request for a simple set of instructions for EAP-SIM
Michael Martinez
mwtzzz at gmail.com
Wed Feb 3 03:22:58 CET 2016
Ok, I'm reading the RFC/memo thingy (from 2006) on EAP-SIM. One of the
first thing that catches my eye is the following statement:
The RADIUS server in a productive environment needs for EAP-SIM/AKA
access to the home location register (HLR) of the MNO where the
(U)SIMs are registered.
For testing a file with precreated values for authentication is sufficient.
HLR of the MNO. Does this mean that freeradius needs access to a mobile
network operator's database? How easy/likely is this? does anyone actually
bother to do this in their production environment? It seems there is a hack
for testing purposes only, I'm assuming this means somehow extracting the
relevant information from the device itself and then hardcoding this in to
a config file, which would be impractical if we're managing any more than a
handful of devices.
On Tue, Feb 2, 2016 at 11:59 AM, Alan DeKok <aland at deployingradius.com>
wrote:
> On Feb 2, 2016, at 2:16 PM, Michael Martinez <mwtzzz at gmail.com> wrote:
> >
> > Where can I find an explanation of this users-example.txt file? I don't
> > know what I'm looking at. What are these fields, where do they come from,
> > which configuration file is this information supposed to reside in?
>
> It's an example of the "users" file. In v3, that's
> raddb/mods-config/files/authorize
>
> The contents are just attributes. The attributes are magic attributes
> needed by EAP-SIM. i.e. the SIM triplets.
>
> i.e. you'll need to understand the EAP-SIM protocol before being able to
> use the "sim" module. You can't just set a password, and have the server
> figure it out.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
--
---
More information about the Freeradius-Users
mailing list