Dear Binan,<br><br>I have set digest there, here is my /etc/opensips/sites-enabled/<div id=":18y">default:<br><br>authorize {<br> preprocess<br> auth_log<br> chap<br> mschap<br> digest<br>
suffix<br>
eap {<br> ok = return<br> }<br> files<br> sql<br> expiration<br> logintime<br> pap<br>}<br><br><br><br>authenticate {<br> Auth-Type PAP {<br> pap<br>
}<br> Auth-Type CHAP {<br> chap<br> }<br> Auth-Type MS-CHAP {<br> mschap<br> }<br> Auth-Type DIGEST {<br> digest<br> }<br> unix<br>
eap<br>}<br><br>I'm totally confused..<div class="yj6qo ajU"><div id=":18h" class="ajR" tabindex="0"><img class="ajT" src="https://mail.google.com/mail/images/cleardot.gif"></div></div></div><br><br><div class="gmail_quote">
On Wed, Oct 3, 2012 at 7:32 PM, Binan AL Halabi <span dir="ltr"><<a href="mailto:binanalhalabi@yahoo.com" target="_blank">binanalhalabi@yahoo.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div style="font-size:10pt;font-family:times new roman,new york,times,serif"><br>Hi <font face="Arial">Hanie</font>,<br><br>I can't see modcall[authorize] in debug , so you have to add digest module by uncomment the digest lines in both <b>authenticate{}</b> and <b>authorize{}</b> in config file.<br>
<br>Go through this tutorial : <a href="http://www.opensips.org/Resources/DocsTutRadius" target="_blank">http://www.opensips.org/Resources/DocsTutRadius</a>.<br><br><br>//Binan<br><div style="font-family:times new roman,new york,times,serif;font-size:10pt">
<div style="font-family:times new roman,new york,times,serif;font-size:12pt"><div><div><div style="font-size:10pt;font-family:times new roman,new york,times,serif"> <div style="font-family:times new roman,new york,times,serif;font-size:10pt">
<div style="font-family:times new roman,new york,times,serif;font-size:12pt"> <div dir="ltr"> <font face="Arial"> <hr size="1"> <b><span style="font-weight:bold">Från:</span></b> Hanie Maghsoudy <<a href="mailto:h.maghsoudy@gmail.com" target="_blank">h.maghsoudy@gmail.com</a>><br>
<b><span style="font-weight:bold">Till:</span></b> Binan AL Halabi <<a href="mailto:binanalhalabi@yahoo.com" target="_blank">binanalhalabi@yahoo.com</a>>; OpenSIPS users mailling list <<a href="mailto:users@lists.opensips.org" target="_blank">users@lists.opensips.org</a>> <br>
<b><span style="font-weight:bold">Skickat:</span></b> onsdag, 3 oktober
2012 14:10<br> <b><span style="font-weight:bold">Ämne:</span></b> Re: [OpenSIPS-Users] Registration via RADIUS<br> </font> </div> <br>
<div>Thanks Binan for the reply.<br>I tested both and none of them works.<br><br><div>On Wed, Oct 3, 2012 at 2:48 PM, Binan AL Halabi <span dir="ltr"><<a rel="nofollow" href="mailto:binanalhalabi@yahoo.com" target="_blank">binanalhalabi@yahoo.com</a>></span> wrote:<br>
<blockquote style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-size:10pt;font-family:times new roman,new york,times,serif">look for the type of password you want to use whether plaintext or HA<br>
<pre>modparam("auth", "calculate_ha1", 1) # plaintext password<br>modparam("auth", "calculate_ha1", 0) # pre-calculated HA1<br><br></pre>//Binan<br><div><span><br></span></div><div>
<br></div> <div style="font-family:times new roman,new york,times,serif;font-size:10pt"> <div style="font-family:times new roman,new york,times,serif;font-size:12pt"> <div dir="ltr"> <font face="Arial"> <hr size="1"> <b><span style="font-weight:bold">From:</span></b> Hanie Maghsoudy <<a rel="nofollow" href="mailto:h.maghsoudy@gmail.com" target="_blank">h.maghsoudy@gmail.com</a>><br>
<b><span style="font-weight:bold">To:</span></b> <a rel="nofollow" href="mailto:users@lists.opensips.org" target="_blank">users@lists.opensips.org</a> <br> <b><span style="font-weight:bold">Sent:</span></b> Wednesday, October 3, 2012 12:59 PM<br>
<b><span style="font-weight:bold">Subject:</span></b> Re: [OpenSIPS-Users] Registration via RADIUS<br> </font> </div><div><div> <br>
<div>Hi all,<br><br>Does anyone have a clue on this?<br>I'm pretty sure I'm doing something wrong, but I can not find it. I believe that either OpenSIPs configuration or radiusclient-ng's could be incorrect.<br>
<br>
