30 Sep
2003
30 Sep
'03
9:54 p.m.
I am trying to get radius authentication working with ser. I believe
that I have set up the radiusclient and dictionary files correctly.
This is the response that I am getting from the radius system. Here are
some logs from the radius server. It appears that I am not sending a
password. Any ideas where I could look next? This is a VMS radius
system.
30-SEP-2003 12:38:21.45 %RADIUS-S-AUTHSTATUS, Request #74, Code = 3,
from
209.242.10.153:32865, Username = sdolloff(a)voip2.test.net
HEX Dump of a packet follows...
01 4B 00 D4 43 18 C0 76 5B EC 17 E3 FF 73 B7 0A
D7 5D E6 BA 01 18 73 64 6F 6C 6C 6F 66 66 40 76
6F 69 70 32 2E 64 6C 73 2E 6E 65 74 CF 0C 0A 0A
73 64 6F 6C 6C 6F 66 66 CF 11 01 0F 76 6F 69 70
32 2E 64 6C 73 2E 6E 65 74 CF 2C 02 2A 33 66 37
39 64 30 35 34 35 65 62 64 37 30 37 62 36 31 34
36 39 63 65 61 66 62 33 37 32 33 38 36 65 37 63
64 31 32 39 66 CF 15 04 13 73 69 70 3A 76 6F 69
70 32 2E 64 6C 73 2E 6E 65 74 CF 0C 03 0A 52 45
47 49 53 54 45 52 CE 22 39 66 62 63 62 32 34 32
38 37 62 35 63 66 62 62 32 36 61 66 62 35 30 38
33 64 36 30 38 63 37 38 06 06 00 00 00 0F D0 0A
73 64 6F 6C 6C 6F 66 66 04 06 D1 F2 0A 99 05 06
00 00 13 C4
RECV:Request from host 209.242.100.153:32865 code=1, id=75, length=212
User-Name = "sdolloff(a)voip2.test.net"
Digest-Attributes = "..sdolloff"
Digest-Attributes = "..voip2.test.net"
Digest-Attributes = ".*3f79d0545ebd707b61469ceafb372386e7cd129f"
Digest-Attributes = "..sip:voip2.test.net"
Digest-Attributes = "..REGISTER"
Digest-Response = "9fbcb24287b5cfbb26afb5083d608c78"
Service-Type = Sip-Session
Sip-Uri-User = "sdolloff"
NAS-IP-Address = 209.242.100.153
NAS-Port = 5060
AUTH:Processing request id 75 from 209.242.100.153 for
sdolloff(a)voip2.test.net
Username='sdolloff',Password=''
Set of DA-sub-attributes is not complete
30-SEP-2003 12:38:21.51 %RADIUS-E-AUTH_NOPASSW, AUTH:Request from
209.242.100.153 for 'sdolloff(a)voip2.test.net' is ignored;no password
or CHAP password is used
AUTH:Sending Reject for id 75 to 209.242.100.153
HEX Dump of a packet follows...
30-SEP-2003 12:38:21.51 %RADIUS-S-AUTHSTATUS, Request #75, Code = 3,
from
209.242.100.153:32865, Username = sdolloff(a)voip2.test.net
Any help would be greatly appreciated.
Stephen
30 Sep
30 Sep
10:51 p.m.
On (30.09.03 13:54), Steve Dolloff wrote:
209.242.100.153 for 'sdolloff(a)voip2.test.net'
is ignored;no password
or CHAP password is used
Your RADIUS server has to support Digest Authentication, and the line
above seems to indicate that it does not do that.
If you can change your Radius server software, give Freeradius or
Radiator (commercial, but excellent) a try. If you can not, try to
educate your existing server to do CHAP-Type authentication.
hope that helps.
Alex Mayrhofer
nic.at
7724
days inactive
7724
days old
1 comments
2 participants
participants (2)
-
Alexander Mayrhofer -
Steve Dolloff