23 Sep
2003
23 Sep
'03
7:39 p.m.
This is my current info.
ser -V
version: ser 0.8.12dev-t16 (i386/linux)
flags: STATS:Off, USE_IPV6, USE_TCP, DISABLE_NAGLE, DNS_IP_HACK,
SHM_MEM, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024, BUF_SIZE 65535
@(#) $Id: main.c,v 1.167 2003/07/07 14:08:26 jiri Exp $
main.c compiled on 10:02:36 Sep 11 2003 with gcc 3.2
this was built from source off of CVS. If there is a newer version that
would give more info, I will recompile.
Stephen
Hello,
From the information below I can't say where the
problem is, but I would
say some attribute definitions are missing.
Unfortunatelly the stable version of auth_radius module doesn't print
much debugging messages when something goes wrong.
Did you compile your server from sources or do you use binary packages ?
You can try unstable version branch from the CVS, that should tell you
where the problem is, or I can send you a patch to stable version if you
can apply it and compile from sources.
Jan.
On 23-09 11:24, Steve Dolloff wrote:
Yes, I have added the SIP definitions to the
radiusclient library. It
is the dictionary file defined in the radiusclient.conf file as
/etc/sip_dictionary. It was created using the dictionary file from
radiusclient and adding the information from the link that you refered
to.
-----------------------
Hello,
if there is no radius traffic then radiusclient library has some
problems when buiding the request. Did you extend your radius
dictionary
as described in http://iptel.org/ser/ser_radius.html
?
Jan.
On 23-09 10:38, Steve Dolloff wrote:
> I am trying to switch from database authentication to radius
> authentication.
>
> I have compiled and installed the module.
>
> I have added the following to my ser.cfg
>
> modparam("auth_radius", "radius_config",
"/etc/ser/radiusclient.conf")
> modparam("auth_radius",
"service_type",15)
>
> if (method=="REGISTER") {
> log(1,"authenticating");
> if
(!radius_www_authorize("test.net"))
{
> log(1,"radius auth
failure");
www_challenge("test.net",
"0");
break;
};
I have configured the following in /etc/ser/radiusclient.conf
authserver radius1.test.net:1812
authserver radius2.test.net:1812
servers /etc/servers
dictionary /etc/sip_dictionary
I have configured the following in /etc/servers
Radius1.test.net secret
Radius2.test.net secret2
I get the following in my messages log.
Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: authenticating
Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: radius auth failure
Sep 23 10:39:30 voip2 /usr/sbin/ser[25947]: authenticating
Sep 23 10:39:30 voip2 /usr/sbin/ser[25947]: radius auth failure
Sep 23 10:39:30 voip2 /usr/sbin/ser[25949]: authenticating
Sep 23 10:39:30 voip2 /usr/sbin/ser[25949]: radius auth failure
Sep 23 10:39:34 voip2 /usr/sbin/ser[25948]: authenticating
Sep 23 10:39:34 voip2 /usr/sbin/ser[25948]: radius auth failure
Sep 23 10:39:34 voip2 /usr/sbin/ser[25945]: authenticating
Sep 23 10:39:34 voip2 /usr/sbin/ser[25945]: radius auth failure
And ngrep port 1812 shows no traffic at all. Where are these auth
request going? How can I get more debug info?
Thanks for your help.
Stephen
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers 
23 Sep
23 Sep
7:40 p.m.
New subject: [Serusers] Troubles setting up radius authentication
Hello,
this should be recent enough. Try to look for messages like this:
sterman(): Unable to add PW_DIGEST_REALM attribute
(see sip_router/modules/auth_radius/sterman.c for more details).
The file contains functions that build and send radius messages.
Jan.
On 23-09 11:39, Steve Dolloff wrote:
This is my current info.
ser -V
version: ser 0.8.12dev-t16 (i386/linux)
flags: STATS:Off, USE_IPV6, USE_TCP, DISABLE_NAGLE, DNS_IP_HACK,
SHM_MEM, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024, BUF_SIZE 65535
@(#) $Id: main.c,v 1.167 2003/07/07 14:08:26 jiri Exp $
main.c compiled on 10:02:36 Sep 11 2003 with gcc 3.2
this was built from source off of CVS. If there is a newer version that
would give more info, I will recompile.
Stephen
Hello,
From the information below I can't say where
the problem is, but I would
say some attribute definitions are missing.
Unfortunatelly the stable version of auth_radius module doesn't print
much debugging messages when something goes wrong.
Did you compile your server from sources or do you use binary packages ?
You can try unstable version branch from the CVS, that should tell you
where the problem is, or I can send you a patch to stable version if you
can apply it and compile from sources.
Jan.
On 23-09 11:24, Steve Dolloff wrote:
Yes, I have added the SIP definitions to the
radiusclient library. It
is the dictionary file defined in the radiusclient.conf file as
/etc/sip_dictionary. It was created using the dictionary file from
radiusclient and adding the information from the link that you refered
to.
-----------------------
Hello,
if there is no radius traffic then radiusclient library has some
problems when buiding the request. Did you extend your radius
dictionary
as described in
http://iptel.org/ser/ser_radius.html ?
Jan.
On 23-09 10:38, Steve Dolloff wrote:
> I am trying to switch from database authentication to radius
> authentication.
>
> I have compiled and installed the module.
