>Your radius client is not sending Digest-Attributes. It's sending Ascend<br>>VSAs. Read your NAS documentation how to set up digest authentication if<br>
>you want that.<br><br>hi Kalik,<br> I am really sorry to post again the same question, as per your instruction I have check all the clients configurations "radiusclient.conf" as well as SER configuration "ser.cfg", I've uncommented all the modules that will particularly help to do digest authentication in ser.cfg, but still the problem of not getting the values of digest attributes exist, I am using radiusclient 0.5.6 and SER 0.9.6, will it be the problem for incompatible of versions between the radius server and the radius clients or SER. Please tell me the possible problems of not getting these values:<br>
'Digest-User-name', 'Digest-Realm', 'Digest-Method', 'Digest-Uri', 'Digest-Nonce', 'Digest-Response'<br><br>And please tell me the things that I should change in radius server configuration to get these digest attributes.<br>
<br>for the information I've mentioning the debug when run in radiusd -X<br><br>rad_recv: Access-Request packet from host <a href="http://192.168.1.227">192.168.1.227</a> port 33526, id=92, length=252<br> User-Name = "<a href="mailto:john@192.168.1.227">john@192.168.1.227</a>"<br>
X-Ascend-Netware-timeout = 1785686126<br> X-Ascend-Send-Secret = 0x3139322e3136382e312e323237<br> X-Ascend-Receive-Secret = 0x34383163393137633262316333323731373133343937623838636165613864326437326534653832<br>
X-Ascend-IP-Pool-Definition = "sip:<a href="http://192.168.1.227">192.168.1.227</a>"<br> X-Ascend-IPX-Peer-Mode = 0x5245474953544552<br> Digest-Response = "6d1bf8eacbbddb82a606811f7e5c76ae"<br>
Service-Type = IAPP-Register<br> X-Ascend-PW-Lifetime = 1785686126<br> Cisco-AVPair = "call-id=<a href="mailto:ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193">ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193</a>"<br>
NAS-IP-Address = <a href="http://127.0.0.1">127.0.0.1</a><br> NAS-Port = 5060<br>+- entering group authorize<br>++[preprocess] returns ok<br>perl_pool: item 0x9f48768 asigned new request. Handled so far: 1<br>
found interpetator at address 0x9f48768<br>rlm_perl: ###############################################################<br>rlm_perl: RAD_REQUEST: Digest-Response = 6d1bf8eacbbddb82a606811f7e5c76ae<br>rlm_perl: RAD_REQUEST: X-Ascend-Receive-Secret = 0x34383163393137633262316333323731373133343937623838636165613864326437326534653832<br>
rlm_perl: RAD_REQUEST: X-Ascend-IPX-Peer-Mode = 0x5245474953544552<br>rlm_perl: RAD_REQUEST: Service-Type = IAPP-Register<br>rlm_perl: RAD_REQUEST: X-Ascend-Netware-timeout = 1785686126<br>rlm_perl: RAD_REQUEST: Cisco-AVPair = call-id=<a href="mailto:ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193">ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193</a><br>
rlm_perl: RAD_REQUEST: X-Ascend-IP-Pool-Definition = sip:<a href="http://192.168.1.227">192.168.1.227</a><br>rlm_perl: RAD_REQUEST: User-Name = <a href="mailto:john@192.168.1.227">john@192.168.1.227</a><br>rlm_perl: RAD_REQUEST: X-Ascend-PW-Lifetime = 1785686126<br>
rlm_perl: RAD_REQUEST: NAS-Port = 5060<br>rlm_perl: RAD_REQUEST: NAS-IP-Address = <a href="http://127.0.0.1">127.0.0.1</a><br>rlm_perl: RAD_REQUEST: X-Ascend-Send-Secret = 0x3139322e3136382e312e323237<br>rlm_perl: ###############################################################<br>
