[Serusers] free radius and ser 0.10.99 64bit CPU error? - rc_check_reply: received invalid reply digest from RADIUS server

Greger V. Teigre greger at teigre.com
Mon Jan 29 20:42:12 CET 2007 

(I got three equal posts from you)

received invalid reply digest from RADIUS server
means that ser was not able to interpret the response from freeradius. 
This would normally be due to two different shared secrets. But as your 
attributes reach freeradius, there might be a problem in the reply. You 
could use wireshark to look at the communication to see if wireshark is 
able to interpret the response.
g-)

TZieleniewski wrote:
> Hi! 
> know I realy don't know what could be the problem.
> I have the same configuration set on two different machines
> On the first one everything works and on the other one there is still this problem.
> The only difference is that the first one is a 32 bit CPU and the second one is 64bit.
> Is is possible that radiusclient cannot work on 64 bit CPU
> What can I do in such situation??
> Please help
>
> -Tomasz
>
> tzieleniewski napisał(a):
>> hi I am still fighting with this issue and  there is one thing  more
>> is it correct that ser sends the attributes values in such form:
>>          NAS-Port = 0x000013c400000000
>>          NAS-IP-Address = 0x7f00000100000000
>> when I use another tool radtest delivered with freeradius the parameters are printed as for instance:
>>          NAS-IP-Address = 192.168.0.74
>>
>> Please help me with this problem I cann't figure out what could be wrong
>> I use libradiusclient-ng2 
>>
>> best Tomasz
>>
>>   
>>> Hi!
>>>
>>> I am setting SER to work with radius.
>>> When I try to authenticate user I get the following error:
>>> Jan 29 12:05:39 rd ser[2207]: rc_check_reply: received invalid reply digest from RADIUS server
>>>
>>> Ser sends the following Access request:
>>>         Packet-Type = Access-Request
>>>         User-Name = "hellboy at voip.touk.pl"
>>>         Digest-Attributes = 0x0a0968656c6c626f79
>>>         Digest-Attributes = 0x010e766f69702e746f756b2e706c
>>>         Digest-Attributes = 0x022a34356264636134623937373137333632653937323139316435306238383239356338326261363934
>>>         Digest-Attributes = 0x04127369703a766f69702e746f756b2e706c
>>>         Digest-Attributes = 0x030a5245474953544552
>>>         Digest-Attributes = 0x050661757468
>>>         Digest-Attributes = 0x090a3030303030303031
>>>         Digest-Attributes = 0x08223745414239354131344231423535314641344234333531353438364237363434
>>>         Digest-Response = "9e88c767fb24351dee073aea725b4240"
>>>         Service-Type = 0x0000000f00000000
>>>         SER-Service-Type = 0x0000000300000000
>>>         SER-Uri-User = "hellboy"
>>>         NAS-Port = 0x000013c400000000
>>>         NAS-IP-Address = 0x7f00000100000000
>>>
>>> Free radius answers:
>>> Mon Jan 29 11:42:37 2007
>>>         Packet-Type = Access-Accept
>>>         User-Name = "hellboy at voip.touk.pl"
>>>         Reply-Message = "Authenticated"
>>>         SER-UID = "hellboy at voip.touk.pl"
>>>
>>> Please tell what is missing that SER reports such problem?
>>>
>>> The radius debug may be helpful:
>>> modcall:  entering group Digest for request 0
>>>     rlm_digest: Converting Digest-Attributes to something sane...
>>>         Digest-User-Name = "hellboy"
>>>         Digest-Realm = "voip.touk.pl"
>>>         Digest-Nonce = "45bdd62fbc015a37f74ea55bacff289355a4e711"
>>>         Digest-URI = "sip:hellboy at voip.touk.pl"
>>>         Digest-Method = "INVITE"
>>>         Digest-QOP = "auth"
>>>         Digest-Nonce-Count = "00000001"
>>>         Digest-CNonce = "6A8675513A084320027EC9F1160D4EAC"
>>> A1 = hellboy:voip.touk.pl:hellboy
>>> A2 = INVITE:sip:hellboy at voip.touk.pl
>>> H(A1) = a383a13215180e1f7d2fc755c99af602
>>> H(A2) = b2bcd7301bd325296c0d4ad31546892f
>>> KD = a383a13215180e1f7d2fc755c99af602:45bdd62fbc015a37f74ea55bacff289355a4e711:00000001:6A8675513A084320027EC9F1160D4EAC:auth:b2bcd7301bd325296c0d4ad31546892f
>>> EXPECTED 3b561958428c5891959e8d3c6a466b62
>>> RECEIVED 3b561958428c5891959e8d3c6a466b62
>>>   modcall[authenticate]: module "digest" returns ok for request 0
>>> modcall: group Digest returns ok for request 0
>>> Login OK: [hellboy at voip.touk.pl/<via Auth-Type = DIGEST>] (from client localhost.ip4 port 0)
>>> Sending Access-Accept of id 54 to 127.0.0.1 port 32870
>>>         User-Name = "hellboy at voip.touk.pl"
>>>         SER-UID = "hellboy at voip.touk.pl"
>>>         Reply-Message = "Authenticated"
>>>
>>> best
>>> tomasz
>>> _______________________________________________
>>> Serusers mailing list
>>> Serusers at lists.iptel.org
>>> http://lists.iptel.org/mailman/listinfo/serusers
>>>     
>>
>> _______________________________________________
>> Serusers mailing list
>> Serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>>
>>   
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Serusers mailing list
> Serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20070129/6a056192/attachment.htm>

More information about the sr-users mailing list