[Freeswitch-users] Freeswitch and Freeradius integration
Борисов, Дмитрий / Dmitriy Borisov
bordmi at rarus.ru
Fri Apr 3 17:24:19 MSD 2015
Check correction of the radiusclient.conf file
2015-04-03 16:12 GMT+03:00 Gustavo Silva <silvagustavo at yandex.ru>:
> Yes, I did!
>
> Sent from my BlackBerry 10 smartphone.
> *From: *Борисов, Дмитрий / Dmitriy Borisov
> *Sent: *пятница, 3 апреля 2015 г., 16:11
> *To: *FreeSWITCH Users Help
> *Reply To: *FreeSWITCH Users Help
> *Subject: *Re: [Freeswitch-users] Freeswitch and Freeradius integration
>
> Do you have installed freeradius-client on the same machine which
> freeswitch is installed on?
>
> 2015-04-03 15:46 GMT+03:00 Gustavo Silva <silvagustavo at yandex.ru>:
>
>> I have freeradius server and freeradius client. I don't know what
>> freeradius-ng is about.
>>
>> I forgot to mention, the OS is debian 7
>>
>> Sent from my BlackBerry 10 smartphone.
>> *From: *Борисов, Дмитрий / Dmitriy Borisov
>> *Sent: *пятница, 3 апреля 2015 г., 15:40
>> *To: *FreeSWITCH Users Help
>> *Reply To: *FreeSWITCH Users Help
>> *Subject: *Re: [Freeswitch-users] Freeswitch and Freeradius integration
>>
>> Do you have freeraius-ng installed in your system?
>>
>> 2015-04-03 13:30 GMT+03:00 Густаво Силва <gfs at etherway.ru>:
>>
>>> Hi folks!
>>>
>>> Im getting some errors trying to enable AAA on my freeswitch with
>>> freeradius.
>>> I am getting the following errors:
>>>
>>> - When I start freeswitch:
>>> [ERR] mod_xml_radius.c:678 Failed to load radius handle for registration
>>> authentication
>>>
>>> - When I make a call:
>>> 2015-04-03 13:22:55.840618 [ERR] mod_xml_radius.c:566 Failed to load
>>> radius handle for digest invite authentication
>>> 2015-04-03 13:22:55.840618 [ERR] mod_xml_radius.c:879 Failed to create
>>> new accounting_start handle for call: 64b32ec2-d9eb-11e4-9c8c-85505819ce7f
>>>
>>> I can I solve this problem?
>>>
>>> My xml_radius.conf bellow:
>>>
>>> <configuration name="xml_radius.conf" description="Radius XML Gateway">
>>> <!--
>>> auth_invite is only called when a directory lookup is done on an
>>> inbound invite. Usually that means a digest auth challenge on the invite.
>>>
>>> auth_reg is only called on the actual registration.
>>>
>>> auth_app is used when an invite is in the dialplan. If your profile
>>> requires digest auth then this isn't needed.
>>> but if your profile is doing only ip authentication this
>>> allows you to authenticate the call without the need for digest auth.
