[ previous ] [ next ] [ threads ]
 To :  Yate mailing list <yate@v...>
 From :  Paul Chitescu <paulc@v...>
 Subject :  Re: [yate] yradius auth
 Date :  Tue, 18 Sep 2007 00:10:42 +0300 (EEST)
Hi!

Besides authentication, SIP registration needs a module to actually store 
registration data and retrive it later for routing purposes.

An easy way is to use regfile and set autocreate=yes in [general] of 
regfile.conf so once authenticated by RADIUS registrations are stored only 
in memory.

If your RADIUS is able to perform registration and route calls by itself 
you can easily write a stub for handling the registration message in 
regexroute:

regexroute.conf

[extra]
user.register=120

[user.register]
.*=-


Paul Chitescu


On Fri, 14 Sep 2007, Nick 'TARANTUL' Novikov wrote:
> Hello!
> I try auth ip phone through radius.
> ip phone send REGISTER to yate w/o any authentication data. Yate try
> verify this request and send to radius h323-remote-address attribute
> only. radius answer access-reject and yate send 401 Unauthorized to ip
> phone.
> After this phone send REGISTER to yate with WWW-Authenticate hader.
> Yate send access-request, radius reply access-accept. But yate send
> 404 Not Found to phone.
> tcpdump log:
> 0.000000 192.168.0.19 -> 172.16.170.254 SIP Request: REGISTER
> sip:sip.example.org
> 0.012387 172.16.170.254 -> 192.168.0.19 SIP Status: 100 Trying    (0 bindings)
> 0.020498    127.0.0.1 -> 127.0.0.1    RADIUS Access-Request(1) (id=251, l=60)
> 2.020352    127.0.0.1 -> 127.0.0.1    RADIUS Access-Reject(3) (id=251, l=20)
> 2.020359    127.0.0.1 -> 127.0.0.1    RADIUS Access-Request(1) (id=251, l=60)
> 2.020425    127.0.0.1 -> 127.0.0.1    RADIUS Access-Reject(3) (id=251, l=20)
> 2.028407 172.16.170.254 -> 192.168.0.19 SIP Status: 401 Unauthorized
> (0 bindings)
> 2.120693 192.168.0.19 -> 172.16.170.254 SIP Request: REGISTER
> sip:sip.example.org
> 2.132390 172.16.170.254 -> 192.168.0.19 SIP Status: 100 Trying    (0 bindings)
> 2.140507    127.0.0.1 -> 127.0.0.1    RADIUS Access-Request(1) (id=252, l=199)
> 2.141159    127.0.0.1 -> 127.0.0.1    RADIUS Access-Accept(2) (id=252, l=20)
> 2.152386 172.16.170.254 -> 192.168.0.19 SIP Status: 404 Not Found
> (0 bindings)
>
>
>
> -- 
> tarantul