Hi Ed,
please note that there is not log attached :).
to get a higher debug level, changed in your cfg script the debug value (9 for ex). The cfg value has priority over the parameters.
regards, bogdan
C. Ed Felt wrote:
Fellow OpenSER users:
We have been using SER at our VoIP company for a few years now and have been running in to security issues. We are pleased to see someone has taken improving SER seriously and are trying to move to OpenSER but are having problems with the implementation we need: OpenSER with Radius Accounting and Radius Authentication (with freeradius and MySQL).
I compiled the latest stable version of openser on an FC1 Linux PC with the needed modules added for Radius Authentication and Accounting. I am also using the latest version of freeradius.
I have spent plenty of time in the email archives and documentation before asking you for help. I seemed to have everything installed correctly after adding the line 'modparam("auth_radius", "radius_config", "/usr/local/etc/radiusclient-ng/radiusclient.conf")' to the default openser config file. All the radius modules seem to load now and openser doesn't exit with any errors. But when I start openser and check "ps -eaf | grep openser" it isn't running so I assume. Here are the last few lines of /var/log/messages:
I tried adding verbosity to the debug "-ddddd" but didn't get any more information than the logs above. I have also all ready included the needed dictionary file from openser for freeradius in the freeradius dictionary config.
Here is my current config under modules loading for auth (only change to default config besides modparam above): # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/openser/modules/auth.so" #loadmodule "/usr/local/lib/openser/modules/auth_db.so" loadmodule "/usr/local/lib/openser/modules/auth_radius.so" #loadmodule "/usr/local/lib/openser/modules/group_radius.so" #loadmodule "/usr/local/lib/openser/modules/uri_radius.so"
Please let me know what else I can try to get this working. Some kind of walk thru for the freeradius configuration would be helpful as well (freeradius with MySQL).
--
*Thanks,*
*C. Ed Felt Caflo Network Engineer/Programmer* http://www.caflo.com/ (801) 766-8433 (home) (801) 420-8879 (cell) 74999 (h.323) 74777 (sip) edeefelt@hotmail.com mailto://edeefelt@hotmail efelt@caflobvi.com mailto://efelt@caflobvi.com *chat: *edeefelt(aim), edeefelt (yahoo), edeefelt@hotmail.com (msn), v_2chafe@hotmail.com (msn) http://www.thefelts.net http://www.thefelts.net/
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Hi Ed,
Please, what is the output of "openser -c <config-file>"?
If they doesn't display much information, it can be due to a broken config file.
Regards,
Edson.
-----Original Message----- From: users-bounces@openser.org [mailto:users-bounces@openser.org] On Behalf Of Bogdan-Andrei Iancu Sent: quinta-feira, 9 de março de 2006 07:13 To: efelt@caflobvi.com Cc: Jaime Work; users@openser.org Subject: Re: [Users] OpenSER with freeRadius
Hi Ed,
please note that there is not log attached :).
to get a higher debug level, changed in your cfg script the debug value (9 for ex). The cfg value has priority over the parameters.
regards, bogdan
C. Ed Felt wrote:
Fellow OpenSER users:
We have been using SER at our VoIP company for a few years now and have been running in to security issues. We are pleased to see someone has taken improving SER seriously and are trying to move to OpenSER but are having problems with the implementation we need: OpenSER with Radius Accounting and Radius Authentication (with freeradius and MySQL).
I compiled the latest stable version of openser on an FC1 Linux PC with the needed modules added for Radius Authentication and Accounting. I am also using the latest version of freeradius.
I have spent plenty of time in the email archives and documentation before asking you for help. I seemed to have everything installed correctly after adding the line 'modparam("auth_radius", "radius_config", "/usr/local/etc/radiusclient-ng/radiusclient.conf")' to the default openser config file. All the radius modules seem to load now and openser doesn't exit with any errors. But when I start openser and check "ps -eaf | grep openser" it isn't running so I assume. Here are the last few lines of /var/log/messages:
I tried adding verbosity to the debug "-ddddd" but didn't get any more information than the logs above. I have also all ready included the needed dictionary file from openser for freeradius in the freeradius dictionary config.
