3GPP: multiple attributes, port from file based authentication to sql

Alan DeKok aland at deployingradius.com
Sat Mar 24 14:04:20 CET 2018

On Mar 24, 2018, at 9:02 AM, Wolfgang Zeitler <zeitler.wolfgang at gmx.de> wrote:
> I'm currently running freeradius to authenticate mobile devices on a 4G network.
> For authentication I have to check multiple attributes. The user - file is currently populated like that:
> user            Cleartext-password := "password", 3GPP-IMSI == 262011234567, Called-Station-ID == "apn-name"
>                User-Name = user,
> 				Service-Type = Framed,
>                Framed-Protocol = GPRS-PDP-Context,
>                Framed-IPv6-Prefix = 2001:DB8::/64,
>                Framed-Interface-ID = 0:0:0:2,
>                Reply-Message = "Welcome To Lab Network",
>                Acct-Session-Id = 00000001,

  Acct-Session-Id shouldn't go back in the response.  Or, it can go there, but nothing will look at it.

> I'm currently wondering, how to port that into the radcheck and the radreply table.

  As is?

> I understood, whith the default configuration, only one attribute will be checked, e.g. Cleartext-password

  So.  See the wiki.  Look for "sql", and read the rlm_sql documentation.

  You can copy that "users" file entry pretty much verbatim...

  Alan DeKok.

More information about the Freeradius-Users mailing list