eap sim authorization problem
Iliya Peregoudov
iperegudov at cboss.ru
Thu Jun 13 09:28:55 CEST 2013
On 11.06.2013 22:21, Rodney Machado wrote:
> After reading again the documentation, i got to this point:
[skipped]
> I'm going to fix the user file and give it a try again.
rlm_eap_sim expects EAP-Sim-RAND1 (and friends) on reply list, not in
control list.
So correct users entry for EAP-SIM is:
1<IMSI> EAP-Type:=SIM
EAP-Sim-RAND1:=0x...,
...
EAP-Sim-KC3:=0x...
EAP-Type control attribute is used to set initial EAP method. Initial
EAP method selection performed by rlm_eap when Access-Request with
EAP-Response/Identity handled. If there is no EAP-Type in control list
default method is selected. Default outer EAP method is set in eap
module configuration (eap { default_eap_type = ... }). Default inner EAP
method is set in EAP-PEAP and EAP-TTLS method configuration (eap { peap
{ default_eap_type = ... }}).
More information about the Freeradius-Users
mailing list