[OpenSIPS-Users] No RADIUS traffic

Leon Li Leon.Li at aarnet.edu.au
Thu Jun 4 08:57:03 CEST 2009


Hi,

 

I am try to use RADIUS server. However, after configuration, I found
there is no RADIUS traffic at all.

 

Log shows: 

Jun  4 06:45:59  /usr/local/sbin/openser[396]: rc_avpair_new: unknown
attribute 5

Jun  4 06:45:59  /usr/local/sbin/openser[396]:
ERROR:auth_radius:radius_authorize_sterman: rc_auth failed

 

But nothing on RADIUS server end. 

 

OpenSIPs + radiusclient-ng on one box and RADIUS is on another.

 

My radiusclient.conf is like:

 

# General settings

 

# specify which authentication comes first respectively which

# authentication is used. possible values are: "radius" and "local".

# if you specify "radius,local" then the RADIUS server is asked

# first then the local one. if only one keyword is specified only

# this server is asked.

auth_order      radius,local

 

# maximum login tries a user has

login_tries     4

 

# timeout for all login tries

# if this time is exceeded the user is kicked out

login_timeout   60

 

# name of the nologin file which when it exists disables logins.

# it may be extended by the ttyname which will result in

# a terminal specific lock (e.g. /etc/nologin.ttyS2 will disable

# logins on /dev/ttyS2)

nologin /etc/nologin

 

# name of the issue file. it's only display when no username is passed

# on the radlogin command line

issue   /usr/local/etc/radiusclient-ng/issue

 

# RADIUS settings

 

# RADIUS server to use for authentication requests. this config

# item can appear more then one time. if multiple servers are

# defined they are tried in a round robin fashion if one

# server is not answering.

# optionally you can specify a the port number on which is remote

# RADIUS listens separated by a colon from the hostname. if

# no port is specified /etc/services is consulted of the radius

# service. if this fails also a compiled in default is used.

authserver      202.158.212.103:1812

 

# RADIUS server to use for accouting requests. All that I

# said for authserver applies, too.

#

acctserver      202.158.212.103:1813

 

# file holding shared secrets used for the communication

# between the RADIUS client and server

servers         /usr/local/etc/radiusclient-ng/servers

 

# dictionary of allowed attributes and values

# just like in the normal RADIUS distributions

dictionary      /usr/local/etc/radiusclient-ng/dictionary

 

# program to call for a RADIUS authenticated login

login_radius    /usr/local/sbin/login.radius

 

# file which holds sequence number for communication with the

# RADIUS server

seqfile         /var/run/radius.seq

 

# file which specifies mapping between ttyname and NAS-Port attribute

mapfile         /usr/local/etc/radiusclient-ng/port-id-map

 

# default authentication realm to append to all usernames if no

# realm was explicitly specified by the user

# the radiusd directly form Livingston doesnt use any realms, so leave

# it blank then

default_realm

#aarnet.edu.au

 

# time to wait for a reply from the RADIUS server

radius_timeout  10

 

# resend request this many times before trying the next server

radius_retries  3

 

# local address from which radius packets have to be sent

bindaddr *

 

# LOCAL settings

 

# program to execute for local login

# it must support the -f flag for preauthenticated login

login_local     /bin/login

 

Any suggestion will be appreciated.

 

Thanks

Leon

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20090604/2b0fab37/attachment-0001.htm 


More information about the Users mailing list