hey Everyone,
me and my partner in the lab here have set up a very simple SER implementation. up to now we have been using digest authentication with mysql, and created users with serctl etc. it was nice to get it working and place some calls, we have a couple cisco 7960 phones as well as X-Lite clients. but in our tests we found that we could put *any* user name & password in the X-Lite config--and the calls would still succeed! the message console in X-Lite shows the 401 unautourized response to REGISTER [which is to be expected] but then if we go ahead and dial...the other phone will ring.
there must be an explanation. i see some people are using RADIUS for authentication; would a RADIUS implementation solve this problem? i cannot attach my ser.cfg just now...but it is almost completely stock anyway, the changes made were uncommenting the digest auth bits, and setting the domain name. ideas?
scott t, DSi