[Freeswitch-users] Freeswitch and Freeradius integration
Борисов, Дмитрий / Dmitriy Borisov
bordmi at rarus.ru
Fri Apr 3 17:07:45 MSD 2015
Do you have installed freeradius-client on the same machine which
freeswitch is installed on?
2015-04-03 15:46 GMT+03:00 Gustavo Silva <silvagustavo at yandex.ru>:
> I have freeradius server and freeradius client. I don't know what
> freeradius-ng is about.
>
> I forgot to mention, the OS is debian 7
>
> Sent from my BlackBerry 10 smartphone.
> *From: *Борисов, Дмитрий / Dmitriy Borisov
> *Sent: *пятница, 3 апреля 2015 г., 15:40
> *To: *FreeSWITCH Users Help
> *Reply To: *FreeSWITCH Users Help
> *Subject: *Re: [Freeswitch-users] Freeswitch and Freeradius integration
>
> Do you have freeraius-ng installed in your system?
>
> 2015-04-03 13:30 GMT+03:00 Густаво Силва <gfs at etherway.ru>:
>
>> Hi folks!
>>
>> Im getting some errors trying to enable AAA on my freeswitch with
>> freeradius.
>> I am getting the following errors:
>>
>> - When I start freeswitch:
>> [ERR] mod_xml_radius.c:678 Failed to load radius handle for registration
>> authentication
>>
>> - When I make a call:
>> 2015-04-03 13:22:55.840618 [ERR] mod_xml_radius.c:566 Failed to load
>> radius handle for digest invite authentication
>> 2015-04-03 13:22:55.840618 [ERR] mod_xml_radius.c:879 Failed to create
>> new accounting_start handle for call: 64b32ec2-d9eb-11e4-9c8c-85505819ce7f
>>
>> I can I solve this problem?
>>
>> My xml_radius.conf bellow:
>>
>> <configuration name="xml_radius.conf" description="Radius XML Gateway">
>> <!--
>> auth_invite is only called when a directory lookup is done on an
>> inbound invite. Usually that means a digest auth challenge on the invite.
>>
>> auth_reg is only called on the actual registration.
>>
>> auth_app is used when an invite is in the dialplan. If your profile
>> requires digest auth then this isn't needed.
>> but if your profile is doing only ip authentication this
>> allows you to authenticate the call without the need for digest auth.
>>
>> acct_start happens when the call goes into the state 'routing' which
>> means it is starting the dialplan
>> -->
>> <auth_invite>
>> <connection name="testing">
>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>> <param name="radius_timeout" value="10"/>
>> <param name="radius_retries" value="2"/>
>> <param name="radius_deadtime" value="0"/>
>> <param name="dictionary"
>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>> <param name="seqfile" value="/var/run/radius.seq"/>
>> </connection>
>> <fields>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>> format="src-gw-ip=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>> format="src-gw-name=%s"/>
>> <param vendor="Cisco" name="h323-conf-id" variable="Core-UUID"
>> format="%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>> format="request-type=number"/>
>> <param name="Called-Station-Id" variable="sip_to_user" format="%s"/>
>> <param name="Calling-Station-Id" variable="sip_from_user"
>> format="%s"/>
>> <param name="User-Name" variable="sip_from_user" format="%s"/>
>> <param name="Digest-Response" variable="sip_auth_response"
>> format="%s"/>
>> <param name="Digest-Realm" variable="sip_auth_realm" format="%s"/>
>> <param name="Digest-Nonce" variable="sip_auth_nonce" format="%s"/>
>> <param name="Digest-Username" variable="sip_auth_username"
>> format="%s"/>
>> <param name="Digest-URI" variable="sip_auth_uri" format="%s"/>
>> <param name="Digest-Method" variable="sip_auth_method" format="%s"/>
>> <param name="Digest-Algorithm" variable="sip_auth_method"
>> format="MD5"/>
>> <param name="Digest-Qop" variable="sip_auth_qop" format="%s"/>
>> <param name="Digest-CNonce" variable="sip_auth_cnonce" format="%s"/>
>> <param name="Digest-Nonce-Count" variable="sip_auth_nc"
>> format="%s"/>
>> </fields>
>> </auth_invite>
>> <auth_reg>
>> <connection name="testing">
>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>> <param name="radius_timeout" value="10"/>
>> <param name="radius_retries" value="2"/>
>> <param name="radius_deadtime" value="0"/>
>> <param name="dictionary"
>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>> <param name="seqfile" value="/var/run/radius.seq"/>
>> </connection>
>> <fields>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>> format="request-type=user"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>> format="src-gw-ip=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>> format="src-gw-name=%s"/>
>> <param name="User-Name" variable="sip_from_user" format="%s"/>
>> <param name="Digest-Response" variable="sip_auth_response"
>> format="%s"/>
>> <param name="Digest-Realm" variable="sip_auth_realm" format="%s"/>
>> <param name="Digest-Nonce" variable="sip_auth_nonce" format="%s"/>
>> <param name="Digest-Username" variable="sip_auth_username"
>> format="%s"/>
>> <param name="Digest-URI" variable="sip_auth_uri" format="%s"/>
>> <param name="Digest-Method" variable="sip_auth_method" format="%s"/>
>> <param name="Digest-Algorithm" variable="sip_auth_method"
>> format="MD5"/>
>> <param name="Digest-Qop" variable="sip_auth_qop" format="%s"/>
>> <param name="Digest-CNonce" variable="sip_auth_cnonce" format="%s"/>
>> <param name="Digest-Nonce-Count" variable="sip_auth_nc"
>> format="%s"/>
>> </fields>
>> </auth_reg>
>> <auth_app>
>> <connection name="testing">
>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>> <param name="radius_timeout" value="10"/>
>> <param name="radius_retries" value="2"/>
>> <param name="radius_deadtime" value="0"/>
>> <param name="dictionary"
>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>> <param name="seqfile" value="/var/run/radius.seq"/>
>> </connection>
>> <fields>
>> <param vendor="Cisco" name="h323-conf-id" variable_secondary="uuid"
>> variable="originating_leg_uuid" format="%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
>> format="h323-call-id=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_network_ip"
>> format="src-gw-ip=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>> format="src-gw-name=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>> format="src-number-in=%s" />
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
>> format="dst-number-in=%s" />
>> <param name="Called-Station-Id" variable="sip_to_user" format="%s"/>
>> <param name="Calling-Station-Id" variable="sip_from_user"
>> format="%s"/>
>> </fields>
>> </auth_app>
>> <auth_reg>
>> <connection name="testing">
>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>> <param name="radius_timeout" value="10"/>
>> <param name="radius_retries" value="2"/>
>> <param name="radius_deadtime" value="0"/>
>> <param name="dictionary"
>> value="/usr/share/freeradius/dictionary.cisco"/>
>> <param name="seqfile" value="/var/run/radius.seq"/>
>> </connection>
>> <fields>
>> </fields>
>> </auth_reg>
>> <acct_start>
>> <connection name="testing">
>> <param name="acctserver" value="192.168.56.103:1813:testing123"/>
>> <param name="radius_timeout" value="10"/>
>> <param name="radius_retries" value="0"/>
>> <param name="radius_deadtime" value="0"/>
>> <param name="dictionary"
>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>> <param name="seqfile" value="/var/run/radius.seq"/>
>> </connection>
>> <fields>
>> <param vendor="Cisco" name="h323-call-origin"
>> variable="h323-call-origin" default="answer" format="%s"/>
>> <param vendor="Cisco" name="h323-conf-id" variable_secondary="uuid"
>> variable="originating_leg_uuid" format="%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
>> format="h323-call-id=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair"
>> variable="sip_contact_host" format="src-gw-ip=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>> variable_secondary="ani" format="src-gw-name=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>> variable_secondary="ani" format="src-number-in=%s" />
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>> variable_secondary="ani" format="src-number-out=%s" />
>> <param name="Calling-Station-Id" variable="sip_from_user"
>> variable_secondary="ani" format="%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_host"
>> format="dst-gw-ip=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair"
>> variable="destination_number" format="dst-gw-name=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair"
>> variable="destination_number" format="dst-number-in=%s" />
>> <param vendor="Cisco" name="Cisco-AVPair"
>> variable="destination_number" format="dst-number-out=%s" />
>> <param name="Called-Station-Id" variable="destination_number"
>> format="%s"/>
>> <param vendor="Cisco" name="h323-setup-time"/>
>> </fields>
>> </acct_start>
>> <acct_end>
>> <connection name="testing">
>> <param name="acctserver" value="192.168.56.103:1813:testing123"/>
>> <param name="radius_timeout" value="10"/>
>> <param name="radius_retries" value="0"/>
>> <param name="radius_deadtime" value="0"/>
>> <param name="dictionary"
>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>> <param name="seqfile" value="/var/run/radius.seq"/>
>> </connection>
>> <fields>
>> <param vendor="Cisco" name="h323-call-origin"
>> variable="h323-call-origin" default="answer" format="%s"/>
>> <param vendor="Cisco" name="h323-conf-id" variable_secondary="uuid"
>> variable="originating_leg_uuid" format="%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
>> format="h323-call-id=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair"
>> variable="sip_contact_host" format="src-gw-ip=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>> variable_secondary="ani" format="src-gw-name=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>> variable_secondary="ani" format="src-number-in=%s" />
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>> variable_secondary="ani" format="src-number-out=%s" />
>> <param name="Calling-Station-Id" variable="sip_from_user"
>> variable_secondary="ani" format="%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_host"
>> format="dst-gw-ip=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
>> variable_secondary="dialed_extension" format="dst-gw-name=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
>> variable_secondary="dialed_extension" format="dst-number-in=%s" />
>> <param name="Called-Station-Id" variable="destination_number"
>> format="%s"/>
>> <param vendor="Cisco" name="h323-setup-time"/>
>> <param vendor="Cisco" name="h323-connect-time"/>
>> <param vendor="Cisco" name="h323-disconnect-time"/>
>> <param vendor="Cisco" name="h323-disconnect-cause"/>
>> <param name="Acct-Session-Time" variable="billsec" format="%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair"
>> variable_secondary="progressmsec" variable="progress_mediamsec"
>> format="pdd-time=%s"/>
>> <param vendor="Cisco" name="Cisco-AVPair"
>> variable="destination_number" format="dst-number-out=%s"/>
>> </fields>
>> </acct_end>
>> </configuration>
>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
>
> --
> with best regards,
> Dmitriy Borisov
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
--
with best regards,
Dmitriy Borisov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150403/055c76e5/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list