451
> <                 rc_log(LOG_ERR, "  %s", buf);
> ---
>   
>>                 rc_log(LOG_ERR, "  %s\n  [%s]", buf,secret);
>>     
> =========================================================================
>
>   
>> -----Original Message-----
>> From: Daniel-Constantin Mierla [mailto:daniel at voice-system.ro]
>> Sent: quarta-feira, 8 de março de 2006 16:26
>> To: Edson
>> Cc: 'OpenSER (E-mail)'
>> Subject: Re: [Users] Radius Authentication
>>
>> Hello,
>>
>> On 03/07/06 04:16, Edson wrote:
>>     
>>> I run it, now with FreeRadius in debug mode (see results in attached
>>>       
>> file),
>>     
>>> but nothing changed... I run with the two versions of radiusclient that
>>>       
>> I
>>     
>>> have...
>>>
>>> Any idea?
>>>
>>>       
>> I have seen that radius server returned authenticated, but the
>> libradiusclient-ng returns failure. You should get some error message in
>> the syslog file from libradiusclient-ng.
>>
>> I will set up a radius server and play with it in my environment.
>>
>> Cheers,
>> Daniel
>>
>>     
>>> Edson.
>>>
>>> PS: in attached file, You will find debug from OpenSER, FreeRadius and
>>>       
>> logs
>>     
>>> from /var/log/message and
>>> /var/log/radius/radacct/127.0.0.1/reply-detail-20060306.
>>>       
>
>
>

More information about the sr-users mailing list