rlm_perl: Added pair Digest-Response = 6d1bf8eacbbddb82a606811f7e5c76ae<br>rlm_perl: Added pair X-Ascend-Receive-Secret = 0x34383163393137633262316333323731373133343937623838636165613864326437326534653832<br>rlm_perl: Added pair X-Ascend-IPX-Peer-Mode = 0x5245474953544552<br>
rlm_perl: Added pair Service-Type = IAPP-Register<br>rlm_perl: Added pair X-Ascend-Netware-timeout = 1785686126<br>rlm_perl: Added pair Cisco-AVPair = call-id=<a href="mailto:ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193">ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193</a><br>
rlm_perl: Added pair X-Ascend-IP-Pool-Definition = sip:<a href="http://192.168.1.227">192.168.1.227</a><br>rlm_perl: Added pair User-Name = <a href="mailto:john@192.168.1.227">john@192.168.1.227</a><br>rlm_perl: Added pair X-Ascend-PW-Lifetime = 1785686126<br>
rlm_perl: Added pair NAS-Port = 5060<br>rlm_perl: Added pair NAS-IP-Address = <a href="http://127.0.0.1">127.0.0.1</a><br>rlm_perl: Added pair X-Ascend-Send-Secret = 0x3139322e3136382e312e323237<br>rlm_perl: Added pair Reply-Message = Incorrect Password<br>
perl_pool total/active/spare [32/0/32]<br>Unreserve perl at address 0x9f48768<br>++[perl] returns reject<br>Invalid user: [<a href="http://john@192.168.1.227/">john@192.168.1.227/</a><no User-Password attribute>] (from client <a href="http://192.168.1.227">192.168.1.227</a> port 5060)<br>
Found Post-Auth-Type Reject<br>+- entering group REJECT<br> expand: %{User-Name} -> <a href="mailto:john@192.168.1.227">john@192.168.1.227</a><br> attr_filter: Matched entry DEFAULT at line 11<br>++[attr_filter.access_reject] returns updated<br>
Delaying reject of request 0 for 1 seconds<br>Going to the next request<br>Waking up in 0.9 seconds.<br>rad_recv: Access-Request packet from host <a href="http://192.168.1.227">192.168.1.227</a> port 33528, id=93, length=252<br>
User-Name = "<a href="mailto:john@192.168.1.227">john@192.168.1.227</a>"<br> X-Ascend-Netware-timeout = 1785686126<br> X-Ascend-Send-Secret = 0x3139322e3136382e312e323237<br> X-Ascend-Receive-Secret = 0x34383163393137633262316333323731373133343937623838636165613864326437326534653832<br>
X-Ascend-IP-Pool-Definition = "sip:<a href="http://192.168.1.227">192.168.1.227</a>"<br> X-Ascend-IPX-Peer-Mode = 0x5245474953544552<br> Digest-Response = "6d1bf8eacbbddb82a606811f7e5c76ae"<br>
Service-Type = IAPP-Register<br> X-Ascend-PW-Lifetime = 1785686126<br> Cisco-AVPair = "call-id=<a href="mailto:ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193">ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193</a>"<br>
NAS-IP-Address = <a href="http://127.0.0.1">127.0.0.1</a><br> NAS-Port = 5060<br>+- entering group authorize<br>++[preprocess] returns ok<br>perl_pool: item 0xa183d50 asigned new request. Handled so far: 1<br>
found interpetator at address 0xa183d50<br>rlm_perl: ###############################################################<br>rlm_perl: RAD_REQUEST: Digest-Response = 6d1bf8eacbbddb82a606811f7e5c76ae<br>rlm_perl: RAD_REQUEST: X-Ascend-Receive-Secret = 0x34383163393137633262316333323731373133343937623838636165613864326437326534653832<br>
