subject:"\[asterisk\-users\] Asterisk with Radius users authentication"

Re: [asterisk-users] Asterisk with Radius users authentication

2007-02-21 Thread Ricardo Carvalho


Thanks yusuf,

Any other experience on this subject? Anyone knows if Asterisk 1.4 
already implement Radius authentication properly? Has anyone ever 
patched Asterisk with the patch from the Digium Issue Tracker available 
in the URL: http://bugs.digium.com/view.php?id=5424 and got well succeeded?


Thanks once again,
Ricardo.






yusuf wrote:

Ricardo Carvalho wrote:

Dear all,

I've searched the web about Asterisk with Radius integration for user 
authentication, and got a bit confused...
I see that there have been some work around it, there is PortaOne's 
Radius client patch, an still open branch of Digium Issue Tracker 
SIP peer authentication on an external database (RADIUS - LDAP), 
etc. Although, none of these seems to give me the confidence to 
implement it in a production environment...


What do you people recommend me? Which Asterisk+Radius solution 
should in your opinion be the best choice? Does Asterisk 1.4 already 
implement it properly?



Thanks in advance,
Ricardo.



Here is a mock-up of what I used to hook-up to a Radius Server, with 
Porta's patch.  It worked quite well for us.  I have'nt used it in 2 
years or so, cant remember much  :)  .  I thin we got it to work by 
seeing the debug (set it in /etc/asterisk/logger.conf) and seeing what 
values were getting sent and recieved.



;exten = _X.,1,SetVar(RADIUS_Server=x.x.x.x)
exten = _X.,2,SetVar(RADIUS_Secret=secret)
exten = _X.,3,SetVar(NAS_IP_Address=x.x.x.x)
exten = _X.,4,SetVar(CALLERID=${CALLERIDNUM})
exten = _X.,5,SetVar(DNID=${EXTEN})
;
; Set account to authorize by
; It can be a prepaid calling card PIN, ANI, or SIP ID depending on 
your application

;
;exten = _X.,6,SetAccount(${CALLERIDNUM})
exten = _X.,6,SetAccount(${CALLERIDNAME})
;
; RADIUS Authorize
; Called as:  
agi-rad-auth.pl|parametr1=value1parametr2=value2parametr3=value3

; Possible parametrs:
; Routing=XXX will will send h323-ivr-out = 'PortaBilling_Routing:XXX' 
attribure (XXX is usually SIP)
; AuthorizeBy=SIP requires 
SIPGetHeader(SIP_Authorization=Proxy-Authorization) first + 
externalauth=yes in sip.conf

; AuthorizeBy=Account requires SetAccount(username) first
; Password=Password optional and may be used together with 
AuthorizeBy=Account
; IfFailed=DoNotHangup optional, used for custome authentication error 
processing i.e. IVR

;
;
exten = 
_X.,7,agi,agi-rad-auth.pl|AuthorizeBy=AccountPassword=${CALLERIDNUM}IfFailed=DoNotHangup 

;exten = 
_X.,7,agi,agi-rad-auth.pl|AuthorizeBy=AccountPassword=AccountIfFailed=DoNotHangup 

;exten = 
_X.,7,agi,agi-rad-auth.pl|AuthorizeBy=AccountIfFailed=DoNotHangup

;
exten = _X.,8,NoOp(${h323-credit-time})
exten = _X.,9, Set(TIMEOUT(absolute)=${h323-credit-time:17})
;exten = _X.,10, AbsoluteTimeout(${h323-credit-time})
exten = _X.,10,Goto(sip-calls,${EXTEN},1)
exten = _X.,11,Hangup
exten = T,1,NoOp(timeout)



___
--Bandwidth and Colocation provided by Easynews.com --

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
  http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Asterisk with Radius users authentication

2007-02-19 Thread Ricardo Carvalho


Dear all,

I've searched the web about Asterisk with Radius integration for user 
authentication, and got a bit confused...
I see that there have been some work around it, there is PortaOne's 
Radius client patch, an still open branch of Digium Issue Tracker SIP 
peer authentication on an external database (RADIUS - LDAP), etc. 
Although, none of these seems to give me the confidence to implement it 
in a production environment...


