[OpenSER-Users] OpenSER not sending User-Password to Radius Server

Klaus Darilion klaus.mailinglists at pernau.at
Tue Jul 17 23:31:05 CEST 2007


SIP uses digest authentication: The SIP proxy does not receive a 
password, thus it can't send it to the radius server.

Instead the client is sending a digest response to the SIP proxy (a hash 
calculated from the nonce, the password and some more parameters).

This response is forwarded to the Radius Server:
>         Digest-Response = "8a61cba1c0729fa70929a115c6ae7c31"

Thus, you have to configure your Radius Server to use digest 
authentication - then it should work

regards
klaus





>         Service-Type = Authenticate-Only
>         X-Ascend-PW-Lifetime = 0x313031
>         NAS-Port = 5060
>         NAS-IP-Address = 192.168.2.80
>   Processing the authorize section of radiusd.conf
> modcall: entering group authorize for request 75
> perl_pool: item 0x98baa10 asigned new request. Handled so far: 3
> found interpetator at address 0x98baa10
> rlm_perl: RAD_REQUEST: X-Ascend-PW-Lifetime = 0x313031
> rlm_perl: RAD_REQUEST: Digest-Response = 8a61cba1c0729fa70929a115c6ae7c31
> rlm_perl: RAD_REQUEST: User-Name = 101 at 192.168.2.80
> rlm_perl: RAD_REQUEST: Service-Type = Authenticate-Only
> rlm_perl: RAD_REQUEST: NAS-IP-Address = 192.168.2.80
> rlm_perl: RAD_REQUEST: NAS-Port = 5060
> rlm_perl: RAD_REQUEST: Digest-Attributes = ARRAY(0x99f368c)
> perl_pool total/active/spare [32/0/32]
> 
>   This clearly shows that the User-Password attribute is not sent. Anyone can point me at the direction to look?
> 
> z2l
> 
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users





More information about the sr-users mailing list