120 likes | 278 Views
Scenario 4 - testing of ser and b2bua and freeradius with Mysql-enabled. Presented by Liang-Chang Yu. 5-4-1 The figure of scenario4 - call from laksman@voip to 8899@voip. 8899@voip.lges.chc.edu.tw MySQL Server laksman@voip.lges.chc.edu.tw.
E N D
Scenario 4 - testing of ser and b2bua and freeradius with Mysql-enabled Presented by Liang-Chang Yu
5-4-1 The figure of scenario4 - call from laksman@voip to 8899@voip 8899@voip.lges.chc.edu.tw MySQL Server laksman@voip.lges.chc.edu.tw
5-4-1 The testing of scenario 4 - call from laksman@voip to 8899@voip
5-4-3 The log information displayed on b2bua – call from laksman@voip to 8899@voip • 20040924-114657.220 [149018624] WARN B2bUa: AAATransceiver.cxx:196 Problem with Radius message ,reason:VRadiusException: No attributes of type 27 found in Attribute list
5-4-4 The log information displayed on radius – call from laksman@voip to 8899@voip Module: Loaded SQL Module: Instantiated sql (sql) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) rad_recv: Access-Request packet from host 163.23.112.61:1024, id=0, length=74 User-Name = "laksman" User-Password = "." NAS-IP-Address = 163.23.112.61 NAS-Port = 1000 Called-Station-Id = "8899" Calling-Station-Id = "laksman“ Login OK: [laksman/.] (from client localhost port 1000 cli laksman) Sending Access-Accept of id 0 to 163.23.112.61:1024
5-4-5 The Config of ser.cfg of senario4 # if the request URI is numerical, forward the request to B2BUA server... if (uri=~"^sip:[0-9]+@voip.lges.chc.edu.tw") { forward (voip.lges.chc.edu.tw, 5065); };
5-4-6 The Config of b2bConfig.xml of senario4 <B2BUA_Configuration> <SIP> <Local> <Port>5065</Port> <Transport>UDP</Transport> </Local> <Proxy_Server> <Address>163.23.112.61</Address> <Port>5069</Port> </Proxy_Server> <Registration> <Register>no</Register> <Address>163.23.112.61</Address> <Port>5060</Port> <Expires>600</Expires> </Registration> </SIP> <RADIUS> <Local> <Authentication_Port>1812</Authentication_Port> <Accounting_Port>1813</Accounting_Port> </Local> <Billing_Server> <Address>163.23.112.61</Address> <Authentication_Port>1812</Authentication_Port> <Accounting_Port>1813</Accounting_Port> <Password>testing123</Password> </Billing_Server> </RADIUS> <PrePaid> <Billing> <Option>mandatory</Option> <Refresh_Time>60</Refresh_Time> <Extract_User_Id_From>Proxy-Authorization</Extract_User_Id_From> <User_Id_Decode_Scheme>Basic</User_Id_Decode_Scheme> </Billing> <Use_SIP_INFO>no</Use_SIP_INFO> <Use_HTTP>no</Use_HTTP> </PrePaid> <Redundancy /> </B2BUA_Configuration>
5-4-7 The Config of radiusd.conf of freeradius of senario4 • In authorize and accounting section, umcomment # of sql line. Like this: • authorize { • # auth_log • # attr_filter • chap • mschap • # digest • # IPASS • suffix • # ntdomain • eap • # Read the 'users' file • files • # • # Look in an SQL database. The schema of the database • # is meant to mirror the "users" file. • # • # See "Authorization Queries" in sql.conf • sql • # etc_smbpasswd • # ldap • # daily • # checkval • } • . • . • . • accounting { • # daily • unix • radutmp • # sradutmp • # main_pool • # • # Log traffic to an SQL database. • # • # See "Accounting queries" in sql.conf • sql • # Cisco VoIP specific bulk accounting • # pgsql-voip • }
5-4-8 The Config of clients.conf of freeradius of senario4 In clients.conf, add these lines like below: client 163.23.112.61 { secret = testing123 shortname = localhost password = testing123 } client voip.lges.chc.edu.tw { secret = testing123 shortname = localhost password = testing123 }
5-4-9 The Config of sql.conf of freeradius of senario4 In sql.conf, put the right rootpassword sql { # Database type # Current supported are: rlm_sql_mysql, rlm_sql_postgresql, # rlm_sql_iodbc, rlm_sql_oracle, rlm_sql_unixodbc, rlm_sql_freetds driver = "rlm_sql_mysql" # Connect info server = "localhost" login = "root" password = "rootpassword" # Database table configuration radius_db = "radius" # If you want both stop and start records logged to the # same SQL table, leave this as is. If you want them in # different tables, put the start table in acct_table1 # and stop table in acct_table2 acct_table1 = "radacct" acct_table2 = "radacct" # Allow for storing data after authentication postauth_table = "radpostauth" authcheck_table = "radcheck" authreply_table = "radreply" groupcheck_table = "radgroupcheck" groupreply_table = "radgroupreply" usergroup_table = "usergroup" # Remove stale session if checkrad does not see a double login deletestalesessions = yes # Print all SQL statements when in debug mode (-x) sqltrace = yes sqltracefile = ${logdir}/sqltrace.sql … }
5-4-10 The value of each table of radius in MySQL of senario4 #1 #cd /usr/ports/distfiles/freeradius-1.0.0/src/modules/rlm_sql/drivers/rlm_sql_mysql # mysql –uroot –prootpasswd radius < db_mysql.sql Then, In radcheck table, add like this: In radreply table, add like this:
5-4-10 The value of each table of radius in MySQL of senario4 #2 In radgroupcheck table, add like this: In radgroupreply table, add like this: In usergroup table, add like this: