[VOIPSEC] Help: Using freeradius and asterisk for a university project
Sergio Iñigo Ibáñez
sergio.inigo at gmail.com
Tue Mar 14 06:53:12 CST 2006
Hello all,
I want to use a freeradius Server for digest authentication with x-lite
softphone in asterisk, but it doesn't run.
The softphone logs appears:
© 2005 CounterPath Solutions Inc. All rights reserved.
X-Lite release 1105x build stamp 21407
License key: 570E8E6BD80744BE9EC35A5C25572875
Established SIP protocol listen on: 192.168.12.1:5060
Discovered Restricted Firewall
SIP: 192.168.12.1:5060
RTP: 192.168.12.1:8000
NAT: 213.164.32.140
PROXY#0: 192.168.12.139:5060
SEND TIME: 1414604
SEND >> 192.168.12.139:5060
REGISTER sip:192.168.12.139 SIP/2.0
Via: SIP/2.0/UDP
192.168.12.1:5060;rport;branch=z9hG4bKBE355A8E3D494D86A6B0EB015E7E4789
From: Sergio <sip:100000 at 192.168.12.139>;tag=3793351630
To: Sergio <sip:100000 at 192.168.12.139>
Contact: "Sergio" <sip:100000 at 192.168.12.1:5060>
Call-ID: 67409AABB44346F4BBAB50AD42CB136E at 192.168.12.139
CSeq: 31416 REGISTER
Expires: 1800
Max-Forwards: 70
User-Agent: X-Lite release 1105x
Content-Length: 0
RECEIVE TIME: 1414607
RECEIVE << 192.168.12.139:5060
SIP/2.0 100 Trying
Via: SIP/2.0/UDP
192.168.12.1:5060;rport;branch=z9hG4bKBE355A8E3D494D86A6B0EB015E7E4789;recei
ved=192.168.12.1
From: Sergio <sip:100000 at 192.168.12.139>;tag=3793351630
To: Sergio <sip:100000 at 192.168.12.139>
Call-ID: 67409AABB44346F4BBAB50AD42CB136E at 192.168.12.139
CSeq: 31416 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Contact: <sip:100000 at 192.168.12.139>
Content-Length: 0
RECEIVE TIME: 1414609
RECEIVE << 192.168.12.139:5060
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP
192.168.12.1:5060;rport;branch=z9hG4bKBE355A8E3D494D86A6B0EB015E7E4789;recei
ved=192.168.12.1
From: Sergio <sip:100000 at 192.168.12.139>;tag=3793351630
To: Sergio <sip:100000 at 192.168.12.139>;tag=as15f7768f
Call-ID: 67409AABB44346F4BBAB50AD42CB136E at 192.168.12.139
CSeq: 31416 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Contact: <sip:100000 at 192.168.12.139>
WWW-Authenticate: Digest realm="asterisk", nonce="7bb08f40"
Content-Length: 0
And in the radisud –X output:
rad_recv: Access-Request packet from host 127.0.0.1:2367, id=150, length=80
User-Name = "100000"
User-Password = "X\005\026\010\005"
NAS-IP-Address = 127.0.0.1
NAS-Identifier = "asterisk"
NAS-Port = 1342
NAS-Port-Type = Virtual
Service-Type = Authenticate-Only
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
modcall[authorize]: module "mschap" returns noop for request 3
modcall[authorize]: module "digest" returns noop for request 3
rlm_realm: No '@' in User-Name = "100000", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 3
users: Matched entry DEFAULT at line 157
modcall[authorize]: module "files" returns ok for request 3
modcall: group authorize returns ok for request 3
rad_check_password: Found Auth-Type Digest
auth: type "Digest"
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 3
rlm_digest: Configuration item "User-Password" is required for
authentication.
modcall[authenticate]: module "digest" returns invalid for request 3
modcall: group Auth-Type returns invalid for request 3
auth: Failed to validate the user.
WARNING: Unprintable characters in the password. ? Double-check the
shared secret on the server and the NAS!
Delaying request 3 for 1 seconds
Finished request 3
Going to the next request
Any ideas?
Thank you,
Sergio
More information about the Voipsec
mailing list