Ok, I should really kick myself in the head for this one. First off, I would like to thank you for your assistance, sorry for being a little bit of a pest. Here is what happened:
1. I compiled OpenSER 1.2.1 with TLS support, while the IP phones that I used don't support TLS, this apparently caused various authorization issues. 2. I didn't edit the ACC module Makefile, which cause half of the configuration example not to work, which needs to be better documented. So, now I have the stations registering and authentication via Radius Digest to my OpenSER, which is good. Now, it's time to start thinking about the rlm_perl thingy ;-) Cheers, Z2L ----- Original Message ----- From: "Alan DeKok" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org> Sent: Wednesday, July 18, 2007 11:24:19 AM (GMT+0200) Asia/Jerusalem Subject: Re: RLM_PERL Integration Issue FreeRadius-ML wrote: > Now, I'm basically re-learning everything, as the world of OpenSER + > FreeRadius is a little new to me, > and sometimes frustrates me. The amount of documentation in the configuration > files is great, but the lack > of updated examples is somewhat annoying. Even Asterisk, which is one of the > most undocumented environments > in the world, has more configuration examples available. The majority of FreeRADIUS installations put users & password into SQL or LDAP, and then don't touch it ever again. For them, the existing examples are mostly OK. For *complex* scenarios, RADIUS quickly gets more complicated than DNS, DHCP, Web servers, and (I suspect) Asterisk. There just isn't enough space in the world to document every configuration that everyone needs. > In any case, lets go back to what we were discussing. If I understand you > correctly, on the FreeRadius side, > I only need to enable digest based authentication and authorization, define > the user in the users file - and that > should be working just fine? Yes. The entire *point* of the default configuration is to have as many authentication protocols as possible work... just by defining a user and password. See: http://deployingradius.com/documents/configuration/pap.html When 2.0 is released, defining a username & password will cause the following authentication methods to work: * PAP * CHAP * MS-CHAP * Digest * EAP-MD5 * EAP-MSCHAPv2 * Cisco LEAP * PEAP-MSCHAPv2 * PEAP-GTC * EAP-TTLS with * PAP * CHAP * MS-CHAP * EAP-MD5 * EAP-MSCHAPv2 Try *that* with any other program: "I added one line in a configuration file, and VOIP works, WiFi works, dial-up works, PPPoE works, VPN's work, for Apple, Windows, and Linux". No fighting, no fuss. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html