What do you people recommend me? Which Asterisk+Radius solution should 
in your opinion be the best choice? Does Asterisk 1.4 already implement 
it properly?



Thanks in advance,
Ricardo.
___
--Bandwidth and Colocation provided by Easynews.com --

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
  http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk with Radius users authentication

2007-02-19 Thread yusuf


Ricardo Carvalho wrote:

Dear all,

I've searched the web about Asterisk with Radius integration for user 
authentication, and got a bit confused...
I see that there have been some work around it, there is PortaOne's 
Radius client patch, an still open branch of Digium Issue Tracker SIP 
peer authentication on an external database (RADIUS - LDAP), etc. 
Although, none of these seems to give me the confidence to implement it 
in a production environment...


What do you people recommend me? Which Asterisk+Radius solution should 
in your opinion be the best choice? Does Asterisk 1.4 already implement 
it properly?



Thanks in advance,
Ricardo.



Here is a mock-up of what I used to hook-up to a Radius Server, with Porta's patch.  It worked quite 
well for us.  I have'nt used it in 2 years or so, cant remember much  :)  .  I thin we got it to 
work by seeing the debug (set it in /etc/asterisk/logger.conf) and seeing what values were getting 
sent and recieved.



;exten = _X.,1,SetVar(RADIUS_Server=x.x.x.x)
exten = _X.,2,SetVar(RADIUS_Secret=secret)
exten = _X.,3,SetVar(NAS_IP_Address=x.x.x.x)
exten = _X.,4,SetVar(CALLERID=${CALLERIDNUM})
exten = _X.,5,SetVar(DNID=${EXTEN})
;
; Set account to authorize by
; It can be a prepaid calling card PIN, ANI, or SIP ID depending on your 
application
;
;exten = _X.,6,SetAccount(${CALLERIDNUM})
exten = _X.,6,SetAccount(${CALLERIDNAME})
;
; RADIUS Authorize
; Called as:  agi-rad-auth.pl|parametr1=value1parametr2=value2parametr3=value3
; Possible parametrs:
; Routing=XXX will will send h323-ivr-out = 'PortaBilling_Routing:XXX' 
attribure (XXX is usually SIP)
; AuthorizeBy=SIP requires SIPGetHeader(SIP_Authorization=Proxy-Authorization) first + 
externalauth=yes in sip.conf

; AuthorizeBy=Account requires SetAccount(username) first
; Password=Password optional and may be used together with AuthorizeBy=Account
; IfFailed=DoNotHangup optional, used for custome authentication error 
processing i.e. IVR
;
;
exten = 
_X.,7,agi,agi-rad-auth.pl|AuthorizeBy=AccountPassword=${CALLERIDNUM}IfFailed=DoNotHangup
;exten = 
_X.,7,agi,agi-rad-auth.pl|AuthorizeBy=AccountPassword=AccountIfFailed=DoNotHangup
;exten = _X.,7,agi,agi-rad-auth.pl|AuthorizeBy=AccountIfFailed=DoNotHangup
;
exten = _X.,8,NoOp(${h323-credit-time})
exten = _X.,9, Set(TIMEOUT(absolute)=${h323-credit-time:17})
;exten = _X.,10, AbsoluteTimeout(${h323-credit-time})
exten = _X.,10,Goto(sip-calls,${EXTEN},1)
exten = _X.,11,Hangup
exten = T,1,NoOp(timeout)

--
thanks,
Yusuf
___
--Bandwidth and Colocation provided by Easynews.com --

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
  http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk with Radius users authentication

[asterisk-users] Asterisk with Radius users authentication

Re: [asterisk-users] Asterisk with Radius users authentication

3 matches

Site Navigation

Mail list logo

Footer information