Help - ASN-GW throwing error - Validation of attributes failed

Rathod Subhashchandra rathod at tataelxsi.co.in
Thu Mar 15 14:58:27 CET 2012 

Dear Iliya,

Do I need to modify the code to call rlm_wimax functions for generating the
keys?

By default, it is invoking eaptls_gen_mppe_keys functions.
This function is generating MS-MPPE-Recv-Keys.

>From your first mail, I understood that only modifying
raddb/sites-enabled/default, will take care of everything.


Thanks !
Rathod.


-----Original Message-----
From: freeradius-users-bounces+rathod=tataelxsi.co.in at lists.freeradius.org
[mailto:freeradius-users-bounces+rathod=tataelxsi.co.in at lists.freeradius.org
] On Behalf Of Iliya Peregoudov
Sent: Thursday, March 15, 2012 2:51 PM
To: 'FreeRadius users mailing list'
Subject: Re: Help - ASN-GW throwing error - Validation of attributes failed

Run freeradius in debug mode (-X). Look for eap module debug messages. 
Look for wimax module debug messages. Try to understand.

Rathod Subhashchandra wrote:
> Dear Iliya,
> 
> Thanks for your valuable suggestion.
> Rlm_wimax module was not building. I enabled and now it is building.
> As per your suggestion, I have added "wimax" in file
> raddb/sites-enabled/default
> Still I am not getting WiMAX-MSK in Access-Accept. Could you please help
me
> in this?
> 
> Thanks !
> Rathod.
> 
> 
> -----Original Message-----
> From: Iliya Peregoudov [mailto:iperegudov at cboss.ru] 
> Sent: Thursday, March 15, 2012 11:41 AM
> To: rathod at tataelxsi.co.in; FreeRadius users mailing list
> Subject: Re: Help - ASN-GW throwing error - Validation of attributes
failed
> 
> There is no WiMAX-MSK attribute in Access-Accept. You need to call 
> rlm_wimax module from post-auth section of default virtual server:
> 
> # raddb/sites-enabled/default
> post-auth {
>     ...
>     wimax
>     ...
> }
> 
> This module will add WiMAX-MSK and remove MS-MPPE-Send-Key and 
> MS-MPPE-Recv-Key.
> 
> 
> Rathod Subhashchandra wrote:
>> Dear All,
>>
>>  
>>
>> I am trying to setup EAP-TLS authentication mechanism for my WiMAX 
>> testing and following are the details.
>>
>>  
>>
>> 1.  TATA ELXSI - WIMAX MS
>>
>> 2.  TATA ELXSI - WIMAX BS
>>
>> 3.  ARICENT ASN-GW version 4.2
>>
>> 4.  Free Radius AAA server version 2.1.3
>>
>>  
>>
>> Certificates exchange is through. When AAA server responds with 
>> Access-Accept, ASN-GW throws error saying "Validation of the Attributes 
>> in the Received packet failed"
>>
>>  
>>
>> Wireshark logs @ ASN-GW
>>
>>  
>>
>>  
>>
>> I could not attach wireshark pcap logs due to size constraint. I have 
>> took print screen of only ACCESS-ACCEPT message copied to MS word.
>>
>>  
>>
>> What are the mandatory fields in Access-Accept and their valid values?
>>
>> Service-Type attribute value is 2. ASN-GW is adding this attribute. Is 
>> this valid for EAP-TLS?
>>
>> I am guessing this should be 8. I don't have control over ASN-GW 
>> parameters modification.
>>
>>  
>>
>> Please let me know what fields are invalid in above ACCESS-ACCEPT.
>>
>>  
>>
>> Thanks !
>>
>> Rathod.
>>
>>  
>>
>>
>> ------------------------------------------------------------------------
>>
>> -
>> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> 
> 
>

More information about the Freeradius-Users mailing list