15 Apr
2004
15 Apr
'04
6:36 p.m.
Hi,
i'm pretty new to ser and I'd love to know has anybody came across
making SER to work with Cisco ACS RADIUS server?
So far I can see they talking to each other, but Cisco loggs an error :
"Bad Request from NAS". I can see that username is passed
to the RADIUS server but SER shows an error:
5(15475) receive_msg: cleaning up
5(15475) tcp_read_req: content-length= 0
5(15475) SIP Request:
5(15475) method: <REGISTER>
5(15475) uri: <sip:sip.fns.ru>
5(15475) version: <SIP/2.0>
5(15475) parse_headers: flags=1
5(15475) end of header reached, state=5
5(15475) parse_headers: Via found, flags=1
5(15475) parse_headers: this is the first via
5(15475) After parse_msg...
5(15475) preparing to run routing scripts...
5(15475) DEBUG : is_maxfwd_present: searching for max_forwards header
5(15475) parse_headers: flags=128
5(15475) DEBUG: is_maxfwd_present: value = 70
5(15475) parse_headers: flags=8
5(15475) DEBUG: add_param: tag=3de46d9fa4774112b66632d744e28ea5
5(15475) DEBUG: add_param: epid=442289156c
5(15475) end of header reached, state=29
5(15475) parse_headers: flags=256
5(15475) end of header reached, state=9
5(15475) DEBUG: get_hdr_field: <To> [25]; uri=[sip:222333@sip.fns.ru]
5(15475) DEBUG: to body [<sip:222333@sip.fns.ru>
]
5(15475) get_hdr_field: cseq <CSeq>: <2> <REGISTER>
5(15475) DEBUG: get_hdr_body : content_length=0
5(15475) found end of header
5(15475) find_first_route(): No Route headers found
5(15475) loose_route(): There is no Route HF
5(15475) check_self - checking if host==us: 10==13 && [sip.fns.ru] ==
[192.168.14.18]
5(15475) check_self - checking if port 5060 matches port 5060
5(15475) check_self - checking if host==us: 10==9 && [sip.fns.ru] ==
[127.0.0.1]
5(15475) check_self - checking if port 5060 matches port 5060
5(15475) check_nonce(): comparing
[407f0b2e50ed56354282e03c50b13d45299cf105] and
[407f0b2e50ed56354282e03c50b13d45299cf105]
5(15475) res: -2
5(15475) radius_authorize_sterman(): Failure
5(15475) build_auth_hf(): 'WWW-Authenticate: Digest realm="sip.fns.ru",
nonce="407f0b2e50ed56354282e03c50b13d45299cf105"
'
5(15475) parse_headers: flags=-1
5(15475) check_via_address(192.168.14.20, 192.168.14.20, 0)
5(15475) tcp_send: tcp connection found (0x2832fde8), acquiring fd
6(15476) tcp_main_loop: read response= 2832fde8, 1 from 5 (15475)
5(15475) tcp_send, c= 0x2832fde8, n=8
5(15475) tcp_send: after receive_fd: c= 0x2832fde8 n=4 fd=16
5(15475) tcp_send: sending...
5(15475) tcp_send: after write: c= 0x2832fde8 n=638 fd=16
5(15475) tcp_send: buf=
SIP/2.0 401 Unauthorized
Via: SIP/2.0/TCP 192.168.14.20:13032
From:
<sip:222333@sip.fns.ru>;tag=3de46d9fa4774112b66632d744e28ea5;epid=442289
156c
To: <sip:222333@sip.fns.ru>;tag=ec4c46ea134bd13f46d10e4005923970.4590
Call-ID: 3b6cf7a1117541f38ed499a4b2c6b815(a)192.168.14.20
CSeq: 2 REGISTER
WWW-Authenticate: Digest realm="sip.fns.ru",
nonce="407f0b2e50ed56354282e03c50b13d45299cf105"
Server: Sip EXpress router ACS Build(0.8.12 (i386/freebsd))
Content-Length: 0
Warning: 392 192.168.14.18:5060 "Noisy feedback tells: pid=15475
req_src_ip=192.168.14.20 req_src_port=2004 in_uri=sip:sip.fns.ru
out_uri=sip:sip.fns.ru via_cnt==1"
5(15475) receive_msg: cleaning up
5(15475) tcp_read: EOF on 0x2832fde8, FD 12
5(15475) tcp_read_req: EOF
5(15475) releasing con 0x2832fde8, state -1, fd=12, id=1
5(15475) extra_data 0x0
6(15476) tcp_main_loop: reader response= 2832fde8, -1 from 0
6(15476) tcp_main_loop: destroying connection
Any help will be greatly appreciated!
Thanks,
Ilya
18 Apr
18 Apr
8 p.m.
Make sure that both -- the radius server and libradiusclient have configured
the same secrect (this problem seems to happen often). Also make sure
that both side have all entries in dictionaries.
