Hi All,
I'm trying to connect OpenSER with FreeRadius. I've managed to get the digest
authentication
going correctly, having the Radius respond with LOGIN OK for the requests that are in the
users file. However, although the authentication process appears to succeed, the IP phone
doesn't register to the OpenSER server.
The following can be seen in the debug:
0(17821) SIP Request:
0(17821) method: <REGISTER>
0(17821) uri: <sip:192.168.2.80>
0(17821) version: <SIP/2.0>
0(17821) parse_headers: flags=2
0(17821) Found param type 232, <branch> = <z9hG4bK4d7202f23b6595fc>;
state=16
0(17821) end of header reached, state=5
0(17821) parse_headers: Via found, flags=2
0(17821) parse_headers: this is the first via
0(17821) After parse_msg...
0(17821) preparing to run routing scripts...
0(17821) parse_headers: flags=100
0(17821) DEBUG:parse_to:end of header reached, state=10
0(17821) DBUG:parse_to: display={}, ruri={sip:101@192.168.2.80;user=phone}
0(17821) DEBUG: get_hdr_field: <To> [35]; uri=[sip:101@192.168.2.80;user=phone]
0(17821) DEBUG: to body [<sip:101@192.168.2.80;user=phone>
]
0(17821) get_hdr_field: cseq <CSeq>: <20048> <REGISTER>
0(17821) DEBUG:maxfwd:is_maxfwd_present: value = 70
0(17821) parse_headers: flags=200
0(17821) DEBUG: get_hdr_body : content_length=0
0(17821) found end of header
0(17821) find_first_route: No Route headers found
0(17821) loose_route: There is no Route HF
0(17821) grep_sock_info - checking if host==us: 12==12 && [192.168.2.80] ==
[192.168.2.80]
0(17821) grep_sock_info - checking if port 5060 matches port 5060
0(17821) grep_sock_info - checking if host==us: 12==12 && [192.168.2.80] ==
[192.168.2.80]
0(17821) grep_sock_info - checking if port 5060 matches port 5060
0(17821) check_nonce(): comparing [469aba5f4ff6b78f7b9588ad19fc0ab514e709da] and
[469aba5f4ff6b78f7b9588ad19fc0ab514e709da]
0(17821) ERROR:auth_radius:radius_authorize_sterman: rc_auth failed
0(17821) build_auth_hf(): 'WWW-Authenticate: Digest realm="openser.org",
nonce="469aba5f4ff6b78f7b9588ad19fc0ab514e709da", qop="auth"
'
0(17821) parse_headers: flags=ffffffffffffffff
0(17821) check_via_address(192.168.2.101, 192.168.2.101, 0)
0(17821) DEBUG:destroy_avp_list: destroying list (nil)
0(17821) receive_msg: cleaning up
As you can surely see, the ERROR is somewhere in the authorization status. Now, I've
verified
the secret key between the machine, and all seems to be in place - any pointers will be
highly appreciated.
Z2L
Show replies by date