[Serusers] SER + RADIUS authentication example?

samuel samu60 at gmail.com
Mon Sep 17 18:41:01 CEST 2007


Summarising:

you should get radiusclient-ng-0.5.5, but I guess you have it or can easily
google for it...

install it on the same machine SER running, configuing
radiusclient.confwith the radius server's parameters
(IP,password,etc..)

you have to include in both radius client and server the dictionary present
in ser's etc subdirectory named dictionary.ser

in ser.cfg you should set up next parameters:
# -- radius params --
modparam("auth_radius","radius_config","/usr/local/etc/radiusclient-ng/radiusclient.conf")
modparam("auth_radius","service_type",15)

and use next lines to authenticate users in the routing logic:

                if (!radius_www_authenticate("$fd.digest_realm")) {
                        if ($? == -2) {
                                sl_send_reply("500", "Internal Server
Error");
                        } else if ($? == -3) {
                                sl_send_reply("400", "Bad Request");
                        } else {
                                if ($digest_challenge) {

append_to_reply("%$digest_challenge");
                                }
                                sl_send_reply("401", "Unauthorized");
                        }
                        drop;
                };


I have SER 2.0 working with freeradius without major problems...case you
need more info, reply and I'll try to help if time magically appears ;)

sam

2007/9/7, Mike Trest - Personal <Mike at trest.com>:
>
> Hi,
>
> I have build my SER 2.0.0 with radius client to leverage existing
> authentication application.
>
> Can someone point me to any HOWTO use radius clent call authentication?
> Or, can some thoughtful person share their  own ser.cfg example?
>
> Thanks  ..mike..
>
>
>
> ---
> avast! Antivirus: Outbound message clean.
> Virus Database (VPS): 000771-1, 09/01/2007
> Tested on: 9/7/2007 9:44:06 AM
> avast! - copyright (c) 1988-2007 ALWIL Software.
> http://www.avast.com
>
>
>
> _______________________________________________
> Serusers mailing list
> Serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20070917/aa2fbf0e/attachment.htm>


More information about the sr-users mailing list