eap sim authorization problem

raptor raptor raptorspor at gmail.com
Sat Jun 1 03:51:31 CEST 2013


i have added Stripped-User-Name in sites-enabled/default and also i
disabled suffix module
but, i found like fatal mistake

could someone tell me what i should do to fix this

this is my log

Ready to process requests.

rad_recv: Access-Request packet from host 192.168.1.1 port 2048, id=0,
length=215

            User-Name = "15100xxxxxxxxxxx at wlan.mnc001.mcc510.3gppnetwork.org
"

            NAS-IP-Address = 192.168.1.1

            Called-Station-Id = "48f8b315461a"

            Calling-Station-Id = "1814563e5189"

            NAS-Identifier = "48f8b315461a"

            NAS-Port = 38

            Framed-MTU = 1400

            NAS-Port-Type = Wireless-802.11

            EAP-Message =
0x02000038013135313030313937363038303633393140776c616e2e6d6e633030312e6d63633531302e336770706e6574776f726b2e6f7267

            Message-Authenticator = 0xe0a42673f8bb72f47e48dcb350887961

+- entering group authorize {...}

++[preprocess] returns ok

++? if (User-Name =~ /^(.*)@(.+)$/)

? Evaluating (User-Name =~ /^(.*)@(.+)$/) -> TRUE

++? if (User-Name =~ /^(.*)@(.+)$/) -> TRUE

++- entering if (User-Name =~ /^(.*)@(.+)$/) {...}

            expand: %{1} -> 15100xxxxxxxxxx

            expand: %{2} -> wlan.mnc001.mcc510.3gppnetwork.org

+++[request] returns ok

++- if (User-Name =~ /^(.*)@(.+)$/) returns ok

ASSERT FAILED rlm_sim_files.c[212]: k != NULL

Aborted


best regard


On Fri, May 31, 2013 at 12:59 PM, Iliya Peregoudov <iperegudov at cboss.ru>wrote:

> Call suffix before sim_files.
>
> The rlm_sim_files module uses "canonical username" as a key for searching
> authentication vectors. Initially canonical username points to User-Name
> attribute. rlm_realm module (suffix is an instance of this module) split
> User-Name to Stripped-User-Name and Realm and set canonical username to
> point to Stripped-User-Name.
>
> Or you can put full username 1<IMSI>@wlan.mnc001.mcc510.**3gppnetwork.org<http://wlan.mnc001.mcc510.3gppnetwork.org>into simtriplets.dat. This will work without calling suffix.
>
>
> On 30.05.2013 19:26, raptor raptor wrote:
>
>> Hi,
>>
>> i have added simtriplets.dat and create file sim_files in
>> /freeradius/modules
>> and also i configure sim_files in authorize{} in  /sites-enabled/default
>> but i dont use suffix module
>>
>> so my concern is how to solve this message :
>> "rlm_sim_files: insufficient number of challenges for imsi
>> imsi at wlan.mnc001.mcc510.**3gppnetwork.org<imsi at wlan.mnc001.mcc510.3gppnetwork.org>
>> <mailto:imsi at wlan.mnc001.**mcc510.3gppnetwork.org<imsi at wlan.mnc001.mcc510.3gppnetwork.org>>
>> : 0 "
>> "[sim_files] returnnot found "
>>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/**
> list/users.html <http://www.freeradius.org/list/users.html>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130601/5c75d510/attachment.html>


More information about the Freeradius-Users mailing list