Hi,

I get the following:

[root@localhost radiusclient-ng]# radiusclient -f /usr/local/etc/radiusclient-ng/radiusclient.conf  'User-Name=101@mydomain.com' 'Password=101';echo $?

Reply-Message                    = 'Authenticated'

1

 

I guess the radiusclient is working fine since I am receiving the RADIUS packets on the freeradius debugs.

 

 

I suspect the following entries in the debug:

 

rad_recv: Access-Request packet from host 127.0.0.1:32901, id=197, length=64

        User-Name = "101@mydomain"

        Sip-Group = "suspended"

        Service-Type = Group-Check

        NAS-Port = 0

        NAS-IP-Address = 127.0.0.1

 

Why is openser setting the group to SUSPENDED???? Since there is no group named suspended on the radius that may be the reason the radius is rejecting:

 

 

RADIUS Users file:

### --- avps ---

101@mydomain.com Auth-Type := Accept, Service-Type == "SIP-Callee-AVPs"

        Sip-Avp += "#3#1",

        Sip-Avp += "#4:08:00",

        Sip-Avp += "#5:16:00",

        Sip-Avp += "#6:Mon,Wed,Thu,Fri"

 

102@mydomain.com Auth-Type := Accept, Service-Type == "SIP-Callee-AVPs"

        Sip-Avp += "#3#1",

        Sip-Avp += "#4:08:00",

        Sip-Avp += "#5:16:00",

        Sip-Avp += "#6:Mon,Wed,Thu,Free"

 

DEFAULT Auth-Type := Accept, Service-Type == "SIP-Callee-AVPs"

 

### --- group checking ---

### --- user 101 ---

101@mydomain.com Auth-Type := Accept, Sip-Group == "voip", Service-Type == "Group-Check"

        Reply-Message = "Authorized"

 

101@mydomain.com Auth-Type := Accept, Sip-Group == "suspended", Service-Type == "Group-Check"

        Reply-Message = "Authorized"

 

101@mydomain.com Auth-Type := Accept, Sip-Group == "pstn", Service-Type == "Group-Check"

        Reply-Message = "Authorized"

 

### --- user 102 ---

102@mydomain.com Auth-Type := Accept, Sip-Group == "voip", Service-Type == "Group-Check"

        Reply-Message = "Authorized"

 

DEFAULT Auth-Type := Reject, Service-Type == "Group-Check"

 

### --- user authentication ---

101@mydomain.com Auth-Type := Digest, User-Password == "101"

        Reply-Message = "Authenticated",

        Sip-Avp += "rpid:101",

        Sip-Avp += "#2:192.168.10.17",

#       Sip-Avp += "#2:192.168.2.11"

 

102@mydomain.com Auth-Type := Digest, User-Password == "102"

        Reply-Message = "Authenticated",

        Sip-Avp += "rpid:102",

#       Sip-Avp += "#2:192.168.2.12"

 

 


From: Edson [mailto:4lists@gmail.com]
Sent: Thursday, June 15, 2006 4:19 PM
To: 'Hamid Ali Asgari'; users@openser.org
Subject: RE: [Users] SIP Clients Can't REGISTER

 

Take a look on the user credentials on Radius DB… Radius is rejecting the authentication, so there should be some mismatch between Your login credentials and what Radius has in its DB.

 

Try to run this command and see what’s the result (linux version):

 

    radiusclient -f <conf-dir-of-radiusclient-ng>/radiusclient.conf -p 123 'User-Name=some@valid.user' 'Password=Guess';echo $?

 

It should return:

 

    Reply-Message                    = 'Authenticated'

 

Edson.