[Freeswitch-users] Freeswitch and Freeradius integration
Борисов, Дмитрий / Dmitriy Borisov
bordmi at rarus.ru
Fri Apr 3 18:15:33 MSD 2015
Check correction of all configuration for freeradius. Test connection to
your RADIUS server with radtest command
2015-04-03 16:40 GMT+03:00 Gustavo Silva <silvagustavo at yandex.ru>:
> What should I check there? The authserver and acctserver are set as
> localhost.
>
> Sent from my BlackBerry 10 smartphone.
> *From: *Борисов, Дмитрий / Dmitriy Borisov
> *Sent: *пятница, 3 апреля 2015 г., 16:29
> *To: *FreeSWITCH Users Help
> *Reply To: *FreeSWITCH Users Help
> *Subject: *Re: [Freeswitch-users] Freeswitch and Freeradius integration
>
> Check correction of the radiusclient.conf file
>
> 2015-04-03 16:12 GMT+03:00 Gustavo Silva <silvagustavo at yandex.ru>:
>
>> Yes, I did!
>>
>> Sent from my BlackBerry 10 smartphone.
>> *From: *Борисов, Дмитрий / Dmitriy Borisov
>> *Sent: *пятница, 3 апреля 2015 г., 16:11
>> *To: *FreeSWITCH Users Help
>> *Reply To: *FreeSWITCH Users Help
>> *Subject: *Re: [Freeswitch-users] Freeswitch and Freeradius integration
>>
>> Do you have installed freeradius-client on the same machine which
>> freeswitch is installed on?
>>
>> 2015-04-03 15:46 GMT+03:00 Gustavo Silva <silvagustavo at yandex.ru>:
>>
>>> I have freeradius server and freeradius client. I don't know what
>>> freeradius-ng is about.
>>>
>>> I forgot to mention, the OS is debian 7
>>>
>>> Sent from my BlackBerry 10 smartphone.
>>> *From: *Борисов, Дмитрий / Dmitriy Borisov
>>> *Sent: *пятница, 3 апреля 2015 г., 15:40
>>> *To: *FreeSWITCH Users Help
>>> *Reply To: *FreeSWITCH Users Help
>>> *Subject: *Re: [Freeswitch-users] Freeswitch and Freeradius integration
>>>
>>> Do you have freeraius-ng installed in your system?
>>>
>>> 2015-04-03 13:30 GMT+03:00 Густаво Силва <gfs at etherway.ru>:
>>>
>>>> Hi folks!
>>>>
>>>> Im getting some errors trying to enable AAA on my freeswitch with
>>>> freeradius.
>>>> I am getting the following errors:
>>>>
>>>> - When I start freeswitch:
>>>> [ERR] mod_xml_radius.c:678 Failed to load radius handle for
>>>> registration authentication
>>>>
>>>> - When I make a call:
>>>> 2015-04-03 13:22:55.840618 [ERR] mod_xml_radius.c:566 Failed to load
>>>> radius handle for digest invite authentication
>>>> 2015-04-03 13:22:55.840618 [ERR] mod_xml_radius.c:879 Failed to create
>>>> new accounting_start handle for call: 64b32ec2-d9eb-11e4-9c8c-85505819ce7f
>>>>
>>>> I can I solve this problem?
>>>>
>>>> My xml_radius.conf bellow:
>>>>
>>>> <configuration name="xml_radius.conf" description="Radius XML Gateway">
>>>> <!--
>>>> auth_invite is only called when a directory lookup is done on an
>>>> inbound invite. Usually that means a digest auth challenge on the invite.
>>>>
>>>> auth_reg is only called on the actual registration.
>>>>
>>>> auth_app is used when an invite is in the dialplan. If your
>>>> profile requires digest auth then this isn't needed.
>>>> but if your profile is doing only ip authentication this
>>>> allows you to authenticate the call without the need for digest auth.
