Freeradius with Caller-station-id

Joe Holden lists at rewt.org.uk
Thu Feb 16 05:37:43 CET 2012


On 16/02/2012 03:36, Fajar A. Nugraha wrote:
> On Thu, Feb 16, 2012 at 8:56 AM, Richard J Palmer<richard at merula.net>  wrote:
>>                 update request {
>>                         User-Name := "%{Calling-Station-Id}"
>>                         User-Password :="SIMUSER"
>>                 }
>
> Are you SURE your clients use CHAP?
>
>> They may be a better way... but this seems to work :-)
> It would work for PAP, in which case you can also just use this:
> http://wiki.freeradius.org/FAQ#How+do+I+permit+access+to+any+user+regardless+of+password%3F
>
> It should not work on (MS)CHAP since both client and server needs to
> know the password, otherwise the challenge/response process will fail.
>
> It's entirely possible though that your clients are configured to use
> any available authentication method, in which case when chap fails
> they fallback to PAP.
>
Due to the design of the mobile network, the actual session is 
originated from the network rather than the device, which iirc presents 
only CHAP, but may or may not include a username/password pair and 
thusly the calling station id can include identifying info such as sim 
id or phone number

Using the Auth-Type method does work, but as the username is the lookup 
key,  it doesn't provide the ability to deliver attributes to the NAS 
(from what I can see), I ran into this exact issue when first looking at 
implementing it

Thanks,
J



More information about the Freeradius-Users mailing list