[Freeswitch-users] Freeswitch and Freeradius integration

Борисов, Дмитрий / Dmitriy Borisov bordmi at rarus.ru
Fri Apr 3 16:36:51 MSD 2015


Do you have freeraius-ng installed in your system?

2015-04-03 13:30 GMT+03:00 Густаво Силва <gfs at etherway.ru>:

> Hi folks!
>
> Im getting some errors trying to enable AAA on my freeswitch with
> freeradius.
> I am getting the following errors:
>
> - When I start freeswitch:
> [ERR] mod_xml_radius.c:678 Failed to load radius handle for registration
> authentication
>
> - When I make a call:
> 2015-04-03 13:22:55.840618 [ERR] mod_xml_radius.c:566 Failed to load
> radius handle for digest invite authentication
> 2015-04-03 13:22:55.840618 [ERR] mod_xml_radius.c:879 Failed to create new
> accounting_start handle for call: 64b32ec2-d9eb-11e4-9c8c-85505819ce7f
>
> I can I solve this problem?
>
> My xml_radius.conf bellow:
>
> <configuration name="xml_radius.conf" description="Radius XML Gateway">
>   <!--
>      auth_invite is only called when a directory lookup is done on an
> inbound invite. Usually that means a digest auth challenge on the invite.
>
>      auth_reg is only called on the actual registration.
>
>      auth_app is used when an invite is in the dialplan. If your profile
> requires digest auth then this isn't needed.
>               but if your profile is doing only ip authentication this
> allows you to authenticate the call without the need for digest auth.
>
>      acct_start happens when the call goes into the state 'routing' which
> means it is starting the dialplan
>   -->
>   <auth_invite>
>     <connection name="testing">
>       <param name="authserver" value="192.168.56.103:1812:testing123"/>
>       <param name="radius_timeout" value="10"/>
>       <param name="radius_retries" value="2"/>
>       <param name="radius_deadtime" value="0"/>
>       <param name="dictionary"
> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>       <param name="seqfile" value="/var/run/radius.seq"/>
>     </connection>
>     <fields>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
> format="src-gw-ip=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
> format="src-gw-name=%s"/>
>       <param vendor="Cisco" name="h323-conf-id" variable="Core-UUID"
> format="%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
> format="request-type=number"/>
>       <param name="Called-Station-Id" variable="sip_to_user" format="%s"/>
>       <param name="Calling-Station-Id" variable="sip_from_user"
> format="%s"/>
>       <param name="User-Name" variable="sip_from_user" format="%s"/>
>       <param name="Digest-Response" variable="sip_auth_response"
> format="%s"/>
>       <param name="Digest-Realm" variable="sip_auth_realm" format="%s"/>
>       <param name="Digest-Nonce" variable="sip_auth_nonce" format="%s"/>
>       <param name="Digest-Username" variable="sip_auth_username"
> format="%s"/>
>       <param name="Digest-URI" variable="sip_auth_uri" format="%s"/>
>       <param name="Digest-Method" variable="sip_auth_method" format="%s"/>
>       <param name="Digest-Algorithm" variable="sip_auth_method"
> format="MD5"/>
>       <param name="Digest-Qop" variable="sip_auth_qop" format="%s"/>
>       <param name="Digest-CNonce" variable="sip_auth_cnonce" format="%s"/>
>       <param name="Digest-Nonce-Count" variable="sip_auth_nc"
> format="%s"/>
>     </fields>
>   </auth_invite>
>   <auth_reg>
>     <connection name="testing">
>       <param name="authserver" value="192.168.56.103:1812:testing123"/>
>       <param name="radius_timeout" value="10"/>
>       <param name="radius_retries" value="2"/>
>       <param name="radius_deadtime" value="0"/>
>       <param name="dictionary"
> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>       <param name="seqfile" value="/var/run/radius.seq"/>
>     </connection>
>     <fields>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
> format="request-type=user"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
> format="src-gw-ip=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
> format="src-gw-name=%s"/>
>       <param name="User-Name" variable="sip_from_user" format="%s"/>
>       <param name="Digest-Response" variable="sip_auth_response"
> format="%s"/>
>       <param name="Digest-Realm" variable="sip_auth_realm" format="%s"/>
>       <param name="Digest-Nonce" variable="sip_auth_nonce" format="%s"/>
>       <param name="Digest-Username" variable="sip_auth_username"
> format="%s"/>
>       <param name="Digest-URI" variable="sip_auth_uri" format="%s"/>
>       <param name="Digest-Method" variable="sip_auth_method" format="%s"/>
>       <param name="Digest-Algorithm" variable="sip_auth_method"
> format="MD5"/>
>       <param name="Digest-Qop" variable="sip_auth_qop" format="%s"/>
>       <param name="Digest-CNonce" variable="sip_auth_cnonce" format="%s"/>
>       <param name="Digest-Nonce-Count" variable="sip_auth_nc" format="%s"/>
>     </fields>
>   </auth_reg>
>   <auth_app>
>     <connection name="testing">
>       <param name="authserver" value="192.168.56.103:1812:testing123"/>
>       <param name="radius_timeout" value="10"/>
>       <param name="radius_retries" value="2"/>
>       <param name="radius_deadtime" value="0"/>
>       <param name="dictionary"
> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>       <param name="seqfile" value="/var/run/radius.seq"/>
>     </connection>
>     <fields>
>       <param vendor="Cisco" name="h323-conf-id" variable_secondary="uuid"
