WIMAX problem
Dimitris Theofilatos
thed at intracom.gr
Tue Dec 23 09:21:12 CET 2008
Hi,
At the section post-auth of the file raddb/sites-enabled/default i put
the next lines
update "reply"{
# WiMAX-MN-NAI = "%{User-Name}"
# WiMAX-IP-Technology = CMIP4
WiMAX-MSK = EAP-MSK
}
wimax
I don't need MN-HA keys so i comment lines for WiMAX-MN-NAI and
WiMAX-IP-Technology
I need only WiMAX-MSK attribute but at the log i get from radiusd i get
rad_recv: Access-Request packet from host 192.168.10.3 port 1812, id=21,
length=208
User-Name = "{am=1}anonymous at wintegra.com"
EAP-Message = 0x020700061500
Message-Authenticator = 0x39c6753507015df1c48ed97532628e62
NAS-IP-Address = 192.168.10.3
NAS-Port-Type = 27
Calling-Station-Id = "\000!\000\r\302#"
Chargeable-User-Identity = ""
WiMAX-Release = "1.0"
WiMAX-Accounting-Capabilities = IP-Session-Based
WiMAX-Hotlining-Capabilities = Not-Supported
WiMAX-Idle-Mode-Notification-Cap = Supported
WiMAX-Available-In-Client = 3
WiMAX-Session-Termination-Capability = Dynamic-Authorization
WiMAX-GMT-Timezone-offset = 0
WiMAX-BS-Id = 0x0050c21174a4
Service-Type = Framed-User
Framed-MTU = 2000
State = 0x4bf4b8834ef3add9ca036385eef43d1d
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "wintegra.com" for User-Name =
"{am=1}anonymous at wintegra.com"
[suffix] No such realm "wintegra.com"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/ttls
[eap] processing type ttls
[ttls] Authenticate
[ttls] processing EAP-TLS
[ttls] Received TLS ACK
[ttls] ACK handshake is finished
[ttls] eaptls_verify returned 3
[ttls] eaptls_process returned 3
[eap] Freeing handler
++[eap] returns ok
+- entering group post-auth {...}
++[exec] returns noop
++[reply] returns noop
[wimax] MIP-RK =
0xb8e4779af82f3bcf7df08e821f445b11c59c51483023bf167c581717d9ae29e870447876afea76876c13cc7e98be8eea658113c49894e318a96f1c0fd826279b
[wimax] MIP-SPI = 440dccea
[wimax] WARNING: WiMAX-MN-NAI was not found in the request or in the reply.
[wimax] WARNING: We cannot calculate MN-HA keys.
[wimax] WARNING: WiMAX-IP-Technology not found in reply.
[wimax] WARNING: Not calculating MN-HA keys
++[wimax] returns updated
Sending Access-Accept of id 21 to 192.168.10.3 port 1812
MS-MPPE-Recv-Key =
0x333fa1a21e9db9a1f28a4ebda79c3285249d6b885904a609dbacb7895fc6225f
MS-MPPE-Send-Key =
0x12c8bfb5930801db106aececd858aea13f7cbe54449d937cb1c913f765dd6cbb
EAP-Message = 0x03070004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "{am=1}anonymous at wintegra.com"
WiMAX-MSK = 0x4541502d4d534b
WiMAX-MSK is not 64 bytes and the ASN-GW doen not accept it...
Do i have to make more changes?
> Dimitris Theofilatos wrote:
>
>> How can i configure these attributes? The only information i found about
>> WIMAX is that i have to
>> type "wimax" at the post-auth section.
>>
>
> The "raddb/modules/wimax" file clearly states that you may need to
> define WiMAX-MN-NAI. It even gives an example of how to do so.
>
> And the debug output shows WARNINGS, not errors. If you do not want
> the MN-HA keys, then ignore the warnings.
>
> If you want the MN-HA keys to be calculated, you will need to define
> the WiMAX-MN-NAI name, and WiMAX-IP-Technology. See "man unlang" for
> how to create attributes.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20081223/aee36b06/attachment.html>
More information about the Freeradius-Users
mailing list