
<div dir="ltr"><div><div><div><div><div><div>Hi <span class="" id=":gj" title="Iliya Peregoudov">Iliya Peregoudov<br></span></div><span class="" id=":gj" title="Iliya Peregoudov">thanx for your advice and your time<br><br>

1.<br></span></div><div><span class="" id=":gj" title="Iliya Peregoudov">when i change users entry, i get notification that access-accept has succesfull <br></span></div><div><span class="" id=":gj" title="Iliya Peregoudov">but unfortunately, when i restart the system cant access-accept and i must change attribute in users from agsm program<br>

</span></div><div><span class="" id=":gj" title="Iliya Peregoudov">here the log:<br></span><br>


<p class=""><span lang="IN">Ready to process requests.</span></p>


<p class=""><span lang="IN">rad_recv: Access-Request packet from host

192.168.1.1 port 2048, id=0, length=215</span><span lang="IN"><span style></span></span></p><p class=""><span lang="IN"><span style></span>            User-Name

= "<a href="mailto:1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org">1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org</a>"</span>


</p><p class=""><span lang="IN"><span style>            </span>NAS-IP-Address

= 192.168.1.1</span></p>


<p class=""><span lang="IN"><span style>            </span>Called-Station-Id

= "48f8b315461a"</span></p>


<p class=""><span lang="IN"><span style>            </span>Calling-Station-Id

= "1814563e5189"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Identifier

= "48f8b315461a"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Port

= 38</span></p>


<p class=""><span lang="IN"><span style>            </span>Framed-MTU

= 1400</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Port-Type

= Wireless-802.11</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Message

=

0x02000038013135313030313937363038303633393140776c616e2e6d6e633030312e6d63633531302e336770706e6574776f726b2e6f7267</span></p>


<p class=""><span lang="IN"><span style>            </span>Message-Authenticator

= 0x95014bdec4f49a1b5363bd5988ab5ddd</span></p>


<p class=""><span lang="IN">+- entering group authorize {...}</span></p>


<p class=""><span lang="IN">++[preprocess] returns ok</span></p>


<p class=""><span lang="IN">[suffix] Looking up realm

"<a href="http://wlan.mnc001.mcc510.3gppnetwork.org">wlan.mnc001.mcc510.3gppnetwork.org</a>" for User-Name =

"<a href="mailto:1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org">1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN">[suffix] Found realm

"<a href="http://wlan.mnc001.mcc510.3gppnetwork.org">wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN">[suffix] Adding Stripped-User-Name =

"1510019760806391"</span></p>


<p class=""><span lang="IN">[suffix] Adding Realm =

"<a href="http://wlan.mnc001.mcc510.3gppnetwork.org">wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN">[suffix] Authentication realm is LOCAL.</span></p>


<p class=""><span lang="IN">++[suffix] returns ok</span></p>


<p class=""><span lang="IN">rlm_sim_files: insufficient number of

challenges for imsi 1510019760806391: 0</span></p>


<p class=""><span lang="IN">++[sim_files] returns notfound</span></p>


<p class=""><span lang="IN">[eap] EAP packet type response id 0 length 56</span></p>


<p class=""><span lang="IN">[eap] No EAP Start, assuming it's an on-going

EAP conversation</span></p>


<p class=""><span lang="IN">++[eap] returns updated</span></p>


<p class=""><span lang="IN">++[unix] returns notfound</span></p>


<p class=""><span lang="IN">[files] users: Matched entry DEFAULT at line

227</span></p>


<p class=""><span lang="IN">++[files] returns ok</span></p>


<p class=""><span lang="IN">++[expiration] returns noop</span></p>


<p class=""><span lang="IN">++[logintime] returns noop</span></p>


<p class=""><span lang="IN">Found Auth-Type = EAP</span></p>


<p class=""><span lang="IN">+- entering group authenticate {...}</span></p>


<p class=""><span lang="IN">[eap] EAP Identity</span></p>


<p class=""><span lang="IN">[eap] processing type sim</span></p>


<p class=""><span lang="IN">[eap] Underlying EAP-Type set EAP ID to 81</span></p>


