<HTML><HEAD></HEAD>
<BODY dir=ltr>
<DIV dir=ltr>
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: 'Calibri'; COLOR: #000000">
<DIV>Hello, </DIV>
<DIV> </DIV>
<DIV>First time on the list. Was able to solve problem by documentation before,
but now completely confused.</DIV>
<DIV> </DIV>
<DIV>I am trying to learn authentication against radius server. <BR><BR></DIV>
<DIV>[root@rad47 /]# rpm -qa | grep opensips</DIV>
<DIV>opensips-aaa_radius-1.11.3-1.el6.x86_64</DIV>
<DIV>opensips-yum-releases-1.11-1.el6.noarch</DIV>
<DIV>opensips-auth_aaa-1.11.3-1.el6.x86_64</DIV>
<DIV>opensips-1.11.3-1.el6.x86_64</DIV>
<DIV> </DIV>
<DIV>Added in config file: </DIV>
<DIV>loadmodule "auth.so"</DIV>
<DIV>loadmodule "auth_aaa.so"</DIV>
<DIV>loadmodule "aaa_radius.so"</DIV>
<DIV>modparam("auth_aaa", "aaa_url",
"radius:/etc/radiusclient-ng/radiusclient.conf")<BR><BR>Created route from some
examples and calling it from main route:</DIV>
<DIV>route[AUTH] {</DIV>
<DIV> </DIV>
<DIV> if (is_method("REGISTER") ||
from_uri==myself)</DIV>
<DIV> {</DIV>
<DIV>
# authenticate requests</DIV>
<DIV>
if (!aaa_www_authorize("172.21.7.47")) {</DIV>
<DIV>
www_challenge("$fd", "0");</DIV>
<DIV>
exit;</DIV>
<DIV>
}</DIV>
<DIV>
# user authenticated - remove auth header</DIV>
<DIV>
if(!is_method("REGISTER|PUBLISH"))</DIV>
<DIV>
consume_credentials();</DIV>
<DIV> }</DIV>
<DIV> # if caller is not local
subscriber, then check if it calls</DIV>
<DIV> # a local destination, otherwise
deny, not an open relay here</DIV>
<DIV> if (from_uri!=myself &&
uri!=myself)</DIV>
<DIV> {</DIV>
<DIV>
sl_send_reply("403","Not relaying");</DIV>
<DIV>
exit;</DIV>
<DIV> }</DIV>
<DIV> </DIV>
<DIV> return;</DIV>
<DIV>}</DIV>
<DIV> </DIV>
<DIV>[root@rad47 /]# cat /etc/radiusclient-ng/radiusclient.conf | grep -v
^#</DIV>
<DIV>auth_order radius,local</DIV>
<DIV>login_tries 4</DIV>
<DIV>login_timeout 60</DIV>
<DIV>nologin /etc/nologin</DIV>
<DIV>issue /etc/radiusclient-ng/issue</DIV>
<DIV>authserver 127.0.0.1:1812</DIV>
<DIV>acctserver 127.0.0.1:1813</DIV>
<DIV>servers
/etc/radiusclient-ng/servers</DIV>
<DIV>dictionary
/etc/radiusclient-ng/dictionary</DIV>
<DIV>login_radius /usr/sbin/login.radius</DIV>
<DIV>seqfile /etc/opensips/radius.seq</DIV>
<DIV>mapfile
/etc/radiusclient-ng/port-id-map</DIV>
<DIV>default_realm</DIV>
<DIV>radius_timeout 10</DIV>
<DIV>radius_retries 3</DIV>
<DIV>bindaddr *</DIV>
<DIV>login_local /bin/login<BR><BR>Then i run opensips
it initialize ok. Then i try to register it challenge me ok. But there is no
request done to RADIUS over network, and client keep sending REGISTER in
response 401 Unauthorized.</DIV>
<DIV>There is nothing in logs. I’ve run out of ideas. Please someone help.</DIV>
<DIV> </DIV>
<DIV>Regards</DIV>
<DIV>Andres</DIV></DIV></DIV></BODY></HTML>