>
> I have added the following to my ser.cfg
>
> modparam("auth_radius", "radius_config",
"/etc/ser/radiusclient.conf")
> modparam("auth_radius",
"service_type",15)
>
> if (method=="REGISTER") {
> log(1,"authenticating");
> if
(!radius_www_authorize("test.net"))
{
> log(1,"radius auth
failure");
> > www_challenge("test.net",
> "0");
> > break;
> > };
> >
> > I have configured the following in /etc/ser/radiusclient.conf
> > authserver radius1.test.net:1812
> > authserver radius2.test.net:1812
> > servers /etc/servers
> > dictionary /etc/sip_dictionary
> >
> > I have configured the following in /etc/servers
> >
> > Radius1.test.net secret
> > Radius2.test.net secret2
> >
> > I get the following in my messages log.
> >
> > Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: authenticating
> > Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: radius auth failure
> > Sep 23 10:39:30 voip2 /usr/sbin/ser[25947]: authenticating
> > Sep 23 10:39:30 voip2 /usr/sbin/ser[25947]: radius auth failure
> > Sep 23 10:39:30 voip2 /usr/sbin/ser[25949]: authenticating
> > Sep 23 10:39:30 voip2 /usr/sbin/ser[25949]: radius auth failure
> > Sep 23 10:39:34 voip2 /usr/sbin/ser[25948]: authenticating
> > Sep 23 10:39:34 voip2 /usr/sbin/ser[25948]: radius auth failure
> > Sep 23 10:39:34 voip2 /usr/sbin/ser[25945]: authenticating
> > Sep 23 10:39:34 voip2 /usr/sbin/ser[25945]: radius auth failure
> >
> > And ngrep port 1812 shows no traffic at all. Where are these auth
> > request going? How can I get more debug info?
> >
> > Thanks for your help.
> >
> > Stephen
> >
> >
> > _______________________________________________
> > Serusers mailing list
> > serusers(a)lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
>
> _______________________________________________
> Serusers mailing list
> serusers(a)lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
7:46 p.m.
New subject: [Serusers] Troubles setting up radius authentication
Looking at modification time of sterman.c I realized that your
sources are not recent enough. The file was last modified on September
12 and you built your server on September 11, so please try to update
from the cvs, at least auth_radius module.
Jan.
On 23-09 11:39, Steve Dolloff wrote:
This is my current info.
ser -V
version: ser 0.8.12dev-t16 (i386/linux)
flags: STATS:Off, USE_IPV6, USE_TCP, DISABLE_NAGLE, DNS_IP_HACK,
SHM_MEM, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024, BUF_SIZE 65535
@(#) $Id: main.c,v 1.167 2003/07/07 14:08:26 jiri Exp $
main.c compiled on 10:02:36 Sep 11 2003 with gcc 3.2
this was built from source off of CVS. If there is a newer version that
would give more info, I will recompile.
Stephen
Hello,
From the information below I can't say where
the problem is, but I would
say some attribute definitions are missing.
Unfortunatelly the stable version of auth_radius module doesn't print
much debugging messages when something goes wrong.
Did you compile your server from sources or do you use binary packages ?
You can try unstable version branch from the CVS, that should tell you
where the problem is, or I can send you a patch to stable version if you
can apply it and compile from sources.
Jan.
On 23-09 11:24, Steve Dolloff wrote:
Yes, I have added the SIP definitions to the
radiusclient library. It
is the dictionary file defined in the radiusclient.conf file as
/etc/sip_dictionary. It was created using the dictionary file from
radiusclient and adding the information from the link that you refered
to.
-----------------------
Hello,
if there is no radius traffic then radiusclient library has some
problems when buiding the request. Did you extend your radius
dictionary
as described in
http://iptel.org/ser/ser_radius.html ?
Jan.
On 23-09 10:38, Steve Dolloff wrote:
> I am trying to switch from database authentication to radius
> authentication.
>
> I have compiled and installed the module.
>
> I have added the following to my ser.cfg
>
> modparam("auth_radius", "radius_config",
"/etc/ser/radiusclient.conf")
> modparam("auth_radius",
"service_type",15)
>
> if (method=="REGISTER") {
> log(1,"authenticating");
> if
(!radius_www_authorize("test.net"))
{
> log(1,"radius auth
failure");
> > www_challenge("test.net",
> "0");
> > break;
> > };
> >
> > I have configured the following in /etc/ser/radiusclient.conf
> > authserver radius1.test.net:1812
> > authserver radius2.test.net:1812
> > servers /etc/servers
> > dictionary /etc/sip_dictionary
> >
> > I have configured the following in /etc/servers
> >
> > Radius1.test.net secret
> > Radius2.test.net secret2
> >
> > I get the following in my messages log.
> >
> > Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: authenticating
> > Sep 23 10:39:03 voip2 /usr/sbin/ser[25945]: radius auth failure
> > Sep 23 10:39:30 voip2 /usr/sbin/ser[25947]: authenticating
> > Sep 23 10:39:30 voip2 /usr/sbin/ser[25947]: radius auth failure
> > Sep 23 10:39:30 voip2 /usr/sbin/ser[25949]: authenticating
> > Sep 23 10:39:30 voip2 /usr/sbin/ser[25949]: radius auth failure
> > Sep 23 10:39:34 voip2 /usr/sbin/ser[25948]: authenticating
> > Sep 23 10:39:34 voip2 /usr/sbin/ser[25948]: radius auth failure
> > Sep 23 10:39:34 voip2 /usr/sbin/ser[25945]: authenticating
> > Sep 23 10:39:34 voip2 /usr/sbin/ser[25945]: radius auth failure
> >
> > And ngrep port 1812 shows no traffic at all. Where are these auth
> > request going? How can I get more debug info?
> >
> > Thanks for your help.
> >
> > Stephen
> >
> >
> > _______________________________________________
> > Serusers mailing list
> > serusers(a)lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
>
> _______________________________________________
> Serusers mailing list
> serusers(a)lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
7731
days inactive
7731
days old
2 comments
2 participants
participants (2)
-
Jan Janak -
Steve Dolloff