hi Alan :: Thank for the reply. I am bit lost about this whole radius things. I will try to post as much info as I can. 1. First below are the request coming from our application to the FreeRadius for Access-Request with the following parameters. And the Freeradius received the accounting data forwarded from another radius server. a. User-Name,User-Password,Framed-IP-Address,NAS-IP-Address I have setup the authentication to "System" and managed to authenticate the users but I cannot get the "Calling-Station-Id". But I have a big question in my head , how do I expect Freeradius to pass you the Calling-Station-Id if you only passed in the parameters above ? Of course the Calling-Station-Id is empty ! So I very very confused on this whole things. How can an application search or map the Framed-IP-Address to a MSISDN and return the MSISDN in the Access-Reply back to the NAS without do a request to the accounting data forwarded from other radius? Or do I need to write my own script to do the above things ? But how ???? Logs from "radiusd -X" :: ====================================================== rad_recv: Access-Request packet from host 192.168.4.31:35135, id=20, length=56 User-Name = "ecds" User-Password = "eCDs1234" Framed-IP-Address = 10.129.255.151 NAS-IP-Address = 192.168.4.31 rad_rmspace_pair: User-Password now 'eCDs1234' Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "ecds", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry ecds at line 59 modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module "unix" returns ok for request 0 modcall: group authenticate returns ok for request 0 radius_xlat: '/radius/sbin/echo.sh' Exec-Program: /radius/sbin/echo.sh Exec-Program output: Reply-Message += "Hello, %u", Calling-Station-Id = "" Exec-Program-Wait: value-pairs: Reply-Message += "Hello, %u", Calling-Station-Id = "" Exec-Program: returned: 0 radius_xlat: 'Hello, ecds' Login OK: [ecds] (from client ECDSnin-1 port 0) Sending Access-Accept of id 20 to 192.168.4.31:35135 Reply-Message += "Hello, ecds" Calling-Station-Id = "" ===================================================== On 9/23/05, Alan DeKok <aland@ox.org> wrote:
TK Lew <tklew99@gmail.com> wrote:
handset --> authenticated successfully --> Steelbelt radius forward accounting packet to Freeradius and the application will the a lookup for MSISDN that match the IP address before allow the handset to use the services.
Is this possible ??
Yes, You can execute any program you want from FreeRADIUS, and that program can return add any RADIUS attribute to the reply.
I have tried to use the variable such as %{Calling-Station-Id} in the access-repky message but no values assign.
See the debug log for why.
Also, it might help if you posted the configuration. Saying "I did stuff and it didn't do what I expect" means that it's impossible for anyone to help you.
Alan DeKok.