<p class=""><span lang="IN">++[eap] returns handled</span></p>


<p class=""><span lang="IN">Sending Access-Challenge of id 0 to 192.168.1.1

port 2048</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Message

= 0x01510014120a00000f0200020001000011010100</span></p>


<p class=""><span lang="IN"><span style>            </span>Message-Authenticator

= 0x00000000000000000000000000000000</span></p>


<p class=""><span lang="IN"><span style>            </span>State

= 0xf0cf8a6cf09e98be2ec974e82cdf9f5b</span></p>


<p class=""><span lang="IN">Finished request 0.</span></p>


<p class=""><span lang="IN">Going to the next request</span></p>


<p class=""><span lang="IN">Waking up in 4.9 seconds.</span></p>


<p class=""><span lang="IN">rad_recv: Access-Request packet from host

192.168.1.1 port 2048, id=0, length=265</span></p>


<p class=""><span lang="IN">Cleaning up request 0 ID 0 with timestamp +13</span></p>


<p class=""><span lang="IN"><span style>            </span>User-Name

= "<a href="mailto:1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org">1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-IP-Address

= 192.168.1.1</span></p>


<p class=""><span lang="IN"><span style>            </span>Called-Station-Id

= "48f8b315461a"</span></p>


<p class=""><span lang="IN"><span style>            </span>Calling-Station-Id

= "1814563e5189"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Identifier

= "48f8b315461a"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Port

= 38</span></p>


<p class=""><span lang="IN"><span style>            </span>Framed-MTU

= 1400</span></p>


<p class=""><span lang="IN"><span style>            </span>State

= 0xf0cf8a6cf09e98be2ec974e82cdf9f5b</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Port-Type

= Wireless-802.11</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Message

=

0x02510058120a000007050000a3663d2e1ff07a1cb29d04fdb0047908100100010e0e00333135313030313937363038303633393140776c616e2e6d6e633030312e6d63633531302e336770706e6574776f726b2e6f726700</span></p>


<p class=""><span lang="IN"><span style>            </span>Message-Authenticator

= 0x6b683386c02724d0f0b7710f5ede4a93</span></p>


<p class=""><span lang="IN">+- entering group authorize {...}</span></p>


<p class=""><span lang="IN">++[preprocess] returns ok</span></p>


<p class=""><span lang="IN">[suffix] Looking up realm

"<a href="http://wlan.mnc001.mcc510.3gppnetwork.org">wlan.mnc001.mcc510.3gppnetwork.org</a>" for User-Name =

"<a href="mailto:1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org">1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN">[suffix] Found realm

"<a href="http://wlan.mnc001.mcc510.3gppnetwork.org">wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN">[suffix] Adding Stripped-User-Name =

"1510019760806391"</span></p>


<p class=""><span lang="IN">[suffix] Adding Realm =

"<a href="http://wlan.mnc001.mcc510.3gppnetwork.org">wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN">[suffix] Authentication realm is LOCAL.</span></p>


<p class=""><span lang="IN">++[suffix] returns ok</span></p>


<p class=""><span lang="IN">rlm_sim_files: insufficient number of

challenges for imsi 1510019760806391: 0</span></p>


<p class=""><span lang="IN">++[sim_files] returns notfound</span></p>


<p class=""><span lang="IN">[eap] EAP packet type response id 81 length 88</span></p>


<p class=""><span lang="IN">[eap] No EAP Start, assuming it's an on-going

EAP conversation</span></p>


<p class=""><span lang="IN">++[eap] returns updated</span></p>


<p class=""><span lang="IN">++[unix] returns notfound</span></p>


<p class=""><span lang="IN">[files] users: Matched entry DEFAULT at line

227</span></p>


<p class=""><span lang="IN">++[files] returns ok</span></p>


<p class=""><span lang="IN">++[expiration] returns noop</span></p>


<p class=""><span lang="IN">++[logintime] returns noop</span></p>


<p class=""><span lang="IN">Found Auth-Type = EAP</span></p>


<p class=""><span lang="IN">+- entering group authenticate {...}</span></p>


<p class=""><span lang="IN">[eap] Request found, released from the list</span></p>