> variable="originating_leg_uuid" format="%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
> format="h323-call-id=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_network_ip"
> format="src-gw-ip=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
> format="src-gw-name=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
> format="src-number-in=%s" />
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
> format="dst-number-in=%s" />
>       <param name="Called-Station-Id" variable="sip_to_user" format="%s"/>
>       <param name="Calling-Station-Id" variable="sip_from_user"
> format="%s"/>
>     </fields>
>   </auth_app>
>   <auth_reg>
>     <connection name="testing">
>       <param name="authserver" value="192.168.56.103:1812:testing123"/>
>       <param name="radius_timeout" value="10"/>
>       <param name="radius_retries" value="2"/>
>       <param name="radius_deadtime" value="0"/>
>       <param name="dictionary"
> value="/usr/share/freeradius/dictionary.cisco"/>
>       <param name="seqfile" value="/var/run/radius.seq"/>
>     </connection>
>     <fields>
>     </fields>
>   </auth_reg>
>   <acct_start>
>     <connection name="testing">
>       <param name="acctserver" value="192.168.56.103:1813:testing123"/>
>       <param name="radius_timeout" value="10"/>
>       <param name="radius_retries" value="0"/>
>       <param name="radius_deadtime" value="0"/>
>       <param name="dictionary"
> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>       <param name="seqfile" value="/var/run/radius.seq"/>
>     </connection>
>     <fields>
>       <param vendor="Cisco" name="h323-call-origin"
> variable="h323-call-origin" default="answer" format="%s"/>
>       <param vendor="Cisco" name="h323-conf-id" variable_secondary="uuid"
> variable="originating_leg_uuid" format="%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
> format="h323-call-id=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair"
> variable="sip_contact_host" format="src-gw-ip=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
> variable_secondary="ani" format="src-gw-name=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
> variable_secondary="ani" format="src-number-in=%s" />
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
> variable_secondary="ani" format="src-number-out=%s" />
>       <param name="Calling-Station-Id" variable="sip_from_user"
> variable_secondary="ani" format="%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_host"
> format="dst-gw-ip=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair"
> variable="destination_number" format="dst-gw-name=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair"
> variable="destination_number" format="dst-number-in=%s" />
>       <param vendor="Cisco" name="Cisco-AVPair"
> variable="destination_number" format="dst-number-out=%s" />
>       <param name="Called-Station-Id" variable="destination_number"
> format="%s"/>
>       <param vendor="Cisco" name="h323-setup-time"/>
>     </fields>
> </acct_start>
> <acct_end>
>     <connection name="testing">
>       <param name="acctserver" value="192.168.56.103:1813:testing123"/>
>       <param name="radius_timeout" value="10"/>
>       <param name="radius_retries" value="0"/>
>       <param name="radius_deadtime" value="0"/>
>       <param name="dictionary"
> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>       <param name="seqfile" value="/var/run/radius.seq"/>
>     </connection>
>     <fields>
>       <param vendor="Cisco" name="h323-call-origin"
> variable="h323-call-origin" default="answer" format="%s"/>
>       <param vendor="Cisco" name="h323-conf-id" variable_secondary="uuid"
> variable="originating_leg_uuid" format="%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
> format="h323-call-id=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair"
> variable="sip_contact_host" format="src-gw-ip=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
> variable_secondary="ani" format="src-gw-name=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
> variable_secondary="ani" format="src-number-in=%s" />
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
> variable_secondary="ani" format="src-number-out=%s" />
>       <param name="Calling-Station-Id" variable="sip_from_user"
> variable_secondary="ani" format="%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_host"
> format="dst-gw-ip=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
> variable_secondary="dialed_extension" format="dst-gw-name=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
> variable_secondary="dialed_extension" format="dst-number-in=%s" />
>       <param name="Called-Station-Id" variable="destination_number"
> format="%s"/>
>       <param vendor="Cisco" name="h323-setup-time"/>
>       <param vendor="Cisco" name="h323-connect-time"/>
>       <param vendor="Cisco" name="h323-disconnect-time"/>
>       <param vendor="Cisco" name="h323-disconnect-cause"/>
>       <param name="Acct-Session-Time" variable="billsec" format="%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair"
> variable_secondary="progressmsec" variable="progress_mediamsec"
> format="pdd-time=%s"/>
>       <param vendor="Cisco" name="Cisco-AVPair"
> variable="destination_number" format="dst-number-out=%s"/>
>     </fields>
>   </acct_end>
> </configuration>
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>



-- 
with best regards,
Dmitriy Borisov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150403/84912031/attachment-0001.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list