>>>
>>> acct_start happens when the call goes into the state 'routing'
>>> which means it is starting the dialplan
>>> -->
>>> <auth_invite>
>>> <connection name="testing">
>>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>>> <param name="radius_timeout" value="10"/>
>>> <param name="radius_retries" value="2"/>
>>> <param name="radius_deadtime" value="0"/>
>>> <param name="dictionary"
>>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>> </connection>
>>> <fields>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>>> format="src-gw-ip=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>>> format="src-gw-name=%s"/>
>>> <param vendor="Cisco" name="h323-conf-id" variable="Core-UUID"
>>> format="%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>>> format="request-type=number"/>
>>> <param name="Called-Station-Id" variable="sip_to_user"
>>> format="%s"/>
>>> <param name="Calling-Station-Id" variable="sip_from_user"
>>> format="%s"/>
>>> <param name="User-Name" variable="sip_from_user" format="%s"/>
>>> <param name="Digest-Response" variable="sip_auth_response"
>>> format="%s"/>
>>> <param name="Digest-Realm" variable="sip_auth_realm" format="%s"/>
>>> <param name="Digest-Nonce" variable="sip_auth_nonce" format="%s"/>
>>> <param name="Digest-Username" variable="sip_auth_username"
>>> format="%s"/>
>>> <param name="Digest-URI" variable="sip_auth_uri" format="%s"/>
>>> <param name="Digest-Method" variable="sip_auth_method"
>>> format="%s"/>
>>> <param name="Digest-Algorithm" variable="sip_auth_method"
>>> format="MD5"/>
>>> <param name="Digest-Qop" variable="sip_auth_qop" format="%s"/>
>>> <param name="Digest-CNonce" variable="sip_auth_cnonce"
>>> format="%s"/>
>>> <param name="Digest-Nonce-Count" variable="sip_auth_nc"
>>> format="%s"/>
>>> </fields>
>>> </auth_invite>
>>> <auth_reg>
>>> <connection name="testing">
>>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>>> <param name="radius_timeout" value="10"/>
>>> <param name="radius_retries" value="2"/>
>>> <param name="radius_deadtime" value="0"/>
>>> <param name="dictionary"
>>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>> </connection>
>>> <fields>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>>> format="request-type=user"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>>> format="src-gw-ip=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>>> format="src-gw-name=%s"/>
>>> <param name="User-Name" variable="sip_from_user" format="%s"/>
>>> <param name="Digest-Response" variable="sip_auth_response"
>>> format="%s"/>
>>> <param name="Digest-Realm" variable="sip_auth_realm" format="%s"/>
>>> <param name="Digest-Nonce" variable="sip_auth_nonce" format="%s"/>
>>> <param name="Digest-Username" variable="sip_auth_username"
>>> format="%s"/>
>>> <param name="Digest-URI" variable="sip_auth_uri" format="%s"/>
>>> <param name="Digest-Method" variable="sip_auth_method"
>>> format="%s"/>
>>> <param name="Digest-Algorithm" variable="sip_auth_method"
>>> format="MD5"/>
>>> <param name="Digest-Qop" variable="sip_auth_qop" format="%s"/>
>>> <param name="Digest-CNonce" variable="sip_auth_cnonce"
>>> format="%s"/>
>>> <param name="Digest-Nonce-Count" variable="sip_auth_nc"
>>> format="%s"/>
>>> </fields>
>>> </auth_reg>
>>> <auth_app>
>>> <connection name="testing">
>>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>>> <param name="radius_timeout" value="10"/>
>>> <param name="radius_retries" value="2"/>
>>> <param name="radius_deadtime" value="0"/>
>>> <param name="dictionary"
>>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>> </connection>
>>> <fields>
>>> <param vendor="Cisco" name="h323-conf-id"
>>> variable_secondary="uuid" variable="originating_leg_uuid" format="%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
>>> format="h323-call-id=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair"
>>> variable="sip_network_ip" format="src-gw-ip=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>>> format="src-gw-name=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>>> format="src-number-in=%s" />
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
>>> format="dst-number-in=%s" />
>>> <param name="Called-Station-Id" variable="sip_to_user"
>>> format="%s"/>
>>> <param name="Calling-Station-Id" variable="sip_from_user"
>>> format="%s"/>
>>> </fields>
>>> </auth_app>
>>> <auth_reg>
>>> <connection name="testing">
>>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>>> <param name="radius_timeout" value="10"/>
>>> <param name="radius_retries" value="2"/>
>>> <param name="radius_deadtime" value="0"/>
>>> <param name="dictionary"
