[OpenSIPS-Users] Registration via RADIUS

Hanie Maghsoudy h.maghsoudy at gmail.com
Mon Oct 1 13:39:35 CEST 2012

Dear all,

I want to register some users in OpenSIPs. When I use db mode it's totally
OK. Users register and could make calls. But when I set radius
configuration (using this
<http://www.opensips.org/Resources/DocsTutRadius>document), the user
doesn't register and FreeRadius keeps printing these

Info: [digest] Checking for correctly formatted Digest-Attributes
Info: [digest] Digest-Attributes look OK.  Converting them to something
more usful.
        Digest-User-Name = "101"
        Digest-Realm = "192.168.X.X"
        Digest-Nonce = "5069765300000000af31f979191ab899f5f9fc41ed941449"
        Digest-URI = "sip:192.168.X.X"
        Digest-Method = "REGISTER"
        Digest-QOP = "auth"
        Digest-Nonce-Count = "00000001"
        Digest-CNonce = "8277adcf0b"
Info: [digest] Adding Auth-Type = DIGEST
Info: ++[digest] returns ok
Info: [suffix] Looking up realm "192.168.X.X" for User-Name =
"101 at 192.168.X.X"
Info: [suffix] Found realm "192.168.X.X"
Info: [suffix] Adding Realm = "192.168.X.X"
Info: [suffix] Authentication realm is LOCAL.
Info: ++[suffix] returns ok
Info: [eap] No EAP-Message, not doing EAP
Info: ++[eap] returns noop
Info: [files] users: Matched entry 101 at 192.168.X.X at line 22
Info: ++[files] returns ok
Info: ++[expiration] returns noop
Info: ++[logintime] returns noop
Info: [pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
Info: ++[pap] returns noop
Info: Found Auth-Type = DIGEST
Info: # Executing group from file /etc/freeradius/sites-enabled/default
Info: +- entering group DIGEST {...}
*Auth: [digest] Cleartext-Password or Digest-HA1 is required for
Info: ++[digest] returns invalid
Info: Failed to authenticate the user.
Auth: Login incorrect: [101 at 192.168.X.X/<via Auth-Type = Digest>] (from
client OpenSIPS port 0)
Info: Using Post-Auth-Type Reject
Info: # Executing group from file /etc/freeradius/sites-enabled/default
Info: +- entering group REJECT {...}
Info: [attr_filter.access_reject]    expand: %{User-Name} -> 101 at 192.168.X.X

And here is my opensips.cfg:

loadmodule "acc.so"
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
modparam("acc", "detect_direction", 0)
modparam("acc", "failed_transaction_flag", 3)
modparam("acc", "log_flag", 1)
modparam("acc", "log_missed_flag", 2)
loadmodule "auth.so"
loadmodule "aaa_radius.so"
loadmodule "auth_aaa.so"
modparam("auth", "calculate_ha1", 1)
modparam("auth_aaa", "aaa_url",
        if ( !(is_method("REGISTER")  ) ) {
                if (from_uri==myself)
                        if (!aaa_proxy_authorize("")) {
                                proxy_challenge("", "1");
                } else {
                        if (!uri==myself) {
                                send_reply("403","Rely forbidden");
        if (is_method("REGISTER"))
                if (!aaa_www_authorize(""))
                        www_challenge("", "1");
                if (   0 ) setflag(7);
                if (!save("location"))

And in freeradius/users I have:


101 at 192.168.X.X Auth-Type := Digest, Cleartext-Password == "101"
        Reply-Message = "Authenticated"

Would you please help me to solve the problem?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20121001/aab16642/attachment.htm>

More information about the Users mailing list