<p class=""><span lang="IN">[eap] EAP/sim</span></p>


<p class=""><span lang="IN">[eap] processing type sim</span></p>


<p class=""><span lang="IN">rlm_eap_sim: subtype= 10</span></p>


<p class=""><span lang="IN"><span style>   </span>start.</span></p>


<p class=""><span lang="IN">+++> EAP-sim decoded packet:</span></p>


<p class=""><span lang="IN"><span style>            </span>User-Name

= "<a href="mailto:1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org">1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-IP-Address

= 192.168.1.1</span></p>


<p class=""><span lang="IN"><span style>            </span>Called-Station-Id

= "48f8b315461a"</span></p>


<p class=""><span lang="IN"><span style>            </span>Calling-Station-Id

= "1814563e5189"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Identifier

= "48f8b315461a"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Port

= 38</span></p>


<p class=""><span lang="IN"><span style>            </span>Framed-MTU

= 1400</span></p>


<p class=""><span lang="IN"><span style>            </span>State

= 0xf0cf8a6cf09e98be2ec974e82cdf9f5b</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Port-Type

= Wireless-802.11</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Message

=

0x02510058120a000007050000a3663d2e1ff07a1cb29d04fdb0047908100100010e0e00333135313030313937363038303633393140776c616e2e6d6e633030312e6d63633531302e336770706e6574776f726b2e6f726700</span></p>


<p class=""><span lang="IN"><span style>            </span>Message-Authenticator

= 0x6b683386c02724d0f0b7710f5ede4a93</span></p>


<p class=""><span lang="IN"><span style>            </span>Stripped-User-Name

= "1510019760806391"</span></p>


<p class=""><span lang="IN"><span style>            </span>Realm

= "<a href="http://wlan.mnc001.mcc510.3gppnetwork.org">wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Type

= SIM</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Sim-Subtype

= Start</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Sim-NONCE_MT

= 0x0000a3663d2e1ff07a1cb29d04fdb0047908</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Sim-SELECTED_VERSION

= 0x0001</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Sim-IDENTITY

=

0x00333135313030313937363038303633393140776c616e2e6d6e633030312e6d63633531302e336770706e6574776f726b2e6f726700</span></p>


<p class=""><span lang="IN">[eap] Underlying EAP-Type set EAP ID to 82</span></p>


<p class=""><span lang="IN">++[eap] returns handled</span></p>


<p class=""><span lang="IN">Sending Access-Challenge of id 0 to 192.168.1.1

port 2048</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Message

=

0x01520050120b0000010d0000307ca6eca31a4a549e879b2674f0feef90b5da4be8174863a276a439c7c2cec79bd7fc87248f4db6af4646a80b4baca50b0500003e86636bdab81ae6982ce83aa6f14ac7</span></p>


<p class=""><span lang="IN"><span style>            </span>Message-Authenticator

= 0x00000000000000000000000000000000</span></p>


<p class=""><span lang="IN"><span style>            </span>State

= 0xf0cf8a6cf19d98be2ec974e82cdf9f5b</span></p>


<p class=""><span lang="IN">Finished request 1.</span></p>


<p class=""><span lang="IN">Going to the next request</span></p>


<p class=""><span lang="IN">Waking up in 4.9 seconds.</span></p>


<p class=""><span lang="IN">rad_recv: Access-Request packet from host

192.168.1.1 port 2048, id=0, length=205</span></p>


<p class=""><span lang="IN">Cleaning up request 1 ID 0 with timestamp +13</span></p>


<p class=""><span lang="IN"><span style>            </span>User-Name

= "<a href="mailto:1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org">1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-IP-Address