Thanks<br><br><div>On Mon, Oct 1, 2012 at 3:09 PM, Hanie Maghsoudy <span dir="ltr"><<a rel="nofollow" href="mailto:h.maghsoudy@gmail.com" target="_blank">h.maghsoudy@gmail.com</a>></span> wrote:<br><blockquote style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Dear all,<br><br>I want to register some users in OpenSIPs. When I use db mode it's totally OK. Users register and could make calls. But when I set radius configuration (using <a rel="nofollow" href="http://www.opensips.org/Resources/DocsTutRadius" target="_blank">this</a> document), the user doesn't register and FreeRadius keeps printing these messages:<br>
<br><br><span style="color:rgb(102,102,102)">Info: [digest] Checking for correctly formatted Digest-Attributes<br>Info: [digest] Digest-Attributes look OK. Converting them to something more usful.<br> Digest-User-Name = "101"<br>
Digest-Realm = "192.168.X.X"<br> Digest-Nonce = "5069765300000000af31f979191ab899f5f9fc41ed941449"<br> Digest-URI = "sip:192.168.X.X"<br> Digest-Method = "REGISTER"<br>
Digest-QOP = "auth"<br> Digest-Nonce-Count = "00000001"<br> Digest-CNonce = "8277adcf0b"<br>Info: [digest] Adding Auth-Type = DIGEST<br>Info: ++[digest] returns ok<br>Info: [suffix] Looking up realm "192.168.X.X" for User-Name = "101@192.168.X.X"<br>
Info: [suffix] Found realm "192.168.X.X"<br>Info: [suffix] Adding Realm = "192.168.X.X"<br>Info: [suffix] Authentication realm is LOCAL.<br>Info: ++[suffix] returns ok<br>Info: [eap] No EAP-Message, not doing EAP<br>
Info: ++[eap] returns noop<br>Info: [files] users: Matched entry 101@192.168.X.X at line 22<br>Info: ++[files] returns ok<br>Info: ++[expiration] returns noop<br>Info: ++[logintime] returns noop<br>Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>
Info: ++[pap] returns noop<br>Info: Found Auth-Type = DIGEST<br>Info: # Executing group from file /etc/freeradius/sites-enabled/default<br>Info: +- entering group DIGEST {...}<br><b><span style="color:rgb(0,0,0)">Auth: [digest] Cleartext-Password or Digest-HA1 is required for authentication.</span></b><br>
Info: ++[digest] returns invalid<br>Info: Failed to authenticate the user.<br>Auth: Login incorrect: [101@192.168.X.X/<via Auth-Type = Digest>] (from client OpenSIPS port 0)<br>Info: Using Post-Auth-Type Reject<br>
Info: # Executing group from file /etc/freeradius/sites-enabled/default<br>
Info: +- entering group REJECT {...}<br>Info: [attr_filter.access_reject] expand: %{User-Name} -> 101@192.168.X.X<br><br><br><span style="color:rgb(0,0,0)">And here</span></span> is my opensips.cfg:<br><br>.....<br>
loadmodule "acc.so"<br>modparam("acc", "early_media", 0)<br>modparam("acc", "report_cancels", 0)<br>modparam("acc", "detect_direction", 0)<br>modparam("acc", "failed_transaction_flag", 3)<br>
modparam("acc", "log_flag", 1)<br>modparam("acc", "log_missed_flag", 2)<br>loadmodule "auth.so"<br>loadmodule "aaa_radius.so"<br>loadmodule "auth_aaa.so"<br>
modparam("auth", "calculate_ha1", 1)<br>modparam("auth_aaa", "aaa_url", "radius:/etc/radiusclient-ng/radiusclient.conf")<br>route{<br> if ( !(is_method("REGISTER") ) ) {<br>
if (from_uri==myself)<br> {<br> if (!aaa_proxy_authorize("")) {<br> proxy_challenge("", "1");<br> exit;<br>
}<br> consume_credentials();<br> } else {<br> if (!uri==myself) {<br> send_reply("403","Rely forbidden");<br>
exit;<br> }<br> }<br> }<br>....<br> if (is_method("REGISTER"))<br> {<br> if (!aaa_www_authorize(""))<br>
{<br> www_challenge("", "1");<br> exit;<br> }<br> if ( 0 ) setflag(7);<br> if (!save("location"))<br>
sl_reply_error();<br> exit;<br> }<br>....<br><br><br>And in freeradius/users I have:<br><br>.....<br><br>101@192.168.X.X Auth-Type := Digest, Cleartext-Password == "101"<br>
Reply-Message = "Authenticated"<br><br>Would you please help me to solve the problem?<br><br>Thanks,<br>Hanie<br><br><br>
</blockquote></div><br>
</div><br></div></div>_______________________________________________<br>Users mailing list<br><a rel="nofollow" href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br><a rel="nofollow" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br><br> </div> </div> </div></div><br>_______________________________________________<br>
Users mailing list<br>
<a rel="nofollow" href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br>
<a rel="nofollow" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></blockquote></div><br>
</div><br><br> </div> </div> </div></div></div><br>_______________________________________________<br>Users mailing list<br><a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br><a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br><br> </div> </div> </div></div><br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></blockquote></div><br>