Here is my current config under modules loading for auth (only change to default config besides modparam above): # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/openser/modules/auth.so" #loadmodule "/usr/local/lib/openser/modules/auth_db.so" loadmodule "/usr/local/lib/openser/modules/auth_radius.so" #loadmodule "/usr/local/lib/openser/modules/group_radius.so" #loadmodule "/usr/local/lib/openser/modules/uri_radius.so"
Please let me know what else I can try to get this working. Some kind of walk thru for the freeradius configuration would be helpful as well (freeradius with MySQL).
--
*Thanks,*
*C. Ed Felt Caflo Network Engineer/Programmer* http://www.caflo.com/ (801) 766-8433 (home) (801) 420-8879 (cell) 74999 (h.323) 74777 (sip) edeefelt@hotmail.com mailto://edeefelt@hotmail efelt@caflobvi.com mailto://efelt@caflobvi.com *chat: *edeefelt(aim), edeefelt (yahoo), edeefelt@hotmail.com (msn), v_2chafe@hotmail.com (msn) http://www.thefelts.net http://www.thefelts.net/
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Please, if not there, include on the beginning of Your config the statement fork=yes and give it a try.
Otherwise, how about send us Your complete config file?
Regards,
Edson.
_____
From: users-bounces@openser.org [mailto:users-bounces@openser.org] On Behalf Of C. Ed Felt Sent: quinta-feira, 9 de março de 2006 16:47 To: users@openser.org Cc: 'Jaime Work' Subject: Re: [Users] OpenSER with freeRadius
Thanks for all the great suggestions on further troubleshooting. Currently we wish to focus on the Authentication piece of radius with openser, we will look at the billing problem later.
results without turning up debug level [root@microtel root]# openser -c /usr/local/etc/openser/openser.cfg Listening on udp: 68.157.82.100 [68.157.82.100]:5060 tcp: 68.157.82.100 [68.157.82.100]:5060 Aliases: tcp: adsl-068-157-082-100.sip.bct.bellsouth.net:5060 udp: adsl-068-157-082-100.sip.bct.bellsouth.net:5060
config file ok, exiting...
I have attached the debug after turning up debugging to level 9.
[root@microtel root]# openser -c /usr/local/etc/openser/openser.cfg 2> openserdebug2006-03-09.log Listening on udp: 68.157.82.100 [68.157.82.100]:5060 tcp: 68.157.82.100 [68.157.82.100]:5060 Aliases: tcp: adsl-068-157-082-100.sip.bct.bellsouth.net:5060 udp: adsl-068-157-082-100.sip.bct.bellsouth.net:5060
[root@microtel root]# gzip -9 openserdebug2006-03-09.log
Thanks,
C. Ed Felt Caflo Network Engineer/Programmer http://www.caflo.com/ (801) 766-8433 (home) (801) 420-8879 (cell) 74999 (h.323) 74777 (sip) edeefelt@hotmail.com mailto://edeefelt@hotmail efelt@caflobvi.com chat: edeefelt(aim), edeefelt (yahoo), edeefelt@hotmail.com (msn), v_2chafe@hotmail.com (msn) http://www.thefelts.net http://www.thefelts.net/
Edson wrote:
Hi Ed,
Please, what is the output of "openser -c <config-file>"?
If they doesn't display much information, it can be due to a broken config file.
Regards,
Edson.
-----Original Message----- From: users-bounces@openser.org [mailto:users-bounces@openser.org] On Behalf Of Bogdan-Andrei Iancu Sent: quinta-feira, 9 de março de 2006 07:13 To: efelt@caflobvi.com Cc: Jaime Work; users@openser.org Subject: Re: [Users] OpenSER with freeRadius
Hi Ed,
please note that there is not log attached :).
to get a higher debug level, changed in your cfg script the debug value (9 for ex). The cfg value has priority over the parameters.
regards, bogdan
C. Ed Felt wrote:
Fellow OpenSER users:
We have been using SER at our VoIP company for a few years now and have been running in to security issues. We are pleased to see someone has taken improving SER seriously and are trying to move to OpenSER but are having problems with the implementation we need: OpenSER with Radius Accounting and Radius Authentication (with freeradius and MySQL).
I compiled the latest stable version of openser on an FC1 Linux PC with the needed modules added for Radius Authentication and Accounting. I am also using the latest version of freeradius.
