Daniel Corbe <daniel.junkmail@gmail.com> wrote:
Since the SIP server requires DIGEST authentication, the Auth-Type attribute is present and it is set to DIGEST which forces FreeRADIUS to attempt a digest authentication. Once this fails an Access-Reject packet is sent back to the RADIUS client
You don't say who's setting Auth-Type. In the example config, the "digest" module sets it. If you're setting it yourself, there's a high likelihood that something will go wrong.
Is there a way to configure FreeRADIUS so it first attempts a DIGEST authentication, and when that fails, we go ahead and attempt normal authentication?
No. That doesn't make sense. There IS a way to configure the server to try digest authentication only when the RADIUS packet contains digest attributes. Uncomment the lines referring to "digest" in radiusd.conf. Alan DeKok.