[Serusers] Can't solve the problem. Need help.

This is the answer i got on the list : The second REGISTER (the block 3) must contains the response to the authentication challenge carried by 401 reply (block 2). That means that the block 3 must contain an Authorization header with authentication credentials computed according to HTTP-Digest authentication mechanism (RFC2617).

U sourceip:26012 -> xxx.xxx.xxx.xxx:5060 REGISTER sip:xxx.xxx.xxx.xxx SIP/2.0..Via: SIP/2.0/UDP sourceip:22115;branch=z9hG4bK4913f67fbbcfb571..From: "Alex " sip:phonenumber@xxx.xxx.xxx.xxx;tag=94a44507e03df901..To: sip:phonenumber@xxx.xxx.xxx.xxx..Contact: sip:phonenumber@sourceip:22115..Call-ID: c9f64c0c2ef27cd1@10.0.0.6..CSeq: 100 REGISTER..Expires: 3600..User-Agent: Grandstream HT286 1.0.5.11..Max-F orwards: 70..Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE..Content-Length: 0.... # U xxx.xxx.xxx.xxx:5060 -> sourceip:22115 SIP/2.0 401 Unauthorized..Via: SIP/2.0/UDP sourceip:22115;branch=z9hG4bK4913f67fbbcfb571..From: "Alex " sip:phonenumber@xxx.xxx.xxx.xxx; tag=94a44507e03df901..To: sip:phonenumber@xxx.xxx.xxx.xxx;tag=b27e1a1d33761e85846fc98f5f3a7e58.eb04..Call-I D: c9f64c0c2ef27cd1@10.0.0.6..CSeq: 100 REGISTER..WWW-Authenticate: Digest realm="xxx.xxx.xxx.xxx", nonce="42612dd595b3558cfdd4 46b83b081d1e2d3cc480"..Server: Sip EXpress router (0.8.14 (i386/linux))..Content-Length: 0..Warning: 392 xxx.xxx.xxx.xxx:5060 " Noisy feedback tells: pid=21363 req_src_ip=sourceip req_src_port=26012 in_uri=sip:xxx.xxx.xxx.xxx out_uri=sip:xxx.xxx.xxx.xxx via_cnt==1"....

# U sourceip:26012 -> xxx.xxx.xxx.xxx:5060 REGISTER sip:xxx.xxx.xxx.xxx SIP/2.0..Via: SIP/2.0/UDP sourceip:22115;branch=z9hG4bK4913f67fbbcfb571..From: "Alex " sip:phonenumber@xxx.xxx.xxx.xxx;tag=94a44507e03df901..To: sip:phonenumber@xxx.xxx.xxx.xxx..Contact: sip:phonenumber@sourceip:22115..Call-ID: c9f64c0c2ef27cd1@10.0.0.6..CSeq: 100 REGISTER..Expires: 3600..User-Agent: Grandstream HT286 1.0.5.11..Max-F orwards: 70..Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE..Content-Length: 0.... # U xxx.xxx.xxx.xxx:5060 -> sourceip:22115 SIP/2.0 401 Unauthorized..Via: SIP/2.0/UDP sourceip:22115;branch=z9hG4bK4913f67fbbcfb571..From: "Alex " sip:phonenumber@xxx.xxx.xxx.xxx;tag=94a44507e03df901..To: sip:phonenumber@xxx.xxx.xxx.xxx;tag=b27e1a1d33761e85846fc98f5f3a7e58.eb04..Call-I D: c9f64c0c2ef27cd1@10.0.0.6..CSeq: 100 REGISTER..WWW-Authenticate: Digest realm="xxx.xxx.xxx.xxx", nonce="42612dd63c17bd54baef 0f620d6b9b066c23c8ce"..Server: Sip EXpress router (0.8.14 (i386/linux))..Content-Length: 0..Warning: 392 xxx.xxx.xxx.xxx:5060 " Noisy feedback tells: pid=21360 req_src_ip=sourceip req_src_port=26012 in_uri=sip:xxx.xxx.xxx.xxx out_uri=sip:xxx.xxx.xxx.xxx via_cnt==1"....

