Migrating from Cisco Access Registrar to FreeRADIUS<freeradius-users at lists.freeradius.org>,
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Fri Dec 20 12:45:51 CET 2013
> Let me just say I'm a big fan of the work being done by Freeradius. We've been thinking of ditching our Cisco Access Registrar (AAA) for sometime now as we've been facing many issues with it, massive memory leakage being one of them. For this purpose we did some testing with Freeradius and one of our NAS gear, Samsung General ATM Switching Network (GAN) deployed in a 3GPP2 EV-DO environment for the purpose of hardware autentication only. Things didn't go too well however, following is the output of radiusd -X
>
> As you can see freeradius is sending an access accept with the callback-id to the client but nothing happens afterwards and the user is unable to connect. From what I've been able to understand the NAS is sending a 3GPP2-Attr-60 = 0x00000001 which is the 3GPP2-HRPD-Access-Authentication which in not defined in the 3GPP2 dictionary, would patching the 3GPP2 dictionary do the trick or is there something else I am missing? as this VSA is I would've tested this already however this kind of testing requires approval from other departements as well which is gonna take a couple of days
It probably requires additional attributes in the Access-Accept. Whether it can decode the 3GPP attribute is probably irrelevant, FreeRADIUS certainly doesn't care.
I would use tcpdump or radsniff to collect responses from your existing Cisco appliance and see which attributes it's providing then send a similar list back in the Access-Accept.
post-auth {
update reply {
<attribute0> := <value0>
<attribute1> := <value1>
<attributeN> := <value2>
}
}
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131220/2b48e88e/attachment.pgp>
More information about the Freeradius-Users
mailing list