[Freeswitch-users] Authentication of REGISTERs through a RADIUS server

Daniel Corbe dcorbe at hammerfiber.com
Tue Jan 5 22:12:23 MSK 2016


Well re-enabling the rest of the configuration certainly worked.   So it is as automatic as I thought it would be.  I suppose I’m happy to run everything else through RADIUS as well.  Thanks for the help!

-Daniel

> On Jan 5, 2016, at 12:58 PM, Michael Jerris <mike at jerris.com> wrote:
> 
> It would be doing the user lookup for authentication... that would be for all auth, not just for register.
> 
>> On Jan 5, 2016, at 12:45 PM, Daniel Corbe <dcorbe at hammerfiber.com> wrote:
>> 
>> Hello,
>> 
>> I took note of mod_xml_radius but the documentation on this module is thin in comparison to the rest of the mod set.  It isn’t clear to me how I’d tell FreeSWITCH to begin routing REGISTER requests to my RADIUS server once I’ve enabled and configured the mod.   I’ve got a pretty simple configuration in place as I’m only interested in registrations (below).  Is there something I need to do now either from the dialplan or the Sofia config?  Someone hitting me with a cluebat here would be lovely.
>> 
>> <configuration name="xml_radius.conf" description="Radius XML Gateway">
>> <auth_reg>
>>   <connection name="testing">
>>     <param name="authserver" value="192.168.164.137:1812:testing123"/>
>>     <param name="radius_timeout" value="10"/>
>>     <param name="radius_retries" value="2"/>
>>     <param name="radius_deadtime" value="0"/>
>>     <param name="dictionary" value="/usr/local/src/freeswitch/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
>>     <param name="seqfile" value="/var/run/radius.seq"/>
>>   </connection>
>>   <fields>
>>     <param vendor="Cisco" name="Cisco-AVPair" variable="ip" format="request-type=user"/>
>>     <param vendor="Cisco" name="Cisco-AVPair" variable="ip" format="src-gw-ip=%s"/>
>>     <param vendor="Cisco" name="Cisco-AVPair" variable="sip_from_user" format="src-gw-name=%s"/>
>>     <param name="User-Name" variable="sip_from_user" format="%s"/>
>>     <param name="Digest-Response" variable="sip_auth_response" format="%s"/>
>>     <param name="Digest-Realm" variable="sip_auth_realm" format="%s"/>
>>     <param name="Digest-Nonce" variable="sip_auth_nonce" format="%s"/>
>>     <param name="Digest-Username" variable="sip_auth_username" format="%s"/>
>>     <param name="Digest-URI" variable="sip_auth_uri" format="%s"/>
>>     <param name="Digest-Method" variable="sip_auth_method" format="%s"/>
>>     <param name="Digest-Algorithm" variable="sip_auth_method" format="MD5"/>
>>     <param name="Digest-Qop" variable="sip_auth_qop" format="%s"/>
>>     <param name="Digest-CNonce" variable="sip_auth_cnonce" format="%s"/>
>>     <param name="Digest-Nonce-Count" variable="sip_auth_nc" format="%s"/>
>>   </fields>
>> </auth_reg>
>> <configuration>
>> 
>> freeswitch at voice-lab.hammerfiber.net> load mod_xml_radius
>> 2016-01-05 12:43:33.179332 [INFO] mod_xml_radius.c:170 Could not find 'auth_invite' section in config file.
>> 2016-01-05 12:43:33.198334 [INFO] mod_enum.c:880 ENUM Reloaded
>> 2016-01-05 12:43:33.198334 [INFO] switch_time.c:1415 Timezone reloaded 1781 definitions
>> 2016-01-05 12:43:33.198334 [INFO] mod_xml_radius.c:257 Could not find 'auth_app' section in config file.
>> 2016-01-05 12:43:33.198334 [INFO] mod_xml_radius.c:291 Could not find 'acct_start' section in config file.
>> 2016-01-05 12:43:33.198334 [INFO] mod_xml_radius.c:325 Could not find 'acct_end' section in config file.
>> 2016-01-05 12:43:33.198334 [CONSOLE] switch_loadable_module.c:1538 Successfully Loaded [mod_xml_radius]
>> 2016-01-05 12:43:33.198334 [NOTICE] switch_loadable_module.c:292 Adding Application 'radius_auth'
>> 2016-01-05 12:43:33.198334 [NOTICE] switch_loadable_module.c:338 Adding API Function ‘xml_radius_debug'
>> 
>> 
>> 
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services: 
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>> 
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>> 
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
> 
> 
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services: 
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
> 
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
> 
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org




Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list