[Users] auth_radius

Tue Aug 8 11:45:47 CEST 2006

On 08/08/06 12:30, Pavel D. Kuzin wrote:
> thanks for link.
> I`m have error in syslog "openser: rc_check_reply: received invalid 
> reply digest from RADIUS server"
> I double checked shared secrets , both on client and server. Both are 
> equal.

there are two files in the server side which may keep the secret phrase: 
clients and clients.conf. Did you check both?

Cheers,
Daniel

>
> -- 
> Pavel D.Kuzin
> System Administrator
> Nodex  ISP
> St. Petersburg, Russia
> pk at nodex.ru
> http://nodex.ru
> ----- Original Message ----- From: "Daniel-Constantin Mierla" 
> <daniel at voice-system.ro>
> To: "Pavel D. Kuzin" <pk at nodex.ru>
> Cc: "Klaus Darilion" <klaus.mailinglists at pernau.at>; <users at openser.org>
> Sent: Tuesday, August 08, 2006 1:12 PM
> Subject: Re: [Users] auth_radius
>
>
>> Check this as well as your syslog file:
>>
>> http://www.openser.org/docs/openser-radius-1.0.x.html#troubleshooting
>>
>> Cheers,
>> Daniel
>>
>>
>> On 08/08/06 11:37, Pavel D. Kuzin wrote:
>>> i inserted record in FAQ. but problem is still there..
>>>
>>>  modcall[authorize]: module "auth_log" returns ok for request 0
>>> rlm_digest: Adding Auth-Type = DIGEST
>>>  modcall[authorize]: module "digest" returns ok for request 0
>>> radius_xlat:  'tosha at qqq.ru'
>>> rlm_sql (sql): sql_set_user escaped user --> 'tosha at qqq.ru'
>>> radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM 
>>> VOIP_USER_CHECK_ATTRS WHERE Username = 
>>> GET_VOIP_USERNAME('tosha at qqq.ru') ORDER BY id'
>>> rlm_sql (sql): Reserving sql socket id: 4
>>> SELECT id,UserName,Attribute,Value,op FROM VOIP_USER_CHECK_ATTRS 
>>> WHERE Username = GET_VOIP_USERNAME('tosha at qqq.ru') ORDER BY id
>>> radius_xlat:  ''
>>> radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM 
>>> VOIP_USER_ATTRS WHERE Username = GET_VOIP_USERNAME('tosha at qqq.ru') 
>>> ORDER BY id'
>>> SELECT id,UserName,Attribute,Value,op FROM VOIP_USER_ATTRS WHERE 
>>> Username = GET_VOIP_USERNAME('tosha at qqq.ru') ORDER BY id
>>> radius_xlat:  ''
>>> rlm_sql (sql): Released sql socket id: 4
>>>  modcall[authorize]: module "sql" returns ok for request 0
>>> modcall: leaving group authorize (returns ok) for request 0
>>>  rad_check_password:  Found Auth-Type DIGEST
>>> auth: type "digest"
>>>  Processing the authenticate section of radiusd.conf
>>> modcall: entering group authenticate for request 0
>>>    rlm_digest: Converting Digest-Attributes to something sane...
>>>        Digest-User-Name = "tosha"
>>>        Digest-Realm = "qqq.ru"
>>>        Digest-Nonce = "44d84e9c923538a4e1494d6424b7f646ee07770a"
>>>        Digest-URI = "sip:192.168.39.54"
>>>        Digest-Method = "REGISTER"
>>> A1 = tosha:qqq.ru:_Tosha
>>> A2 = REGISTER:sip:192.168.39.54
>>> KD = 
>>> 5283c9af82a2017998cc93dfb2a55e18:44d84e9c923538a4e1494d6424b7f646ee07770a:766b213050bc8924c2a7fcd125637028 
>>>
>>>  modcall[authenticate]: module "digest" returns ok for request 0
>>> modcall: leaving group authenticate (returns ok) for request 0
>>> radius_xlat:  'Authenticated'
>>>  Processing the post-auth section of radiusd.conf
>>> modcall: entering group post-auth for request 0
>>> radius_xlat:  
>>> '/usr/local/radius/var/log/radius/radacct/127.0.0.1/reply-detail-20060808' 
>>>
>>> rlm_detail: 
>>> /usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d 
>>> expands to 
>>> /usr/local/radius/var/log/radius/radacct/127.0.0.1/reply-detail-20060808 
>>>
>>>  modcall[post-auth]: module "reply_log" returns ok for request 0
>>> rlm_sql (sql): Processing sql_postauth
>>> radius_xlat:  'tosha at nodex.ru'
>>> rlm_sql (sql): sql_set_user escaped user --> 'tosha at nodex.ru'
>>>  modcall[post-auth]: module "sql" returns noop for request 0
>>> modcall: leaving group post-auth (returns ok) for request 0
>>> Sending Access-Accept of id 189 to 127.0.0.1 port 61304
>>>        Reply-Message = "Authenticated"
>>>        Sip-RPId = "88123321139"
>>> Finished request 0
>>>
>>>
>>> -- 
>>> Pavel D.Kuzin
>>> System Administrator
>>> Nodex  ISP
>>> St. Petersburg, Russia
>>> pk at nodex.ru
>>> http://nodex.ru
>>> ----- Original Message ----- From: "Klaus Darilion" 
>>> <klaus.mailinglists at pernau.at>
>>> To: "Pavel D. Kuzin" <pk at nodex.ru>
>>> Cc: <users at openser.org>
>>> Sent: Tuesday, August 08, 2006 12:23 PM
>>> Subject: Re: [Users] auth_radius
>>>
>>>
>>>> Try these: http://openser.org/dokuwiki/doku.php?id=radius
>>>>
>>>> regards
>>>> klaus
>>>>
>>>> Pavel D. Kuzin wrote:
>>>>> trying to setup radius and set to work together.
>>>>> sems have a strange problem....
>>>>> ser recives " 0(5447) ERROR:auth_radius:radius_authorize_sterman: 
>>>>> rc_auth failed"
>>>>> but freeradius reply is "Sending Access-Accept of id 172 to 
>>>>> 127.0.0.1 port 56137
>>>>>        Reply-Message = "Authenticated"
>>>>>        Sip-RPId = "88123321139"
>>>>> Finished request 0
>>>>> "
>>>>>
>>>>> Please tell me what is a problem?
>>>>>
>>>>> -- 
>>>>> Pavel D.Kuzin
>>>>> System Administrator
>>>>> Nodex  ISP
>>>>> St. Petersburg, Russia
>>>>> pk at nodex.ru
>>>>> http://nodex.ru
>>>>>
>>>>> _______________________________________________
>>>>> Users mailing list
>>>>> Users at openser.org
>>>>> http://openser.org/cgi-bin/mailman/listinfo/users
>>>>
>>>>
>>>
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at openser.org
>>> http://openser.org/cgi-bin/mailman/listinfo/users
>>>
>>
>