[Serusers] Re: Ser 0.9.6 + RADIUS

Daniel Corbe daniel.junkmail at gmail.com
Mon Jan 15 03:37:52 CET 2007 

Turned debug to 9, this is what I get


 0(19309) SIP Request:
 0(19309)  method:  <REGISTER>
 0(19309)  uri:     <sip:192.168.1.109>
 0(19309)  version: <SIP/2.0>
 0(19309) parse_headers: flags=1
 0(19309) Found param type 235, <rport> = <n/a>; state=6
 0(19309) Found param type 232, <branch> =
<z9hG4bK3AA0D153A44111DB884A0017F2C52DAE>; state=16
 0(19309) end of header reached, state=5
 0(19309) parse_headers: Via found, flags=1
 0(19309) parse_headers: this is the first via
 0(19309) After parse_msg...
 0(19309) preparing to run routing scripts...
 0(19309) parse_headers: flags=128
 0(19309) end of header reached, state=9
 0(19309) DEBUG: get_hdr_field: <To> [32]; uri=[sip:admin at 192.168.1.109]
 0(19309) DEBUG: to body [1234 <sip:admin at 192.168.1.109>
]
 0(19309) get_hdr_field: cseq <CSeq>: <40142> <REGISTER>
 0(19309) DEBUG:maxfwd:is_maxfwd_present: value = 70
 0(19309) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
 0(19309) parse_headers: flags=256
 0(19309) DEBUG: get_hdr_body : content_length=0
 0(19309) found end of header
 0(19309) find_first_route: No Route headers found
 0(19309) loose_route: There is no Route HF
 0(19309) XLOG: xl_print_log: final buffer length 26
 0(19309) REGISTER request received
 0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
 0(19309) parse_headers: flags=64
 0(19309) XLOG: xl_print_log: final buffer length 27
 0(19309) NATed client, enabling NAT
 0(19309) parse_headers: flags=4096
 0(19309) pre_auth(): Credentials with given realm not found
 0(19309) XLOG: xl_print_log: final buffer length 28
 0(19309) No Digest, sending challenge 0(19309) build_auth_hf():
'WWW-Authenticate: Digest realm="192.168.1.109",
nonce="45aaa391b970a38171714c791e2feec0b390aeed"
'
 0(19309) parse_headers: flags=-1
 0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
 0(19309) DEBUG:destroy_avp_list: destroying list 0x8b8b80b0
 0(19309) receive_msg: cleaning up
 0(19309) SIP Request:
 0(19309)  method:  <REGISTER>
 0(19309)  uri:     <sip:192.168.1.109>
 0(19309)  version: <SIP/2.0>
 0(19309) parse_headers: flags=1
 0(19309) Found param type 235, <rport> = <n/a>; state=6
 0(19309) Found param type 232, <branch> =
<z9hG4bK3AA5DFEFA44111DB884A0017F2C52DAE>; state=16
 0(19309) end of header reached, state=5
 0(19309) parse_headers: Via found, flags=1
 0(19309) parse_headers: this is the first via
 0(19309) After parse_msg...
 0(19309) preparing to run routing scripts...
 0(19309) parse_headers: flags=128
 0(19309) end of header reached, state=9
 0(19309) DEBUG: get_hdr_field: <To> [32]; uri=[sip:admin at 192.168.1.109]
 0(19309) DEBUG: to body [1234 <sip:admin at 192.168.1.109>
]
 0(19309) get_hdr_field: cseq <CSeq>: <40143> <REGISTER>
 0(19309) DEBUG:maxfwd:is_maxfwd_present: value = 70
 0(19309) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
 0(19309) parse_headers: flags=256
 0(19309) DEBUG: get_hdr_body : content_length=0
 0(19309) found end of header
 0(19309) find_first_route: No Route headers found
 0(19309) loose_route: There is no Route HF
 0(19309) XLOG: xl_print_log: final buffer length 26
 0(19309) REGISTER request received
 0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
 0(19309) parse_headers: flags=64
 0(19309) XLOG: xl_print_log: final buffer length 27
 0(19309) NATed client, enabling NAT
 0(19309) check_nonce(): comparing
[45aaa391b970a38171714c791e2feec0b390aeed] and
[45aaa391b970a38171714c791e2feec0b390aeed]
 0(19309) res: -1
 0(19309) radius_authorize_sterman(): Failure
 0(19309) XLOG: xl_print_log: final buffer length 28
 0(19309) No Digest, sending challenge 0(19309) build_auth_hf():
'WWW-Authenticate: Digest realm="192.168.1.109",
nonce="45aaa391b970a38171714c791e2feec0b390aeed"
'
 0(19309) parse_headers: flags=-1
 0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
 0(19309) DEBUG:destroy_avp_list: destroying list 0x8b8b80b0
 0(19309) receive_msg: cleaning up
 0(19309) udp_rcv_loop: probing packet received from 192.168.1.111 50195
 0(19309) udp_rcv_loop: probing packet received from 192.168.1.111 50195
 0(19309) SIP Request:
 0(19309)  method:  <REGISTER>
 0(19309)  uri:     <sip:192.168.1.109>
 0(19309)  version: <SIP/2.0>
 0(19309) parse_headers: flags=1
 0(19309) Found param type 235, <rport> = <n/a>; state=6
 0(19309) Found param type 232, <branch> =
<z9hG4bK46BAEDC8A44111DB884A0017F2C52DAE>; state=16
 0(19309) end of header reached, state=5
