Migrating from Cisco Access Registrar to FreeRADIUS
Alan DeKok
aland at deployingradius.com
Wed Feb 10 19:19:05 CET 2010
SerpentoR wrote:
> Let me just say I'm a big fan of FreeRADIUS and highly appreciate the
> work and effort put in to this project. We've been thinking of ditching
> our current cisco Radius server as it has been prone to massive memory
> leaks, daily restart required.
What a nice product. :)
> We did some testing of FreeRADIUS with
> one of our NAS gear, Samsung's General ATM Switch Network (GAN) deployed
> in a 3GPP2 EV-DO network. Things didn't go as I'd hoped. Following is
> the output of Radiusd -x.
...
> As you can see access-accepts are being sent to the NAS with the
> callback-id but the user is unable to connect. From what I am able to
> understand the NAS is sending a 3GPP2-Attr-60 VSA which is the
> 3GPP2-HRPD-Access-Attribute not defined in the 3GPP2 dictionary of
> Freeradius but is defined in Cisco' Access Registrar would patching
> the 3GPP2 dictionary do the trick or am I missing something?
Defining the attribute won't help. The issue is that there is some
undocumented magic that needs to be sent back in the reply.
Use "tcpdump". Look at the packets sent back from ACS, and make
FreeRADIUS send back the same data.
Email me off-list if you have more questions.
Alan DeKok.
More information about the Freeradius-Users
mailing list