Re: [Serusers] SER/SIP & RADIUS/Auth-Type = Digest

I have installed freeradius according to the "HOW TO" for radius and

I am seeing the following error. I assume that since I am seeing

on both servers that it is a problem with either the dictionary or the client. Here are the new error logs... any ideas? rad_recv: Access-Request packet from host 209.242.100.153:33612,

length=148 User-Name = "sdolloff" Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7" Digest-Attributes = "\001\017voip2.test.net" Digest-Attributes = "\002\006test" Digest-Attributes = "\003\010INVITE" Digest-Attributes = "\004\034sip:5555551212@example.com" Digest-Attributes = "\006\005MD5" Digest-Attributes = "\n\nsdolloff" modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "chap" returns noop rlm_eap: EAP-Message not found modcall[authorize]: module "eap" returns noop rlm_digest: Converting Digest-Attributes to something sane... Digest-Realm = "voip2.test.net" Digest-Nonce = "test" Digest-Method = "INVITE" Digest-Uri = "sip:5555551212@example.com" Digest-Algorithm = "MD5" Digest-User-Name = "sdolloff" rlm_digest: Adding Auth-Type = DIGEST modcall[authorize]: module "digest" returns ok rlm_realm: No '@' in User-Name = "sdolloff", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop users: Matched DEFAULT at 152 modcall[authorize]: module "files" returns ok modcall[authorize]: module "mschap" returns noop modcall: group authorize returns ok rad_check_password: Found Auth-Type DIGEST auth: type "digest" modcall: entering group authenticate rlm_digest: Configuration item "User-Password" is required for authentication.

modcall[authenticate]: module "digest" returns invalid modcall: group authenticate returns invalid auth: Failed to validate the user. Delaying request 6 for 1 seconds Finished request 6 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 103 to 209.242.100.153:33612 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 6 ID 103 with timestamp 3f79e7dc Nothing to do. Sleeping until we see a request. Subject: Re: [Serusers] SER/SIP & RADIUS/Auth-Type = Digest On (30.09.03 13:54), Steve Dolloff wrote: Your RADIUS server has to support Digest Authentication, and the line above seems to indicate that it does not do that. If you can change your Radius server software, give Freeradius or Radiator (commercial, but excellent) a try. If you can not, try to educate your existing server to do CHAP-Type authentication. hope that helps. Alex Mayrhofer nic.at _______________________________________________ Serusers mailing list serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers