Re: RADAUTH RadAuth RRQ auth failed: tokens not found

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Solved.

Thanks All.


Cheers,
Shashi

On 10/28/05, Deepak Singhal <dsinghal@xxxxxxxxxxxxxxxx> wrote:
This mean the devices are getting registered via RadAliasAuth Module (They are not sending h235 password).
RadAliasAuth module by default sends password same as username.
 
 
Deepak Singhal


From: openh323gk-users-admin@xxxxxxxxxxxxxxxxxxxxx [mailto:openh323gk-users-admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Shashi Dahal
Sent: Wednesday, October 26, 2005 1:30 AM
To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: RADAUTH RadAuth RRQ auth failed: tokens not found

I was able to get all devices to work when I set their h323id and password same in the db. I am not sure if this is the way to do it, but it worked.

duh!


Cheers,
Shashi


On 10/25/05, Shashi Dahal <shashi0@xxxxxxxxx> wrote:
Hi,

Currently, the system is   MVTS+AdvancedRadius
I tested 3 devices,  1. ciscoATA, 2. HSTellian IP Phone and 3. a dialup device which also runs on h323. There is also a softphone that works via username and password, and the devices work via h323id.

Using your sqlbill/freeradius/postgresql, I was able to make the softphone work via username/password and it works fine.

However, for all 3 devices, I get the mentioned error. After posting this thread yesterday, I checked the past archives and  added a few combinations in the gnugk.ini file.


[RadAliasAuth]
Servers=192.168.150.128:1812
SharedSecret=mysecret
LocalInterface= 192.168.150.128
AppendCiscoAttributes=1
IncludeEndpointIP=1
IncludeTerminalAliases=1

[Gatekeeper::Auth]
RadAuth=required;RRQ,ARQ
RadAliasAuth=sufficiend;RRQ,ARQ
default=allow


"use RadAliasAuth and fix your database"
I am sure that sqlbill/freeradius/postgresql  will work fine on the h323id based authentication as well, and a small pointer in your part might help me get somewhere. maybe a sample of a working h323id based db structure and corresponding snippet of  gnugk.ini

Use allowedaliases and assignaliases fields only when you know what they do exactly."
I have been trying to find out what they do exactly, but could not get an exact via the archive search of this list.



Cheers,
Shashi



On 10/25/05, Zygmuntowicz Michal <m.zygmuntowicz@xxxxxxx > wrote:
Either configure ATA to send username/password correctly or use RadAliasAuth
and fix your database. Use allowedaliases and assignaliases fields only when you
know what they do exactly.

----- Original Message -----
From: "Shashi Dahal" <shashi0@xxxxxxxxx>
Sent: Monday, October 24, 2005 4:18 PM


I followed this page: http://www.gnugk.org/gnugk-cisco-ata.html
and am usign sqlbill/freeradius/postgresql

I am getting the following in the gnugk log


2005/10/24 12:04:21.851 1 RasSrv.cxx(343) RAS RRQ Received
2005/10/24 12:04: 21.852 3 radauth.cxx(1239) RADAUTH RadAuth RRQ auth failed:
tokens not found
2005/10/24 12:04:21.852 3 gkauth.cxx(968) GKAUTH RadAuth RRQ check failed
2005/10/24 12:04:21.853 2 RasSrv.cxx(388)
RRJ|192.168.1.101|123456:h323_ID=123456:dialedDigits|terminal|securityDenial;
2005/10/24 12:04:21.854 3 RasSrv.cxx(231) RAS Send to
192.168.1.101:1027< http://192.168.1.101:1027>



db structure is the following:

voipdb=> select * from voipuser where id='1';
id | h323id | accountid | disabled | checkh323id | chappassword |
allowedaliases | assignaliases | framedip | firstname | surname |
terminating
----+--------+-----------+----------+-------------+--------------+----------------+---------------+----------+-----------+---------+-------------
1 | user1 | 1 | f | t | pass1 | 123456 | | | User-01 | Voip-01 | t
(1 row)



gnugk setting ----


[RasSrv::RRQAuth]
default=allow

[Endpoint]
Password=MyPass

[Proxy]
Enable=1
ProxyForNAT=1

[RasSrv::RRQFeatures]
AcceptGatewayPrefixes=1
OverwriteEPOnSameAddress=1
AcceptEndpointIdentifier=1

[RasSrv::ARQFeatures]
ArjReasonRouteCallToSCN=1
ArjReasonRouteCallToGatekeeper=1
CallUnregisteredEndpoints=1
RemoveTrailingChar=#
ParseEmailAliases=1

[RasSrv::LRQFeatures]
NeighborTimeout=2
ForwardHopCount=2
AlwaysForwardLRQ=1
AcceptForwardedLRQ=1
IncludeDestinationInfoInLCF=1
CiscoGKCompatible=1

[Gatekeeper::Auth]
RadAuth=required;RRQ,ARQ
NeighbourPasswordAuth=required
default=allow

[RadAuth]
Servers= 92.168.150.128:1812 < http://92.168.150.128:1812>
SharedSecret=secret
LocalInterface= 192.168.150.128 <http://192.168.150.128 >
AppendCiscoAttributes=1
IncludeEndpointIP=1

[Gatekeeper::Acct]
RadAcct=required;start,stop
default=accept

[RadAcct]
Servers= 192.168.150.128:1813 <http://192.168.150.128:1813>
LocalInterface= 192.168.150.128 <http://192.168.150.128>
SharedSecret=secret
RequestRetransmissions=4
RoundRobinServers=1
AppendCiscoAttributes=1

[RasSrv::GWPrefixes]
GW=*

[RasSrv::PermanentEndpoints]
192.168.150.250=GW;*



Where am I missing something to allow h323id based authentication


Cheers,
Shashi



-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc.
Get Certified Today * Register for a JBoss Training Course
Free Certification Exam for All Training Attendees Through End of 2005
Visit http://www.jboss.com/services/certification for more information
_______________________________________________________

Posting: mailto: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/




[Index of Archives]     [SIP]     [Open H.323]     [Gnu Gatekeeper]     [Asterisk PBX]     [ISDN Cause Codes]     [Yosemite News]

  Powered by Linux