On Thursday 18 March 2004 16:32, Ticknor.Scott@ic.gc.ca wrote:
hey Everyone,
me and my partner in the lab here have set up a very simple SER implementation. up to now we have been using digest authentication with mysql, and created users with serctl etc. it was nice to get it working and place some calls, we have a couple cisco 7960 phones as well as X-Lite clients. but in our tests we found that we could put *any* user name & password in the X-Lite config--and the calls would still succeed! the message console in X-Lite shows the 401 unautourized response to REGISTER [which is to be expected] but then if we go ahead and dial...the other phone will ring.
there must be an explanation. i see some people are using RADIUS for authentication; would a RADIUS implementation solve this problem? i cannot attach my ser.cfg just now...but it is almost completely stock anyway, the changes made were uncommenting the digest auth bits, and setting the domain name. ideas?
You have to activate authentication for all type message by hand, like you allready did for REGISTER by uncommenting the lines in the config. Without seeing your config and watching into my crystal ball i guess you configuration only authenticates REGSITER messages. RADIUS will help you in no way, because you also have to place the autentication parts at the right places of your config.
Nils