rlm_perl: RAD_REQUEST: X-Ascend-IPX-Peer-Mode = 0x5245474953544552<br>rlm_perl: RAD_REQUEST: Service-Type = IAPP-Register<br>rlm_perl: RAD_REQUEST: X-Ascend-Netware-timeout = 1785686126<br>rlm_perl: RAD_REQUEST: Cisco-AVPair = call-id=<a href="mailto:ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193">ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193</a><br>
rlm_perl: RAD_REQUEST: X-Ascend-IP-Pool-Definition = sip:<a href="http://192.168.1.227">192.168.1.227</a><br>rlm_perl: RAD_REQUEST: User-Name = <a href="mailto:john@192.168.1.227">john@192.168.1.227</a><br>rlm_perl: RAD_REQUEST: X-Ascend-PW-Lifetime = 1785686126<br>
rlm_perl: RAD_REQUEST: NAS-Port = 5060<br>rlm_perl: RAD_REQUEST: NAS-IP-Address = <a href="http://127.0.0.1">127.0.0.1</a><br>rlm_perl: RAD_REQUEST: X-Ascend-Send-Secret = 0x3139322e3136382e312e323237<br>rlm_perl: ###############################################################<br>
rlm_perl: Added pair Digest-Response = 6d1bf8eacbbddb82a606811f7e5c76ae<br>rlm_perl: Added pair X-Ascend-Receive-Secret = 0x34383163393137633262316333323731373133343937623838636165613864326437326534653832<br>rlm_perl: Added pair X-Ascend-IPX-Peer-Mode = 0x5245474953544552<br>
rlm_perl: Added pair Service-Type = IAPP-Register<br>rlm_perl: Added pair X-Ascend-Netware-timeout = 1785686126<br>rlm_perl: Added pair Cisco-AVPair = call-id=<a href="mailto:ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193">ef6d9d206ac3449895bba4e95ea6110e@192.168.1.193</a><br>
rlm_perl: Added pair X-Ascend-IP-Pool-Definition = sip:<a href="http://192.168.1.227">192.168.1.227</a><br>rlm_perl: Added pair User-Name = <a href="mailto:john@192.168.1.227">john@192.168.1.227</a><br>rlm_perl: Added pair X-Ascend-PW-Lifetime = 1785686126<br>
rlm_perl: Added pair NAS-Port = 5060<br>rlm_perl: Added pair NAS-IP-Address = <a href="http://127.0.0.1">127.0.0.1</a><br>rlm_perl: Added pair X-Ascend-Send-Secret = 0x3139322e3136382e312e323237<br>rlm_perl: Added pair Reply-Message = Incorrect Password<br>
perl_pool total/active/spare [32/0/32]<br>Unreserve perl at address 0xa183d50<br>++[perl] returns reject<br>Invalid user: [<a href="http://john@192.168.1.227/">john@192.168.1.227/</a><no User-Password attribute>] (from client <a href="http://192.168.1.227">192.168.1.227</a> port 5060)<br>
Found Post-Auth-Type Reject<br>+- entering group REJECT<br> expand: %{User-Name} -> <a href="mailto:john@192.168.1.227">john@192.168.1.227</a><br> attr_filter: Matched entry DEFAULT at line 11<br>++[attr_filter.access_reject] returns updated<br>
Delaying reject of request 1 for 1 seconds<br>Going to the next request<br>Waking up in 0.4 seconds.<br>Sending delayed reject for request 0<br>Sending Access-Reject of id 92 to <a href="http://192.168.1.227">192.168.1.227</a> port 33526<br>
Reply-Message = "Incorrect Password"<br>Waking up in 0.5 seconds.<br>Sending delayed reject for request 1<br>Sending Access-Reject of id 93 to <a href="http://192.168.1.227">192.168.1.227</a> port 33528<br>
Reply-Message = "Incorrect Password"<br>Waking up in 4.4 seconds.<br>Cleaning up request 0 ID 92 with timestamp +5<br>Waking up in 0.5 seconds.<br>Cleaning up request 1 ID 93 with timestamp +5<br>Ready to process requests.<br>
<br>Thanks and Regards,<br>Elangbam Johnson<br><br>