here is my ser debug: -------------------------------------

12(21360) SIP Request: 12(21360) method: <REGISTER> 12(21360) uri: sip:xxx.xxx.xxx.xxx 12(21360) version: <SIP/2.0> 12(21360) parse_headers: flags=1 12(21360) Found param type 232, <branch> = <z9hG4bKf776a5d04027adc6>; state=16 12(21360) end of header reached, state=5 12(21360) parse_headers: Via found, flags=1 12(21360) parse_headers: this is the first via 12(21360) After parse_msg... 12(21360) preparing to run routing scripts... 12(21360) REGISTER message received 12(21360) REGISTER: Authenticating user 12(21360) parse_headers: flags=4 12(21360) end of header reached, state=9 12(21360) DEBUG: get_hdr_field: <To> [34]; uri=[sip:phonenumber@xxx.xxx.xxx.xxx] 12(21360) DEBUG: to body [sip:phonenumber@xxx.xxx.xxx.xxx ] 12(21360) parse_headers: flags=4096 12(21360) get_hdr_field: cseq <CSeq>: <100> <REGISTER> 12(21360) DEBUG: get_hdr_body : content_length=0 12(21360) found end of header 12(21360) pre_auth(): Credentials with given realm not found 12(21360) REGISTER: challenging user 12(21360) build_auth_hf(): 'WWW-Authenticate: Digest realm="xxx.xxx.xxx.xxx", nonce="42613540bb4462c045f7f3fe7714c3a1d6c0bca9" ' 12(21360) parse_headers: flags=-1 12(21360) check_via_address(62.219.160.40, 62.219.160.40, 1) 12(21360) DEBUG:destroy_avp_list: destroing list (nil) 12(21360) receive_msg: cleaning up

For some reason that i can not figure out i don't receive anything on the radius logs. it's looks like my granstream ATA286 not going through authectication process. when i change the ip of the sip server to different one (2-server) it's working perfect. The grandstream ATA286 sending same packets, on the 2 server it's working, on 1- one nothing happens. on the problematic server i have clean installation of freeradius-1.02 radiusclient-4.8 ser-8.14

I tested the installation of the freeradius with the : radclient -f digest localhost auth testing123 Received response ID 134, code 2, length = 45 Reply-Message = "Hello, test with digest"

radius logs: ---------------------------------------------- rad_recv: Access-Request packet from host 127.0.0.1:32844, id=134, length=140 User-Name = "test" Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7" Digest-Attributes = "\001\013testrealm" Digest-Attributes = "\002\n1234abcd" Digest-Attributes = "\003\010INVITE" Digest-Attributes = "\004\034sip:5555551212@example.com" Digest-Attributes = "\006\005MD5" Digest-Attributes = "\n\006test" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_digest: Converting Digest-Attributes to something sane... Digest-Realm = "testrealm" Digest-Nonce = "1234abcd" Digest-Method = "INVITE" Digest-URI = "sip:5555551212@example.com" Digest-Algorithm = "MD5" Digest-User-Name = "test" rlm_digest: Adding Auth-Type = DIGEST modcall[authorize]: module "digest" returns ok for request 0 rlm_realm: No '@' in User-Name = "test", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry DEFAULT at line 152 users: Matched entry test at line 215 modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type Digest auth: type "digest" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 A1 = test:testrealm:test A2 = INVITE:sip:5555551212@example.com KD = 1e00d6dbd30441265df6064b9d9b7da9:1234abcd:675b8c827b388805aa252ea38bfb6804 modcall[authenticate]: module "digest" returns ok for request 0 modcall: group authenticate returns ok for request 0 radius_xlat: 'Hello, test with digest' Sending Access-Accept of id 134 to 127.0.0.1:32844 Reply-Message = "Hello, test with digest" Finished request 0

I need some help to figure out that's the problem with this server. And what can be a reason what i don't see any authentication process in the radius , when the packets coming from ATA286 to authenticate the the user.

Thanks for any help.