WIMAX problem
Dimitris Theofilatos
thed at intracom.gr
Tue Dec 30 09:48:16 CET 2008
Hi, thanks for your help till now.
I was on vacation and today i tried again to resolve the issue between
the FreeRadius and ASN-GW
At the section post-auth of the file raddb/sites-enabled/default i put
the next lines
update "reply"{
WiMAX-MN-NAI = "%{User-Name}"
WiMAX-IP-Technology = "CMIP4"
WiMAX-hHA-IP-MIP4 = "192.168.10.3"
}
wimax
update "reply"{
WiMAX-MSK = "%{EAP-MSK}"
}
Now i don't have warnings (Mobile IP keys are generated normally) but
WIMAX-MSK is not 64 bytes again..
Below is the log from radiusd -X
Going to the next request
Waking up in 2.5 seconds.
rad_recv: Access-Request packet from host 192.168.10.3 port 1812, id=7,
length=208
User-Name = "{am=1}anonymous at wintegra.com"
EAP-Message = 0x020700061500
Message-Authenticator = 0x376c02573adcce4466d564295fd56891
NAS-IP-Address = 192.168.10.3
NAS-Port-Type = 27
Calling-Station-Id = "\000!\000\r\302#"
Chargeable-User-Identity = ""
WiMAX-Release = "1.0"
WiMAX-Accounting-Capabilities = IP-Session-Based
WiMAX-Hotlining-Capabilities = Not-Supported
WiMAX-Idle-Mode-Notification-Cap = Supported
WiMAX-Available-In-Client = 3
WiMAX-Session-Termination-Capability = Dynamic-Authorization
WiMAX-GMT-Timezone-offset = 0
WiMAX-BS-Id = 0x0050c21174a4
Service-Type = Framed-User
Framed-MTU = 2000
State = 0xb02e8b12b5299e24e85eed5fd51d1721
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "wintegra.com" for User-Name =
"{am=1}anonymous at wintegra.com"
[suffix] No such realm "wintegra.com"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/ttls
[eap] processing type ttls
[ttls] Authenticate
[ttls] processing EAP-TLS
[ttls] Received TLS ACK
[ttls] ACK handshake is finished
[ttls] eaptls_verify returned 3
[ttls] eaptls_process returned 3
[eap] Freeing handler
++[eap] returns ok
+- entering group post-auth {...}
++[exec] returns noop
expand: %{User-Name} -> {am=1}anonymous at wintegra.com
++[reply] returns noop
[wimax] MIP-RK =
0xbb6c5a61142b5ea022c642672827263bff98a118b84f50765922f66da96856f711222a71b050c13d3750d6b033a3c118e0fa6fcf3584371d4e16726398275853
[wimax] MIP-SPI = 8208f229
++[wimax] returns updated
expand: %{EAP-MSK} ->
++[reply] returns updated
Sending Access-Accept of id 7 to 192.168.10.3 port 1812
MS-MPPE-Recv-Key =
0xb65a961efab2c55ce875fc3503f22b4bac445cff17c37942f98759f9f3c867f5
MS-MPPE-Send-Key =
0x2d8e7a16c5c308e58e12b01d3850d13a034ef84cf1c78b6dd9f1b63f978a7c20
EAP-Message = 0x03070004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "{am=1}anonymous at wintegra.com"
WiMAX-IP-Technology = CMIP4
WiMAX-hHA-IP-MIP4 = 192.168.10.3
WiMAX-MN-hHA-MIP4-Key = 0x6b454a2f37575164c42355346cafdbcfc04e8574
WiMAX-MN-hHA-MIP4-SPI = 703727746
WiMAX-MSK = 0x
Finished request 6.
> Dimitris Theofilatos wrote:
>
>> Hi,
>> At the section post-auth of the file raddb/sites-enabled/default i put
>> the next lines
>> update "reply"{
>> # WiMAX-MN-NAI = "%{User-Name}"
>> # WiMAX-IP-Technology = CMIP4
>> WiMAX-MSK = EAP-MSK
>>
>
> See "man unlang". You need to use %{EAP-MSK}.
>
> ...
>
>> WiMAX-MSK = 0x4541502d4d534b
>>
>> WiMAX-MSK is not 64 bytes and the ASN-GW doen not accept it...
>>
>
> It contains the ASCII string "EAP-MSK", which is what you told it to do.
>
>
>> Do i have to make more changes?
>>
>
> Yes.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20081230/003f98d7/attachment.html>
More information about the Freeradius-Users
mailing list