FreeRADIUS + Alvarion 4Motion

Kristoffer Milligan kristoffer at nextnet.no
Fri Jan 16 14:19:25 CET 2009


That's a bit of my problem as well .. I'm not sure what goes where :)

Regarding the problem, that's the second part that's confusing. The AAA
says everything is OK. The ASN seemingly has what it needs, but the CPE
doesn't connect to the network. 

I had an Alvarion engineer look at the FreeRADIUS log, and the only
thing the could point out as mysterious, was the missing attributes ..
so I figured I'd try to implement them and see if it would help.

Kristoffer Milligan

On Fri, 2009-01-16 at 13:08 +0100, tnt at kalik.net wrote:
> I see. And WiMAX attributes have been copied. I don't know much about
> WiMAX bre you sure that these are not contained in MPPE outer reply
> keys? They are different to ones in inner-tunnel. What problem is caused
> by the lack of these attributes in the reply?
> 
> Ivan Kalik
> Kalik Informatika ISP
> 
> 
> Dana 16/1/2009, "Kristoffer Milligan" <kristoffer at nextnet.no> piše:
> 
> >It's set to yes I'm afraid:
> >
> >ttls {
> >default_eap_type = md5 
> >copy_request_to_tunnel = yes
> >use_tunneled_reply = yes
> >virtual_server = "inner-tunnel"
> >}
> >
> >
> >On Fri, 2009-01-16 at 12:02 +0100, tnt at kalik.net wrote:
> >> Change use_tunneled_reply to yes in ttls section of eap.conf.
> >> 
> >> Ivan Kalik
> >> Kalik Informatika ISP
> >> 
> >> 
> >> Dana 16/1/2009, "Kristoffer Milligan" <kristoffer at nextnet.no> piĹĄe:
> >> 
> >> >Hello again List
> >> >
> >> >My battle to make FreeRADIUS work with the Alvarion 4Motion system
> >> >continues. I have been in contact with one of their engineers, and the
> >> >only thing he saw that seemed invalid was a couple of missing attributes
> >> >in the Access Accept response.
> >> >
> >> >Please look at the following url:
> >> >
> >> >https://www.norgespost.no/aaalog
> >> >
> >> >Now, in the tunneled response, there are two attributes:
> >> >
> >> >MS-MPPE-Encryption-Policy = 0x00000001
> >> >MS-MPPE-Encryption-Types = 0x00000006
> >> >
> >> >Why aren't these attributes passed to the access accept?
> >> >
> >> >Has anyone here integrated FreeRADIUS with the 4Motion system before?
> >> >
> >> >Desperate regards,
> >> >Kristoffer Milligan
> >> >
> >> >-
> >> >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
> >> >
> >> >
> >> 
> >> -
> >> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> >
> >-
> >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list