I am trying to get radius authentication working with ser. I believe that I have set up the radiusclient and dictionary files correctly. This is the response that I am getting from the radius system. Here are some logs from the radius server. It appears that I am not sending a password. Any ideas where I could look next? This is a VMS radius system.
30-SEP-2003 12:38:21.45 %RADIUS-S-AUTHSTATUS, Request #74, Code = 3, from 209.242.10.153:32865, Username = sdolloff@voip2.test.net
HEX Dump of a packet follows...
01 4B 00 D4 43 18 C0 76 5B EC 17 E3 FF 73 B7 0A D7 5D E6 BA 01 18 73 64 6F 6C 6C 6F 66 66 40 76 6F 69 70 32 2E 64 6C 73 2E 6E 65 74 CF 0C 0A 0A 73 64 6F 6C 6C 6F 66 66 CF 11 01 0F 76 6F 69 70 32 2E 64 6C 73 2E 6E 65 74 CF 2C 02 2A 33 66 37 39 64 30 35 34 35 65 62 64 37 30 37 62 36 31 34 36 39 63 65 61 66 62 33 37 32 33 38 36 65 37 63 64 31 32 39 66 CF 15 04 13 73 69 70 3A 76 6F 69 70 32 2E 64 6C 73 2E 6E 65 74 CF 0C 03 0A 52 45 47 49 53 54 45 52 CE 22 39 66 62 63 62 32 34 32 38 37 62 35 63 66 62 62 32 36 61 66 62 35 30 38 33 64 36 30 38 63 37 38 06 06 00 00 00 0F D0 0A 73 64 6F 6C 6C 6F 66 66 04 06 D1 F2 0A 99 05 06 00 00 13 C4
RECV:Request from host 209.242.100.153:32865 code=1, id=75, length=212 User-Name = "sdolloff@voip2.test.net" Digest-Attributes = "..sdolloff" Digest-Attributes = "..voip2.test.net" Digest-Attributes = ".*3f79d0545ebd707b61469ceafb372386e7cd129f" Digest-Attributes = "..sip:voip2.test.net" Digest-Attributes = "..REGISTER" Digest-Response = "9fbcb24287b5cfbb26afb5083d608c78" Service-Type = Sip-Session Sip-Uri-User = "sdolloff" NAS-IP-Address = 209.242.100.153 NAS-Port = 5060 AUTH:Processing request id 75 from 209.242.100.153 for sdolloff@voip2.test.net Username='sdolloff',Password='' Set of DA-sub-attributes is not complete 30-SEP-2003 12:38:21.51 %RADIUS-E-AUTH_NOPASSW, AUTH:Request from 209.242.100.153 for 'sdolloff@voip2.test.net' is ignored;no password or CHAP password is used AUTH:Sending Reject for id 75 to 209.242.100.153
HEX Dump of a packet follows...
30-SEP-2003 12:38:21.51 %RADIUS-S-AUTHSTATUS, Request #75, Code = 3, from 209.242.100.153:32865, Username = sdolloff@voip2.test.net
Any help would be greatly appreciated.
Stephen
On (30.09.03 13:54), Steve Dolloff wrote:
209.242.100.153 for 'sdolloff@voip2.test.net' is ignored;no password or CHAP password is used
Your RADIUS server has to support Digest Authentication, and the line above seems to indicate that it does not do that.
If you can change your Radius server software, give Freeradius or Radiator (commercial, but excellent) a try. If you can not, try to educate your existing server to do CHAP-Type authentication.
hope that helps.
Alex Mayrhofer nic.at
-
Alexander Mayrhofer -
Steve Dolloff