= 192.168.1.1</span></p>


<p class=""><span lang="IN"><span style>            </span>Called-Station-Id

= "48f8b315461a"</span></p>


<p class=""><span lang="IN"><span style>            </span>Calling-Station-Id

= "1814563e5189"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Identifier

= "48f8b315461a"</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Port

= 38</span></p>


<p class=""><span lang="IN"><span style>            </span>Framed-MTU

= 1400</span></p>


<p class=""><span lang="IN"><span style>            </span>State

= 0xf0cf8a6cf19d98be2ec974e82cdf9f5b</span></p>


<p class=""><span lang="IN"><span style>            </span>NAS-Port-Type

= Wireless-802.11</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Message

= 0x0252001c120b00000b050000bbff92fe6855f8aa9a62504e58070daa</span></p>


<p class=""><span lang="IN"><span style>            </span>Message-Authenticator

= 0xf3712470b4c966857d76f6ff1f44415e</span></p>


<p class=""><span lang="IN">+- entering group authorize {...}</span></p>


<p class=""><span lang="IN">++[preprocess] returns ok</span></p>


<p class=""><span lang="IN">[suffix] Looking up realm

"<a href="http://wlan.mnc001.mcc510.3gppnetwork.org">wlan.mnc001.mcc510.3gppnetwork.org</a>" for User-Name =

"<a href="mailto:1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org">1510019760806391@wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN">[suffix] Found realm

"<a href="http://wlan.mnc001.mcc510.3gppnetwork.org">wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN">[suffix] Adding Stripped-User-Name =

"1510019760806391"</span></p>


<p class=""><span lang="IN">[suffix] Adding Realm =

"<a href="http://wlan.mnc001.mcc510.3gppnetwork.org">wlan.mnc001.mcc510.3gppnetwork.org</a>"</span></p>


<p class=""><span lang="IN">[suffix] Authentication realm is LOCAL.</span></p>


<p class=""><span lang="IN">++[suffix] returns ok</span></p>


<p class=""><span lang="IN">rlm_sim_files: insufficient number of

challenges for imsi 1510019760806391: 0</span></p>


<p class=""><span lang="IN">++[sim_files] returns notfound</span></p>


<p class=""><span lang="IN">[eap] EAP packet type response id 82 length 28</span></p>


<p class=""><span lang="IN">[eap] No EAP Start, assuming it's an on-going

EAP conversation</span></p>


<p class=""><span lang="IN">++[eap] returns updated</span></p>


<p class=""><span lang="IN">++[unix] returns notfound</span></p>


<p class=""><span lang="IN">[files] users: Matched entry DEFAULT at line

227</span></p>


<p class=""><span lang="IN">++[files] returns ok</span></p>


<p class=""><span lang="IN">++[expiration] returns noop</span></p>


<p class=""><span lang="IN">++[logintime] returns noop</span></p>


<p class=""><span lang="IN">Found Auth-Type = EAP</span></p>


<p class=""><span lang="IN">+- entering group authenticate {...}</span></p>


<p class=""><span lang="IN">[eap] Request found, released from the list</span></p>


<p class=""><span lang="IN">[eap] EAP/sim</span></p>


<p class=""><span lang="IN">[eap] processing type sim</span></p>


<p class=""><span lang="IN">rlm_eap_sim: subtype= 11</span></p>


<p class=""><span lang="IN"><span style>  

</span>challenge.</span></p>


<p class=""><span lang="IN">MAC check succeed</span></p>


<p class=""><span lang="IN">[eap] Underlying EAP-Type set EAP ID to 83</span></p>


<p class=""><span lang="IN">[eap] Freeing handler</span></p>


<p class=""><span lang="IN">++[eap] returns ok</span></p>


<p class=""><span lang="IN">+- entering group post-auth {...}</span></p>


<p class=""><span lang="IN">++[exec] returns noop</span></p>


<p class=""><span lang="IN">Sending Access-Accept of id 0 to 192.168.1.1

port 2048</span></p>


<p class=""><span lang="IN"><span style>            </span>MS-MPPE-Recv-Key

= 0xb1bd9cf479d08726b2277e72dd2b941613f870f149ebb11113b2cfb7de1b26d7</span></p>


<p class=""><span lang="IN"><span style>            </span>MS-MPPE-Send-Key

= 0xa89a0b0b6d0d3b4d8d15314c00749f6135072e59c3c403afce10b0fb30c4386d</span></p>


<p class=""><span lang="IN"><span style>            </span>EAP-Message

= 0x03530004</span></p>


<p class=""><span lang="IN"><span style>            </span>Message-Authenticator

= 0x00000000000000000000000000000000</span></p>


<p class=""><span lang="IN"><span style>            </span>User-Name

= "1510019760806391"</span></p>


<p class=""><span lang="IN">Finished request 2.</span></p>


<p class=""><span lang="IN">Going to the next request</span></p>


<p class=""><span lang="IN">Waking up in 4.9 seconds.</span></p>


<p class=""><span lang="IN">Cleaning up request 2 ID 0 with timestamp +14</span></p>


<p class=""><span lang="IN">Ready to process requests.</span></p><p class=""><span lang="IN"><br></span></p>


</div><span class="" id=":gj" title="Iliya Peregoudov">2.<br>i've changed users entry as you suggest and i still get the same notification<br></span></div><span class="" id=":gj" title="Iliya Peregoudov">rlm_sim_files : isufficient number of challenges of challenges for imsi <br>

<br><br></span></div><span class="" id=":gj" title="Iliya Peregoudov">thanx for your help<br></span></div><span class="" id=":gj" title="Iliya Peregoudov">i'm really really appreciate it<br><br></span></div><span class="" id=":gj" title="Iliya Peregoudov">best regards<br>

</span></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Jun 11, 2013 at 1:51 PM, Iliya Peregoudov <span dir="ltr"><<a href="mailto:iperegudov@cboss.ru" target="_blank">iperegudov@cboss.ru</a>></span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On 11.06.2013 7:00, raptor raptor wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

i'm sorry i dont understand about LF UNIX line ending, could you show me<br>

what should i do to simtriplets.dat format?<br>

is there any mistake?<br>

</blockquote>

<br></div>

Run<br>

<br>

dos2unix simtriplets.dat<br>

<br>

in UNIX shell. This will ensure simtriplets.dat has UNIX line endings.<div class="im"><br>

<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

i got that format in /src/tests/eapsim-03/users-<u></u>example.txt<br>

what should i fill in Rand1 attribute?<br>

</blockquote>

<br></div>

I assume that your simtriplets.dat contains correct auth vectors (e.g. generated by SIM card and extracted using agsm program):<br>

<br>

1510019760806391,<u></u>AAC0FAFDC47D4524AC9E2A3D51BDBA<u></u>39,2A71bac3,7868589a75fdc000<br>

1510019760806391,<u></u>BF9A9F6EEB36422895D010927D7697<u></u>2C,F49dd880,3Afbcf2fA9b0a000<br>

1510019760806391,<u></u>C63837CFECD348deB119C35CFECD48<u></u>98,49312999,FD488938B6f2a000<br>

<br>

Equivalent users entry should look like:<br>

<br>

1510019760806391 EAP-Type:=SIM<br>

        EAP-Sim-Rand1:=<u></u>0xAAC0FAFDC47D4524AC9E2A3D51BD<u></u>BA39,<br>

        EAP-Sim-SRES1:=0x2A71bac3,<br>

        EAP-Sim-KC1:=<u></u>0x7868589a75fdc000,<br>

        EAP-Sim-Rans2:=<u></u>0xBF9A9F6EEB36422895D010927D76<u></u>972C,<br>

        EAP-Sim-SRES2:=0xF49dd880,<br>

        EAP-Sim-KC2:=<u></u>0x3Afbcf2fA9b0a000,<br>

        EAP-Sim-Rand3:=<u></u>0xC63837CFECD348deB119C35CFECD<u></u>4898,<br>

        EAP-Sim-SRES3:=0x49312999,<br>

        EAP-Sim-KC3:=<u></u>0xFD488938B6f2a000<div class="HOEnZb"><div class="h5"><br>

-<br>

List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/<u></u>list/users.html</a><br>

</div></div></blockquote></div><br></div>