Michal, thanks, I will test as soon as CVS updates. Please see GRQ-GCF-RRQ-RCF messages exchanged between gnugk and endpoint. 2003/10/27 09:58:39.610 3 RasSrv.cxx(2186) GK gatekeeperRequest { requestSeqNum = 28246 protocolIdentifier = 0.0.8.2250.0.4 rasAddress = ipAddress { ip = 4 octets { c0 a8 01 ad .... } port = 39900 } endpointType = { vendor = { vendor = { t35CountryCode = 38 t35Extension = 0 manufacturerCode = 3802 } productId = 12 octets { 53 6d 69 6c 65 50 68 6f 6e 65 00 00 SmilePhone.. } versionId = 5 octets { 31 2e 33 00 00 1.3.. } } terminal = { } mc = FALSE undefinedNode = FALSE } endpointAlias = 1 entries { [0]=dialedDigits "991236" } cryptoTokens = 1 entries { [0]=nestedcryptoToken cryptoHashedToken { tokenOID = 0.0.8.235.0.2.1 hashedVals = { tokenOID = 0.0.8.235.0.2.5 timeStamp = 1067248618 random = 845432814 sendersID = 6 characters { 0039 0039 0031 0032 0033 0036 991236 } } token = { algorithmOID = 0.0.8.235.0.2.6 paramS = { } hash = Hex: 54 f9 ef ba 6d f0 9e 2f 65 35 8d d4 } } } authenticationCapability = 2 entries { [0]=pwdHash <<null>> [1]=authenticationBES radius <<null>> } algorithmOIDs = 3 entries { [0]=0.0.8.235.0.2.6 [1]=1.2.840.113549.2.5 [2]=1.2.840.113548.10.1.2.1 } supportsAltGK = <<null>> } 2003/10/27 09:58:39.611 1 RasSrv.cxx(838) GK GRQ Received 2003/10/27 09:58:39.618 3 RasSrv.cxx(2113) GK Send to XX.XX.XX.XX:64757 gatekeeperConfirm { requestSeqNum = 28246 protocolIdentifier = 0.0.8.2250.0.4 gatekeeperIdentifier = 10 characters { 004f 0070 0065 006e 0048 0033 0032 0033 OpenH323 0047 004b GK } rasAddress = ipAddress { ip = 4 octets { d5 15 c4 06 .... } port = 1719 } authenticationMode = authenticationBES radius <<null>> algorithmOID = 1.2.840.113548.10.1.2.1 } 2003/10/27 09:58:39.619 5 RasSrv.cxx(2127) GK Sent Successful 2003/10/27 09:58:39.696 3 RasSrv.cxx(2186) GK registrationRequest { requestSeqNum = 28247 protocolIdentifier = 0.0.8.2250.0.4 discoveryComplete = TRUE callSignalAddress = 1 entries { [0]=ipAddress { ip = 4 octets { c0 a8 01 ad .... } port = 1720 } } rasAddress = 1 entries { [0]=ipAddress { ip = 4 octets { c0 a8 01 ad .... } port = 39900 } } terminalType = { vendor = { vendor = { t35CountryCode = 38 t35Extension = 0 manufacturerCode = 3802 } productId = 12 octets { 53 6d 69 6c 65 50 68 6f 6e 65 00 00 SmilePhone.. } versionId = 5 octets { 31 2e 33 00 00 1.3.. } } terminal = { } mc = FALSE undefinedNode = FALSE } terminalAlias = 1 entries { [0]=dialedDigits "991236" } gatekeeperIdentifier = 10 characters { 004f 0070 0065 006e 0048 0033 0032 0033 OpenH323 0047 004b GK } endpointVendor = { vendor = { t35CountryCode = 38 t35Extension = 0 manufacturerCode = 3802 } productId = 12 octets { 53 6d 69 6c 65 50 68 6f 6e 65 00 00 SmilePhone.. } versionId = 5 octets { 31 2e 33 00 00 1.3.. } } tokens = 1 entries { [0]={ tokenOID = 1.2.840.113548.10.1.2.1 timeStamp = 1067248618 challenge = 16 octets { 5d b4 1c 71 7d ec e1 4e c1 1e b9 a6 77 4b ac ]..q}..N....wK.E } random = 79 generalID = 7 characters { 0039 0039 0031 0032 0033 0036 0000 991236 } } } keepAlive = FALSE willSupplyUUIEs = FALSE maintainConnection = FALSE supportsAltGK = <<null>> } 2003/10/27 09:58:39.699 1 RasSrv.cxx(940) GK RRQ Received 2003/10/27 09:58:39.782 3 RasSrv.cxx(2113) GK Send to XX.XX.XX.XX:64757 registrationConfirm { requestSeqNum = 28247 protocolIdentifier = 0.0.8.2250.0.4 nonStandardData = { nonStandardIdentifier = object (NULL) data = 16 octets { 4e 41 54 3d 32 31 33 2e 32 31 2e 31 39 36 2e 32 NAT=213.21.196.2 } } callSignalAddress = 1 entries { [0]=ipAddress { ip = 4 octets { d5 15 c4 06 .... } port = 1721 } } terminalAlias = 1 entries { [0]=dialedDigits "991236" } gatekeeperIdentifier = 10 characters { 004f 0070 0065 006e 0048 0033 0032 0033 OpenH323 0047 004b GK } endpointIdentifier = 9 characters { 0037 0035 0037 0030 005f 0065 006e 0064 7570_end 0070 p } timeToLive = 600 willRespondToIRR = FALSE maintainConnection = FALSE } 2003/10/27 09:58:39.784 5 RasSrv.cxx(2127) GK Sent Successful -----Original Message----- From: openh323gk-users-admin@lists.sourceforge.net [mailto:openh323gk-users-admin@lists.sourceforge.net]On Behalf Of Zygmuntowicz Michal Sent: Wednesday, October 29, 2003 6:30 PM To: openh323gk-users@lists.sourceforge.net Subject: Re: RadAuth RCF doesn't contain tokens I did some fix (gk is not copying crypto tokens between xRQ and xCF messages now). Can you test the fixed gk version (maybe you will need to wait for anonymous cvs to be updated with the fix)? And maybe you could send a sample RRQ message so we can see what H.235 mechanisms the endpoint is using. Btw. If you have only RadAuth configured and an endpoint sends a GRQ first, the gatekeeper should instruct endpoint to send only CAT H.235 tokens inside xRQ messages, so there should be no problem with crypto tokens. Another thing is that if an endpoint forces use of H.235 Auth Procedure I security scheme, the gatekeeper does not support it yet. --- Michal Zygmuntowicz ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ List: Openh323gk-users@lists.sourceforge.net Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/ ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ List: Openh323gk-users@lists.sourceforge.net Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/