>>> value="/usr/share/freeradius/dictionary.cisco"/>
>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>> </connection>
>>> <fields>
>>> </fields>
>>> </auth_reg>
>>> <acct_start>
>>> <connection name="testing">
>>> <param name="acctserver" value="192.168.56.103:1813:testing123"/>
>>> <param name="radius_timeout" value="10"/>
>>> <param name="radius_retries" value="0"/>
>>> <param name="radius_deadtime" value="0"/>
>>> <param name="dictionary"
>>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>> </connection>
>>> <fields>
>>> <param vendor="Cisco" name="h323-call-origin"
>>> variable="h323-call-origin" default="answer" format="%s"/>
>>> <param vendor="Cisco" name="h323-conf-id"
>>> variable_secondary="uuid" variable="originating_leg_uuid" format="%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
>>> format="h323-call-id=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair"
>>> variable="sip_contact_host" format="src-gw-ip=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>>> variable_secondary="ani" format="src-gw-name=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>>> variable_secondary="ani" format="src-number-in=%s" />
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>>> variable_secondary="ani" format="src-number-out=%s" />
>>> <param name="Calling-Station-Id" variable="sip_from_user"
>>> variable_secondary="ani" format="%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_host"
>>> format="dst-gw-ip=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair"
>>> variable="destination_number" format="dst-gw-name=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair"
>>> variable="destination_number" format="dst-number-in=%s" />
>>> <param vendor="Cisco" name="Cisco-AVPair"
>>> variable="destination_number" format="dst-number-out=%s" />
>>> <param name="Called-Station-Id" variable="destination_number"
>>> format="%s"/>
>>> <param vendor="Cisco" name="h323-setup-time"/>
>>> </fields>
>>> </acct_start>
>>> <acct_end>
>>> <connection name="testing">
>>> <param name="acctserver" value="192.168.56.103:1813:testing123"/>
>>> <param name="radius_timeout" value="10"/>
>>> <param name="radius_retries" value="0"/>
>>> <param name="radius_deadtime" value="0"/>
>>> <param name="dictionary"
>>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>> </connection>
>>> <fields>
>>> <param vendor="Cisco" name="h323-call-origin"
>>> variable="h323-call-origin" default="answer" format="%s"/>
>>> <param vendor="Cisco" name="h323-conf-id"
>>> variable_secondary="uuid" variable="originating_leg_uuid" format="%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
>>> format="h323-call-id=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair"
>>> variable="sip_contact_host" format="src-gw-ip=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>>> variable_secondary="ani" format="src-gw-name=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>>> variable_secondary="ani" format="src-number-in=%s" />
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user"
>>> variable_secondary="ani" format="src-number-out=%s" />
>>> <param name="Calling-Station-Id" variable="sip_from_user"
>>> variable_secondary="ani" format="%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_host"
>>> format="dst-gw-ip=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
>>> variable_secondary="dialed_extension" format="dst-gw-name=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
>>> variable_secondary="dialed_extension" format="dst-number-in=%s" />
>>> <param name="Called-Station-Id" variable="destination_number"
>>> format="%s"/>
>>> <param vendor="Cisco" name="h323-setup-time"/>
>>> <param vendor="Cisco" name="h323-connect-time"/>
>>> <param vendor="Cisco" name="h323-disconnect-time"/>
>>> <param vendor="Cisco" name="h323-disconnect-cause"/>
>>> <param name="Acct-Session-Time" variable="billsec" format="%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair"
>>> variable_secondary="progressmsec" variable="progress_mediamsec"
>>> format="pdd-time=%s"/>
>>> <param vendor="Cisco" name="Cisco-AVPair"
>>> variable="destination_number" format="dst-number-out=%s"/>
>>> </fields>
>>> </acct_end>
>>> </configuration>
>>>
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>>
>>
>> --
>> with best regards,
>> Dmitriy Borisov
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
>
> --
> with best regards,
> Dmitriy Borisov
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
--
with best regards,
Dmitriy Borisov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150403/30754bfd/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list