Sorry, I 've no glue. Are the access permissons sent correctly?
regards,
klaus
varala ramakanth wrote:
thanks klaus,
i followed your steps from 1 to 6 successfully
when executing the 7th step
i get the err as
Errors reading dictionary: dict_init:
/usr/local/etc/raddb/dictionary[22]: Couldn't open
dictionary "
/usr/local/etc/radiusclient/dictionary.ser": No such
file or directory
Errors reading radiusd.conf
i kept in another location i.e in /usr/local/share
and checked with that path also
still the same message so please tell me
where iam going wrong
thanks in advance
one more doubt can we run the ser with the gdb
debugger
so that we can trace back step by step
with regards
rama kanth varala
--- Klaus Darilion <klaus.mailinglists(a)pernau.at>
wrote:
it says
error in reading the file
usr/loca/freeradius/dictionary
could not able to open
/usr/local/radiusclien/dictionray.ser
so what may be the problem
typos in your paths?
I've tried ser+radius once, and it worked fine with
me!
Here is the step-by-step tutorial how I did it!
regards,
klaus
19.4.2004: ser+radius installation on mandrake 10.0;
klaus darilion
Note: This installation uses unstable ser, therefore
the new
radiusclient library is necessary (radiusclient-ng).
ser 0.8.12 stable still requires the original radius
library from:
http://www.mcs.de/~lf/radius
In this setup, radius is only used for
authentication, not for accounting!
1. get ser:
mkdir ser
cd ser/
export
CVSROOT=:pserver:anonymous@cvs.berlios.de:/cvsroot/ser
cvs login
cvs co sip_router
cd ..
2. get the new radiusclient
mkdir radiusclient-ng
cd radiusclient-ng/
export
CVSROOT=:pserver:anonymous@cvs.berlios.de:/cvsroot/radiusclient-ng
cvs login
cvs co radiusclient-ng
cd ..
3. compile and install the radius client
cd radiusclient-ng/radiusclient-ng
./configure
./make
su
./make install
exit
cd ../..
4. compile and install ser
cd ser/sip_router
make all
make modules modules=modules/auth_radius
su
make install
cp modules/auth_radius/auth_radius.so
/usr/local/lib/ser/modules/
cp rpm/ser.init /etc/init.d/ser
vi /etc/init.d/ser
-> change ser=/usr/sbin/ser to
ser=/usr/local/sbin/ser, save and exit
-> check if ser starts!
/etc/init.d/ser start
ps -A
--> there should be plenty of ser processes
/etc/init.d/ser stop
ps -A
--> all the ser processes should be stopped
exit
cd ../..
5. configure radius client
--> if the radius server is on another machine, edit
/usr/local/etc/radiusclient/radiusclient.conf and
set authserver and
acctserver to the proper machine.
--> configure the shared secret for your radius
server in
/usr/local/etc/radiusclient/servers, e.g. I used:
localhost testsecret
--> add ser's sip dictionary (dictionary.ser ) to
the dictionary of the
radius client:
cd ser/sip_router
su
cp etc/dictionary.ser /usr/local/etc/radiusclient/
cat /usr/local/etc/radiusclient/dictionary.ser
>/usr/local/etc/radiusclient/dictionary
exit
cd ../..
6. installing a radius server, in this case
freeradius
-->get freeradius
mkdir freeradius
cd freeradius
wget
ftp://ftp.freeradius.org/pub/radius/freeradius-0.9.3.tar.gz
tar -xvzf freeradius-0.9.3.tar.gz
cd freeradius-0.9.3
./configure
make
su
make install
vi /usr/local/etc/raddb/clients.conf
--> set the shared secret in clients.conf, in my
case: testsecret for
127.0.0.1
vi /usr/local/etc/raddb/dictionary
--> add the following at the end the dictionary
file: $INCLUDE
/usr/local/etc/radiusclient/dictionary.ser
vi /usr/local/etc/raddb/radiusd.conf
-->uncomment the word "digest" in the "authorize"
and "authenticate" section
vi /usr/local/etc/raddb/users
-->insert a testuser:
test Auth-Type := Digest, User-Password == "test"
Reply-Message = "Hello, test with digest"
7. test the radius server
--> start freeradus in debug mode
radiusd -X
--> create a file called "digest" with the following
content (everything
in one line)
User-Name = "test", Digest-Response =
"631d6d73147add2f9e437f59bbc3aeb7", Digest-Realm =
"testrealm",
Digest-Nonce = "1234abcd" , Digest-Method =
"INVITE", Digest-URI =
"sip:5555551212@example.com", Digest-Algorithm =
"MD5", Digest-User-Name
= "test"
--> send the request to the server
radclient -f digest localhost auth testsecret
-->this sould return:
Received response ID 160, code 2, length = 45
Reply-Message = "Hello, test with digest"
8. reconfigure ser for radius things
--> RADIUS-related modules are not compiled by
default. To compile them,
edit Makefile, find variable exclude_modules and you
should see
"auth_radius", "group_radius", and "uri_radius"
among excluded modules.
Simply remove the three modules from the list.
-->If you need RADIUS accounting then edit also
sip_router/modules/acc/Makefile and uncomment lines
containing:
DEFS+=-DRAD_ACC
LIBS=-L$(LOCALBASE)/lib -lradiusclient
9. add radiusclient library to library path
vi /etc/ld.so.conf
--> add /usr/local/lib to the conf file
ldconfig -v
10. edit ser.cfg
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule
"/usr/local/lib/ser/modules/auth_radius.so"
-------------------------
modparam("auth_radius", "radius_config",
"/usr/local/etc/radiusclient/radiusclient.conf")
modparam("auth_radius", "service_type", 15)
-------------------------
# Uncomment this if you want to use digest
authentication
if
(!radius_www_authorize("")) {
www_challenge("",
"0");
break;
};
11. run ser
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/