Freeradius with Caller-station-id
Joe Holden
lists at rewt.org.uk
Thu Feb 16 05:37:43 CET 2012
On 16/02/2012 03:36, Fajar A. Nugraha wrote:
> On Thu, Feb 16, 2012 at 8:56 AM, Richard J Palmer<richard at merula.net> wrote:
>> update request {
>> User-Name := "%{Calling-Station-Id}"
>> User-Password :="SIMUSER"
>> }
>
> Are you SURE your clients use CHAP?
>
>> They may be a better way... but this seems to work :-)
> It would work for PAP, in which case you can also just use this:
> http://wiki.freeradius.org/FAQ#How+do+I+permit+access+to+any+user+regardless+of+password%3F
>
> It should not work on (MS)CHAP since both client and server needs to
> know the password, otherwise the challenge/response process will fail.
>
> It's entirely possible though that your clients are configured to use
> any available authentication method, in which case when chap fails
> they fallback to PAP.
>
Due to the design of the mobile network, the actual session is
originated from the network rather than the device, which iirc presents
only CHAP, but may or may not include a username/password pair and
thusly the calling station id can include identifying info such as sim
id or phone number
Using the Auth-Type method does work, but as the username is the lookup
key, it doesn't provide the ability to deliver attributes to the NAS
(from what I can see), I ran into this exact issue when first looking at
implementing it
Thanks,
J
More information about the Freeradius-Users
mailing list