I have spent plenty of time in the email archives and documentation before asking you for help. I seemed to have everything installed correctly after adding the line 'modparam("auth_radius", "radius_config", "/usr/local/etc/radiusclient-ng/radiusclient.conf")' to the default openser config file. All the radius modules seem to load now and openser doesn't exit with any errors. But when I start openser and check "ps -eaf | grep openser" it isn't running so I assume. Here are the last few lines of /var/log/messages:
I tried adding verbosity to the debug "-ddddd" but didn't get any more information than the logs above. I have also all ready included the needed dictionary file from openser for freeradius in the freeradius dictionary config.
Here is my current config under modules loading for auth (only change to default config besides modparam above): # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/openser/modules/auth.so" #loadmodule "/usr/local/lib/openser/modules/auth_db.so" loadmodule "/usr/local/lib/openser/modules/auth_radius.so" #loadmodule "/usr/local/lib/openser/modules/group_radius.so" #loadmodule "/usr/local/lib/openser/modules/uri_radius.so"
Please let me know what else I can try to get this working. Some kind of walk thru for the freeradius configuration would be helpful as well (freeradius with MySQL).
--
*Thanks,*
*C. Ed Felt Caflo Network Engineer/Programmer* http://www.caflo.com/ http://www.caflo.com/ (801) 766-8433 (home) (801) 420-8879 (cell) 74999 (h.323) 74777 (sip) edeefelt@hotmail.com mailto://edeefelt@hotmail mailto://edeefelt@hotmail efelt@caflobvi.com mailto://efelt@caflobvi.com mailto://efelt@caflobvi.com *chat: *edeefelt(aim), edeefelt (yahoo), edeefelt@hotmail.com (msn), v_2chafe@hotmail.com (msn) http://www.thefelts.net http://www.thefelts.net/ http://www.thefelts.net/
------------------------------------------------------------------------
_______________________________________________ Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
_______________________________________________ Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
I configured OpenSER with Freeradius. It is somewhat messy to have it setup - of course depends on your background. In my case I missed deeper knowledge of Radius that had caused me quite some trouble.
I haven't experienced your problem - no OpenSER processes. Sounds a bit strange.
My advice is: have both SER and freeRadius running in _DEBUG_ mode and read outputs carefully. Radius: radiusd -X, and ser with entry in cfg file. Radius is powerful and extremely fragile: passwords and avps need to match between client and server; user/group blocks must be correctly defined/specified to your spec etc. But if you have debug info - you can easily see when something goes wrong.
Good luck.
/Vel
_____
From: users-bounces@openser.org [mailto:users-bounces@openser.org] On Behalf Of C. Ed Felt Sent: Thursday, March 09, 2006 6:33 AM To: users@openser.org Cc: Jaime Work Subject: [Users] OpenSER with freeRadius
Fellow OpenSER users:
We have been using SER at our VoIP company for a few years now and have been running in to security issues. We are pleased to see someone has taken improving SER seriously and are trying to move to OpenSER but are having problems with the implementation we need: OpenSER with Radius Accounting and Radius Authentication (with freeradius and MySQL).
I compiled the latest stable version of openser on an FC1 Linux PC with the needed modules added for Radius Authentication and Accounting. I am also using the latest version of freeradius.
I have spent plenty of time in the email archives and documentation before asking you for help. I seemed to have everything installed correctly after adding the line 'modparam("auth_radius", "radius_config", "/usr/local/etc/radiusclient-ng/radiusclient.conf")' to the default openser config file. All the radius modules seem to load now and openser doesn't exit with any errors. But when I start openser and check "ps -eaf | grep openser" it isn't running so I assume. Here are the last few lines of /var/log/messages:
I tried adding verbosity to the debug "-ddddd" but didn't get any more information than the logs above. I have also all ready included the needed dictionary file from openser for freeradius in the freeradius dictionary config.
Here is my current config under modules loading for auth (only change to default config besides modparam above): # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/openser/modules/auth.so" #loadmodule "/usr/local/lib/openser/modules/auth_db.so" loadmodule "/usr/local/lib/openser/modules/auth_radius.so" #loadmodule "/usr/local/lib/openser/modules/group_radius.so" #loadmodule "/usr/local/lib/openser/modules/uri_radius.so"
Please let me know what else I can try to get this working. Some kind of walk thru for the freeradius configuration would be helpful as well (freeradius with MySQL).
-
Bogdan-Andrei Iancu -
C. Ed Felt -
Edson -
Velimir Novkovic