Hello,
First time on the list. Was able to solve problem by documentation before, but
now completely confused.
I am trying to learn authentication against radius server.
[root@rad47 /]# rpm -qa | grep opensips
opensips-aaa_radius-1.11.3-1.el6.x86_64
opensips-yum-releases-1.11-1.el6.noarch
opensips-auth_aaa-1.11.3-1.el6.x86_64
opensips-1.11.3-1.el6.x86_64
Added in config file:
loadmodule "auth.so"
loadmodule "auth_aaa.so"
loadmodule "aaa_radius.so"
modparam("auth_aaa", "aaa_url", "radius:/etc/radiusclient-ng/radiusclient.conf")
Created route from some examples and calling it from main route:
route[AUTH] {
if (is_method("REGISTER") || from_uri==myself)
{
# authenticate requests
if (!aaa_www_authorize("172.21.7.47")) {
www_challenge("$fd", "0");
exit;
}
# user authenticated - remove auth header
if(!is_method("REGISTER|PUBLISH"))
consume_credentials();
}
# if caller is not local subscriber, then check if it calls
# a local destination, otherwise deny, not an open relay here
if (from_uri!=myself && uri!=myself)
{
sl_send_reply("403","Not relaying");
exit;
}
return;
}
[root@rad47 /]# cat /etc/radiusclient-ng/radiusclient.conf | grep -v ^#
auth_order radius,local
login_tries 4
login_timeout 60
nologin /etc/nologin
issue /etc/radiusclient-ng/issue
authserver 127.0.0.1:1812
acctserver 127.0.0.1:1813
servers /etc/radiusclient-ng/servers
dictionary /etc/radiusclient-ng/dictionary
login_radius /usr/sbin/login.radius
seqfile /etc/opensips/radius.seq
mapfile /etc/radiusclient-ng/port-id-map
default_realm
radius_timeout 10
radius_retries 3
bindaddr *
login_local /bin/login
Then i run opensips it initialize ok. Then i try to register it challenge me
ok. But there is no request done to RADIUS over network, and client keep
sending REGISTER in response 401 Unauthorized.
There is nothing in logs. I’ve run out of ideas. Please someone help.
Regards
Andres_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