 0(19309) parse_headers: Via found, flags=1
 0(19309) parse_headers: this is the first via
 0(19309) After parse_msg...
 0(19309) preparing to run routing scripts...
 0(19309) parse_headers: flags=128
 0(19309) end of header reached, state=9
 0(19309) DEBUG: get_hdr_field: <To> [32]; uri=[sip:admin at 192.168.1.109]
 0(19309) DEBUG: to body [1234 <sip:admin at 192.168.1.109>
]
 0(19309) get_hdr_field: cseq <CSeq>: <40144> <REGISTER>
 0(19309) DEBUG:maxfwd:is_maxfwd_present: value = 70
 0(19309) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
 0(19309) parse_headers: flags=256
 0(19309) DEBUG: get_hdr_body : content_length=0
 0(19309) found end of header
 0(19309) find_first_route: No Route headers found
 0(19309) loose_route: There is no Route HF
 0(19309) XLOG: xl_print_log: final buffer length 26
 0(19309) REGISTER request received
 0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
 0(19309) parse_headers: flags=64
 0(19309) XLOG: xl_print_log: final buffer length 27
 0(19309) NATed client, enabling NAT
 0(19309) parse_headers: flags=4096
 0(19309) pre_auth(): Credentials with given realm not found
 0(19309) XLOG: xl_print_log: final buffer length 28
 0(19309) No Digest, sending challenge 0(19309) build_auth_hf():
'WWW-Authenticate: Digest realm="192.168.1.109",
nonce="45aaa3a5f0d6c451172fad0e9784ef0e7a83193e"
'
 0(19309) parse_headers: flags=-1
 0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
 0(19309) DEBUG:destroy_avp_list: destroying list 0x8b8b80b0
 0(19309) receive_msg: cleaning up
 0(19309) SIP Request:
 0(19309)  method:  <REGISTER>
 0(19309)  uri:     <sip:192.168.1.109>
 0(19309)  version: <SIP/2.0>
 0(19309) parse_headers: flags=1
 0(19309) Found param type 235, <rport> = <n/a>; state=6
 0(19309) Found param type 232, <branch> =
<z9hG4bK46BF0C4DA44111DB884A0017F2C52DAE>; state=16
 0(19309) end of header reached, state=5
 0(19309) parse_headers: Via found, flags=1
 0(19309) parse_headers: this is the first via
 0(19309) After parse_msg...
 0(19309) preparing to run routing scripts...
 0(19309) parse_headers: flags=128
 0(19309) end of header reached, state=9
 0(19309) DEBUG: get_hdr_field: <To> [32]; uri=[sip:admin at 192.168.1.109]
 0(19309) DEBUG: to body [1234 <sip:admin at 192.168.1.109>
]
 0(19309) get_hdr_field: cseq <CSeq>: <40145> <REGISTER>
 0(19309) DEBUG:maxfwd:is_maxfwd_present: value = 70
 0(19309) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
 0(19309) parse_headers: flags=256
 0(19309) DEBUG: get_hdr_body : content_length=0
 0(19309) found end of header
 0(19309) find_first_route: No Route headers found
 0(19309) loose_route: There is no Route HF
 0(19309) XLOG: xl_print_log: final buffer length 26
 0(19309) REGISTER request received
 0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
 0(19309) parse_headers: flags=64
 0(19309) XLOG: xl_print_log: final buffer length 27
 0(19309) NATed client, enabling NAT
 0(19309) check_nonce(): comparing
[45aaa3a5f0d6c451172fad0e9784ef0e7a83193e] and
[45aaa3a5f0d6c451172fad0e9784ef0e7a83193e]
 0(19309) res: -1
 0(19309) radius_authorize_sterman(): Failure
 0(19309) XLOG: xl_print_log: final buffer length 28
 0(19309) No Digest, sending challenge 0(19309) build_auth_hf():
'WWW-Authenticate: Digest realm="192.168.1.109",
nonce="45aaa3a5f0d6c451172fad0e9784ef0e7a83193e"
'
 0(19309) parse_headers: flags=-1
 0(19309) check_via_address(192.168.1.111, 192.168.1.111, 0)
 0(19309) DEBUG:destroy_avp_list: destroying list 0x8b8b80b0
 0(19309) receive_msg: cleaning up
 0(19309) udp_rcv_loop: probing packet received from 192.168.1.111 50195

On 1/14/07, Daniel Corbe <daniel.junkmail at gmail.com> wrote:
> I cannot get my SER to talk to my RADIUS server, its just blindly
> 401ing things without ever making contact with RADIUS.
>
> SER config looks like this
>
> if (method == "REGISTER") {
>         if (!radius_www_authorize("")) {
>                 www_challenge("", "1");
>                 break;
>         };
>
>         save("location");
> };
>
> radiusclient-ng servers file:
> 192.168.1.103                   heslo
>
> radiusclient.conf:
> auth_order      radius,local
> login_tries     4
> login_timeout   60
> authserver      192.168.1.103:1812
> acctserver      192.168.1.103:1813
> dictionary      /usr/local/etc/radiusclient-ng/dictionary
>
> FreeRADIUS clients.conf:
> client 192.168.1.109 {
>         secret          = heslo
>         shortname       = proxy1
>         nastype         = other
>
> Not sure what to do!
>

More information about the sr-users mailing list