RE: problems with digest and ser
Hello Lucas, I tried to use Auth-Type := Accept , it is going to successfull authunticate. But it is not good idea without password authuntication. My user is already having the MD5 password. Is there any way to only read the user password, if am able to find the password value i can make one external perl script to authunticate using the password? Cisco VSA( 1): xpgk-sip-auth4=29fba21dc546ed81bc46d3e1b14f52af SipDigestResponce: 29fba21dc546ed81bc46d3e1b14f52af If am able to read the SipDigestResponce value i can authunticate through external script. any idea please? Thank You Lateef Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: problems with digest and ser
Hello, I use Auth-Type :=3D, but still my problem not solved. I am using the SIP-HIT software from MERA softswitch The Mera sending Password in MD5 format. and also tried to use Auth-Type := MD5 but no luck. Please let me know if there is any other solutions? Thank You Abdul Lateef __ Do you Yahoo!? Make Yahoo! your home page http://www.yahoo.com/r/hs - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: problems with digest and ser
I use Auth-Type :=3D, but still my problem not solved. I am using the SIP-HIT software from MERA softswitch The Mera sending Password in MD5 format. and also tried to use Auth-Type := MD5 but no luck. Please let me know if there is any other solutions? Abdul , I had trouble with digest, only with no-password clients. To solve this, I confgiured these users providing Auth-Type := Accept ... and so, once any of these users was matched, I wolud accept them, wheter the nonce was ok or not. ( anybody has any other idea ? ) Hope it helps Regards, Lucas -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.11.9 - Release Date: 12/05/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: problems with digest and ser
So you say that if I have a client returning, at authorize_check_query, a table with User-Password = , it will not work for digest ?? I'm saying it's a bad idea, and a case I didn't test. Well ... there are cases where I have no-password users. For this cases, where no-password users where having trouble at authenticating using digest, I set the attribute Auth-Type := Accept. So, no matter what the password was, I got the user succesfully authenticated. And, as I was having no trouble with users having passwords, I may conclude that I found the solution for my problem. Hope It helps somebody else Thanks Regards, Lucas -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.11.9 - Release Date: 12/05/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: problems with digest and ser
I'm having trouble at authentication using radius and digest. Look at radius output. The rare thing is that some phones get registered nicely, but others no. The ones who get registered are X-Lite softphones and grandstream. The ones that not, are the ATAs from voip solutions, MTA-V102. Any help would be appreciated. The user is 1991106 and has NO PASSWORD assigned ... ( but all of the users have NO PASSWORD ). Has this no-password thing have something to do with all this ??? Could be. And I don't think that having no password is a good idea. In any case, if there *wasn't* a password, then the digest module would complain. Why is that ? I mean ... I have some SIP Phones that have no password configured, and the digest module is working fine, as they can get registered nicely. So, if it works with some phones, should it work with all of them ?? rlm_digest: FAILED authentication ... ... any ideas ?? The client isn't using the correct digest algorithm? I believe so, because when I configured a password to this client ... it got registered nicely. I think it is just a matter of password, but I do not understand why. When doing the query ( I'm using sql ) for authorize_check_query, the output table is returning a table with required fields, where Attribute User-Password = . With this configuration it does not work. But, if I return Attribute User-Password = MY_PASS it works just perfect. Regards, Lucas -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.11.8 - Release Date: 10/05/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problems with digest and ser
Lucas Aimaretto [EMAIL PROTECTED] wrote: Why is that ? I mean ... I have some SIP Phones that have no password configured, and the digest module is working fine, as they can get registered nicely. The server needs a clear-text password to do the digest authentication. If it doesn't have a clear-text password, it has no idea if the digest stuff it gets from the client is OK. I'm not sure what's going on in your setup, but I can guarantee you that the digest code in FreeRADIUS requires access to a clear-text password, and rejects the request if it doesn't have one. When doing the query ( I'm using sql ) for authorize_check_query, the output table is returning a table with required fields, where Attribute User-Password = . With this configuration it does not work. But, if I return Attribute User-Password = MY_PASS it works just perfect. That makes sense. A blank password isn't really a password. It means you're not doing authentication at *all*. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: problems with digest and ser
Why is that ? I mean ... I have some SIP Phones that have no password configured, and the digest module is working fine, as they can get registered nicely. The server needs a clear-text password to do the digest authentication. If it doesn't have a clear-text password, it has no idea if the digest stuff it gets from the client is OK. I'm not sure what's going on in your setup, but I can guarantee you that the digest code in FreeRADIUS requires access to a clear-text password, and rejects the request if it doesn't have one. So you say that if I have a client returning, at authorize_check_query, a table with User-Password = , it will not work for digest ?? and that it will only work if I return something like User-Password = PASS ?? When doing the query ( I'm using sql ) for authorize_check_query, the output table is returning a table with required fields, where Attribute User-Password = . With this configuration it does not work. But, if I return Attribute User-Password = MY_PASS it works just perfect. That makes sense. A blank password isn't really a password. It means you're not doing authentication at *all*. I got the point, but I'm telling you ... I have some clients that work with blank passwords and others that don't and just want to know why ... Regards, Lucas -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.11.8 - Release Date: 10/05/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problems with digest and ser
Lucas Aimaretto [EMAIL PROTECTED] wrote: I'm having trouble at authentication using radius and digest. Look at radius output. The rare thing is that some phones get registered nicely, but others no. The ones who get registered are X-Lite softphones and grandstream. The ones that not, are the ATAs from voip solutions, MTA-V102. Any help would be appreciated. The user is 1991106 and has NO PASSWORD assigned ... ( but all of the users have NO PASSWORD ). Has this no-password thing have something to do with all this ??? Could be. And I don't think that having no password is a good idea. In any case, if there *wasn't* a password, then the digest module would complain. rlm_digest: FAILED authentication ... ... any ideas ?? The client isn't using the correct digest algorithm? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problems with digest and ser
Hello, I am facing the same problem. My case is all H.323 IP Phones are able to registered successfully. But I have problem only with SIP IP Phones, which cannot be registered. I searched in the mailing list and i found that Digest type of authuntication can solve the problem. i did the configuration according to draft-sterman-aaa-sip-00.txt. But no luck :) If you find your solutions please let us know to solve others problem. Thank You Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html