Brekeke Documents

Find user guides, developer guides, API references, tutorials, and more!

Brekeke SIP Server Wiki

  1. Brekeke SIP Server Basic Info
  2. Security
  3. Update & Upgrade
  4. Configuration
    1. Installation
    2. Basic Setup
    3. BSS Administration Tool
    4. Network Configuration
    5. Dial Plan
    6. Block List
    7. Provisioning
    8. Push Notification
    9. SDN
    10. STIR/SHAKEN
    11. Advanced Edition
      1. Alias function
      2. Call detailed records (CDR)
      3. Failover
      4. Load balancing by BSS
      5. RADIUS
        1. RADIUS Accounting
        2. RADIUS Authentication
        3. RADIUS Preauthentication
        4. RADIUS Attributes
        5. Environment Variables for RADIUS
        6. Define Vendor-Specific Attribute (VSA) in Brekeke RADIUS Request
        7. Troubleshooting for RADIUS
      6. TLS
      7. SRTP Conversion
      8. Redundancy
      9. Brekeke Heartbeat Remote Access Setup
      10. Brekeke SIP Server Failure Notification
      11. Heavy loads alert with Brekeke Heartbeat
      12. Monitoring SIP Devices with Heartbeat
    12. Other Functions
    13. Third-Party Database
    14. Environment Variables
  5. Troubleshooting
  6. Developer's Guide
  7. Version History

RADIUS Authentication

From advanced edition Brekeke SIP Server v3.1.x, when “$radius.auth” is defined in dial plan rules, Brekeke SIP Server will get User Agent authentication information in the Authorization header from REGITER and INVITE requests and include them in an Authentication Access-Request RADIUS packet to a RADIUS server.

RADIUS server response packet will contain return-code, credit amount, credit time, and currency. These return values can be obtained by variables below.

Syntax:
$radius.auth
Returns:

true | false

Variables:
&auth.h323-return-code
&auth.h323-credit-time
&auth.h323-credit-amount
&auth.h323-currency
Example 

Ex1: Send RADIUS Authentication Access-Request

---------------------------------
[Matching Patterns]
$request = ^INVITE 
$radius.auth = (.+) 

[Deploy Patterns]
$continue = true
---------------------------------

Ex2: Get RADIUS balance information and set related SIP header

---------------------------------
[Matching Patterns]
$request = ^INVITE 
&auth.h323-credit-amount = (.+) 
&auth.h323-currency = (.+) 

[Deploy Patterns]
_Balance = %1%2
$continue = true
---------------------------------

Ex3: Get RADIUS talking time informaiton and set talking timeout
Brekeke SIP Server will disconnect call when timeout happens

---------------------------------
[Matching Patterns]
$request = ^INVITE 
&auth.h323-credit-time = (.+) 

[Deploy Patterns]
&net.sip.timeout.talking = %1
&net.sip.timeout.expand.talking = false
$continue = true
---------------------------------

Ex4: check if RADIUS authentication request is accepted 

---------------------------------
[Matching Patterns]
$request = ^INVITE 
&auth.result = true 
---------------------------------
Yes No
« RADIUS AccountingRADIUS Preauthentication »
Suggest Edit