>>>>
>>>> acct_start happens when the call goes into the state 'routing'
>>>> which means it is starting the dialplan
>>>> -->
>>>> <auth_invite>
>>>> <connection name="testing">
>>>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>>>> <param name="radius_timeout" value="10"/>
>>>> <param name="radius_retries" value="2"/>
>>>> <param name="radius_deadtime" value="0"/>
>>>> <param name="dictionary"
>>>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>>> </connection>
>>>> <fields>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>>>> format="src-gw-ip=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_from_user" format="src-gw-name=%s"/>
>>>> <param vendor="Cisco" name="h323-conf-id" variable="Core-UUID"
>>>> format="%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>>>> format="request-type=number"/>
>>>> <param name="Called-Station-Id" variable="sip_to_user"
>>>> format="%s"/>
>>>> <param name="Calling-Station-Id" variable="sip_from_user"
>>>> format="%s"/>
>>>> <param name="User-Name" variable="sip_from_user" format="%s"/>
>>>> <param name="Digest-Response" variable="sip_auth_response"
>>>> format="%s"/>
>>>> <param name="Digest-Realm" variable="sip_auth_realm" format="%s"/>
>>>> <param name="Digest-Nonce" variable="sip_auth_nonce" format="%s"/>
>>>> <param name="Digest-Username" variable="sip_auth_username"
>>>> format="%s"/>
>>>> <param name="Digest-URI" variable="sip_auth_uri" format="%s"/>
>>>> <param name="Digest-Method" variable="sip_auth_method"
>>>> format="%s"/>
>>>> <param name="Digest-Algorithm" variable="sip_auth_method"
>>>> format="MD5"/>
>>>> <param name="Digest-Qop" variable="sip_auth_qop" format="%s"/>
>>>> <param name="Digest-CNonce" variable="sip_auth_cnonce"
>>>> format="%s"/>
>>>> <param name="Digest-Nonce-Count" variable="sip_auth_nc"
>>>> format="%s"/>
>>>> </fields>
>>>> </auth_invite>
>>>> <auth_reg>
>>>> <connection name="testing">
>>>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>>>> <param name="radius_timeout" value="10"/>
>>>> <param name="radius_retries" value="2"/>
>>>> <param name="radius_deadtime" value="0"/>
>>>> <param name="dictionary"
>>>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>>> </connection>
>>>> <fields>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>>>> format="request-type=user"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="ip"
>>>> format="src-gw-ip=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_from_user" format="src-gw-name=%s"/>
>>>> <param name="User-Name" variable="sip_from_user" format="%s"/>
>>>> <param name="Digest-Response" variable="sip_auth_response"
>>>> format="%s"/>
>>>> <param name="Digest-Realm" variable="sip_auth_realm" format="%s"/>
>>>> <param name="Digest-Nonce" variable="sip_auth_nonce" format="%s"/>
>>>> <param name="Digest-Username" variable="sip_auth_username"
>>>> format="%s"/>
>>>> <param name="Digest-URI" variable="sip_auth_uri" format="%s"/>
>>>> <param name="Digest-Method" variable="sip_auth_method"
>>>> format="%s"/>
>>>> <param name="Digest-Algorithm" variable="sip_auth_method"
>>>> format="MD5"/>
>>>> <param name="Digest-Qop" variable="sip_auth_qop" format="%s"/>
>>>> <param name="Digest-CNonce" variable="sip_auth_cnonce"
>>>> format="%s"/>
>>>> <param name="Digest-Nonce-Count" variable="sip_auth_nc"
>>>> format="%s"/>
>>>> </fields>
>>>> </auth_reg>
>>>> <auth_app>
>>>> <connection name="testing">
>>>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>>>> <param name="radius_timeout" value="10"/>
>>>> <param name="radius_retries" value="2"/>
>>>> <param name="radius_deadtime" value="0"/>
>>>> <param name="dictionary"
>>>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>>> </connection>
>>>> <fields>
>>>> <param vendor="Cisco" name="h323-conf-id"
>>>> variable_secondary="uuid" variable="originating_leg_uuid" format="%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
>>>> format="h323-call-id=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_network_ip" format="src-gw-ip=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_from_user" format="src-gw-name=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_from_user" format="src-number-in=%s" />
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
>>>> format="dst-number-in=%s" />
>>>> <param name="Called-Station-Id" variable="sip_to_user"
>>>> format="%s"/>
>>>> <param name="Calling-Station-Id" variable="sip_from_user"
>>>> format="%s"/>
>>>> </fields>
>>>> </auth_app>
>>>> <auth_reg>
>>>> <connection name="testing">
>>>> <param name="authserver" value="192.168.56.103:1812:testing123"/>
>>>> <param name="radius_timeout" value="10"/>
>>>> <param name="radius_retries" value="2"/>
>>>> <param name="radius_deadtime" value="0"/>
>>>> <param name="dictionary"
>>>> value="/usr/share/freeradius/dictionary.cisco"/>
>>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>>> </connection>
>>>> <fields>
>>>> </fields>
>>>> </auth_reg>
>>>> <acct_start>
>>>> <connection name="testing">
>>>> <param name="acctserver" value="192.168.56.103:1813:testing123"/>
>>>> <param name="radius_timeout" value="10"/>
>>>> <param name="radius_retries" value="0"/>
>>>> <param name="radius_deadtime" value="0"/>
>>>> <param name="dictionary"
>>>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>>> </connection>
>>>> <fields>
>>>> <param vendor="Cisco" name="h323-call-origin"
>>>> variable="h323-call-origin" default="answer" format="%s"/>
>>>> <param vendor="Cisco" name="h323-conf-id"
>>>> variable_secondary="uuid" variable="originating_leg_uuid" format="%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
>>>> format="h323-call-id=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_contact_host" format="src-gw-ip=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_from_user" variable_secondary="ani" format="src-gw-name=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_from_user" variable_secondary="ani" format="src-number-in=%s"
>>>> />
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_from_user" variable_secondary="ani"
>>>> format="src-number-out=%s" />
>>>> <param name="Calling-Station-Id" variable="sip_from_user"
>>>> variable_secondary="ani" format="%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_host"
>>>> format="dst-gw-ip=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="destination_number" format="dst-gw-name=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="destination_number" format="dst-number-in=%s" />
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="destination_number" format="dst-number-out=%s" />
>>>> <param name="Called-Station-Id" variable="destination_number"
>>>> format="%s"/>
>>>> <param vendor="Cisco" name="h323-setup-time"/>
>>>> </fields>
>>>> </acct_start>
>>>> <acct_end>
>>>> <connection name="testing">
>>>> <param name="acctserver" value="192.168.56.103:1813:testing123"/>
>>>> <param name="radius_timeout" value="10"/>
>>>> <param name="radius_retries" value="0"/>
>>>> <param name="radius_deadtime" value="0"/>
>>>> <param name="dictionary"
>>>> value="/usr/src/freeswitch-1.2.23/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>>> <param name="seqfile" value="/var/run/radius.seq"/>
>>>> </connection>
>>>> <fields>
>>>> <param vendor="Cisco" name="h323-call-origin"
>>>> variable="h323-call-origin" default="answer" format="%s"/>
>>>> <param vendor="Cisco" name="h323-conf-id"
>>>> variable_secondary="uuid" variable="originating_leg_uuid" format="%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
>>>> format="h323-call-id=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_contact_host" format="src-gw-ip=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_from_user" variable_secondary="ani" format="src-gw-name=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_from_user" variable_secondary="ani" format="src-number-in=%s"
>>>> />
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="sip_from_user" variable_secondary="ani"
>>>> format="src-number-out=%s" />
>>>> <param name="Calling-Station-Id" variable="sip_from_user"
>>>> variable_secondary="ani" format="%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_host"
>>>> format="dst-gw-ip=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
>>>> variable_secondary="dialed_extension" format="dst-gw-name=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
>>>> variable_secondary="dialed_extension" format="dst-number-in=%s" />
>>>> <param name="Called-Station-Id" variable="destination_number"
>>>> format="%s"/>
>>>> <param vendor="Cisco" name="h323-setup-time"/>
>>>> <param vendor="Cisco" name="h323-connect-time"/>
>>>> <param vendor="Cisco" name="h323-disconnect-time"/>
>>>> <param vendor="Cisco" name="h323-disconnect-cause"/>
>>>> <param name="Acct-Session-Time" variable="billsec" format="%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable_secondary="progressmsec" variable="progress_mediamsec"
>>>> format="pdd-time=%s"/>
>>>> <param vendor="Cisco" name="Cisco-AVPair"
>>>> variable="destination_number" format="dst-number-out=%s"/>
>>>> </fields>
>>>> </acct_end>
>>>> </configuration>
>>>>
>>>>
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:
>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>
>>>
>>>
>>> --
>>> with best regards,
>>> Dmitriy Borisov
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>>
>>
>> --
>> with best regards,
>> Dmitriy Borisov
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
>
> --
> with best regards,
> Dmitriy Borisov
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
--
with best regards,
Dmitriy Borisov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150403/90eeee04/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list