Jan.
On 15-04 19:36, Ilya Pekshev wrote:
Hi,
i'm pretty new to ser and I'd love to know has anybody came across
making SER to work with Cisco ACS RADIUS server?
So far I can see they talking to each other, but Cisco loggs an error :
"Bad Request from NAS". I can see that username is passed
to the RADIUS server but SER shows an error:
5(15475) receive_msg: cleaning up
5(15475) tcp_read_req: content-length= 0
5(15475) SIP Request:
5(15475) method: <REGISTER>
5(15475) uri: <sip:sip.fns.ru>
5(15475) version: <SIP/2.0>
5(15475) parse_headers: flags=1
5(15475) end of header reached, state=5
5(15475) parse_headers: Via found, flags=1
5(15475) parse_headers: this is the first via
5(15475) After parse_msg...
5(15475) preparing to run routing scripts...
5(15475) DEBUG : is_maxfwd_present: searching for max_forwards header
5(15475) parse_headers: flags=128
5(15475) DEBUG: is_maxfwd_present: value = 70
5(15475) parse_headers: flags=8
5(15475) DEBUG: add_param: tag=3de46d9fa4774112b66632d744e28ea5
5(15475) DEBUG: add_param: epid=442289156c
5(15475) end of header reached, state=29
5(15475) parse_headers: flags=256
5(15475) end of header reached, state=9
5(15475) DEBUG: get_hdr_field: <To> [25]; uri=[sip:222333@sip.fns.ru]
5(15475) DEBUG: to body [<sip:222333@sip.fns.ru>
]
5(15475) get_hdr_field: cseq <CSeq>: <2> <REGISTER>
5(15475) DEBUG: get_hdr_body : content_length=0
5(15475) found end of header
5(15475) find_first_route(): No Route headers found
5(15475) loose_route(): There is no Route HF
5(15475) check_self - checking if host==us: 10==13 && [sip.fns.ru] ==
[192.168.14.18]
5(15475) check_self - checking if port 5060 matches port 5060
5(15475) check_self - checking if host==us: 10==9 && [sip.fns.ru] ==
[127.0.0.1]
5(15475) check_self - checking if port 5060 matches port 5060
5(15475) check_nonce(): comparing
[407f0b2e50ed56354282e03c50b13d45299cf105] and
[407f0b2e50ed56354282e03c50b13d45299cf105]
5(15475) res: -2
5(15475) radius_authorize_sterman(): Failure
5(15475) build_auth_hf(): 'WWW-Authenticate: Digest realm="sip.fns.ru",
nonce="407f0b2e50ed56354282e03c50b13d45299cf105"
'
5(15475) parse_headers: flags=-1
5(15475) check_via_address(192.168.14.20, 192.168.14.20, 0)
5(15475) tcp_send: tcp connection found (0x2832fde8), acquiring fd
6(15476) tcp_main_loop: read response= 2832fde8, 1 from 5 (15475)
5(15475) tcp_send, c= 0x2832fde8, n=8
5(15475) tcp_send: after receive_fd: c= 0x2832fde8 n=4 fd=16
5(15475) tcp_send: sending...
5(15475) tcp_send: after write: c= 0x2832fde8 n=638 fd=16
5(15475) tcp_send: buf=
SIP/2.0 401 Unauthorized
Via: SIP/2.0/TCP 192.168.14.20:13032
From:
<sip:222333@sip.fns.ru>;tag=3de46d9fa4774112b66632d744e28ea5;epid=442289
156c
To: <sip:222333@sip.fns.ru>;tag=ec4c46ea134bd13f46d10e4005923970.4590
Call-ID: 3b6cf7a1117541f38ed499a4b2c6b815(a)192.168.14.20
CSeq: 2 REGISTER
WWW-Authenticate: Digest realm="sip.fns.ru",
nonce="407f0b2e50ed56354282e03c50b13d45299cf105"
Server: Sip EXpress router ACS Build(0.8.12 (i386/freebsd))
Content-Length: 0
Warning: 392 192.168.14.18:5060 "Noisy feedback tells: pid=15475
req_src_ip=192.168.14.20 req_src_port=2004 in_uri=sip:sip.fns.ru
out_uri=sip:sip.fns.ru via_cnt==1"
5(15475) receive_msg: cleaning up
5(15475) tcp_read: EOF on 0x2832fde8, FD 12
5(15475) tcp_read_req: EOF
5(15475) releasing con 0x2832fde8, state -1, fd=12, id=1
5(15475) extra_data 0x0
6(15476) tcp_main_loop: reader response= 2832fde8, -1 from 0
6(15476) tcp_main_loop: destroying connection
Any help will be greatly appreciated!
Thanks,
Ilya
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
7527
days inactive
7530
days old
1 comments
2 participants
participants (2)
-
Ilya Pekshev -
Jan Janak