RE: [Openh323gk-users] Radius configuration in gatekeeper.ini

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Michal,
I use RadAuth for follow:
ATA186 -> GNUGk -> FreeRadius

This is requested trace info:

------------------- Start
2003/06/01 23:18:09.306 1             RasSrv.cxx(927)   GK      RRQ Received
2003/06/01 23:18:09.308 3            radauth.cxx(400)   RADAUTH RRQ Auth
failed - no m_tokens
2003/06/01 23:18:09.309 2               gkauth.h(84)    GkAuth  RadAuth
check failed
2003/06/01 23:18:09.314 2             RasSrv.cxx(1182)
RRJ|192.168.1.253|oustinov:h323_ID=06181569810:dialedDigits|terminal|securit
yDenial;

2003/06/01 23:18:09.316 3             RasSrv.cxx(2072)  GK      Send to
192.168.1.253:1719
registrationReject {
    requestSeqNum = 761
    protocolIdentifier = 0.0.8.2250.0.2
    rejectReason = securityDenial <<null>>
    gatekeeperIdentifier =  15 characters {
      004e 0045 0043 0054 0049 0053 005f 004e   NECTIS_N
      0065 0074 0056 006f 0069 0063 0065        etVoice
    }
------------------- end
Config:
-------------------------------- Start
[Gatekeeper::Auth]
RadAuth=required;RRQ,ARQ
#RadAuth=sufficient;RRQ
#RadAuth=optional;ARQ
default=allow

[RadAuth]
Servers=127.0.0.1
#DefaultAuthPort=1812
SharedSecret=nectis
RequestTimeout=2000
IdCacheTimeout=9000
SocketDeleteTimeout=60000
RequestRetransmissions=2
AppendCiscoAttributes=1
IncludeEndpointIP=1
--------------------------------- End

Best regards,
Oleg


-----Original Message-----
From: openh323gk-users-admin@lists.sourceforge.net
[mailto:openh323gk-users-admin@lists.sourceforge.net]On Behalf Of
Zygmuntowicz Michal
Sent: Monday, June 02, 2003 12:58 AM
To: openh323gk-users@lists.sourceforge.net
Subject: Re: [Openh323gk-users] Radius configuration in gatekeeper.ini


> thanks for information, But it still not work - it send NO requests to
> radius - I've use FreeRadius and in log exist no ANY path of GNUGk, and
> debug -ttt tell me "no m_tokens". What's mind?

Are you using RadAuth or RadAliasAuth module? "no m_token" can mean
that your endpoints do not support CAT authentication scheme required
for RADIUS username/password based authentication. If so, you should
use RadAliasAuth - this one does not require any tokens or cryptoTokens.
Please post more detailed fragment of "no m_tokens" log and/or your config
fragment for radius authentication.

---
Michal Zygmuntowicz



-------------------------------------------------------
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
_______________________________________________
List: Openh323gk-users@lists.sourceforge.net
Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549
Homepage: http://www.gnugk.org/




-------------------------------------------------------
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
_______________________________________________
List: Openh323gk-users@lists.sourceforge.net
Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549
Homepage: http://www.gnugk.org/
[Index of Archives]     [SIP]     [Open H.323]     [Gnu Gatekeeper]     [Asterisk PBX]     [ISDN Cause Codes]     [Yosemite News]

  Powered by Linux