FW: Need help with EAP-AKA configuration

Mrudul Dighe mdighe at highway9networks.com
Wed Apr 26 18:11:16 UTC 2023 

Hello,

I am trying to configure EAP-AKA virtual-server in FreeRADIUS to perform authentication of multiple sim cards we own. We have followed the documentation and configured below in sites-enabled/eap-aka-sim and able to authenticate successful with EAPOL_TEST tool using same Ki and OPc:

<<<<<<<<<<<<<<<<<<<<<<<<<<<<

send Challenge-Request {

                &control.SIM-Ki  := 0x465b5ce8b199b49faa5f0a2ee238a6bc

                &control.SIM-Opc := 0xcd63cb71954a9f4e48a5994e37a02baf

                &control.SIM-SQN := 3

}

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>



However, this helps in authenticating only the imsi with above Ki/OPc. But our requirement is to authenticate multiple such IMSIs/SIMs with their Ki/OPc whose values we are aware of.

May I know how to specify the list of imsi/Users and make it work instead of hardcoding like above?



We tried adding following line in 'users' file in raddb/ folder and removed above hardcoding in Challenge-Response part of eap-aka-sim virtual-server configuration :

"315010000000002 at wlan.mnc010.mcc315.3gppnetwork.org<mailto:315010000000002 at wlan.mnc010.mcc315.3gppnetwork.org>      SIM-Ki  := 770db7f9275c47eb3d12b2024caa3548, SIM-Opc := 6245aedadf3ebbb82b0f62df52e0de12, SIM-SQN := 3"



But it's not working.

I have attached the radiusd Logs with the mail. Where I see following error -

"""

(0.0)    eap-aka-sim - WARNING: Could not find or derive data for UMTS vector

(0.0)    eap-aka-sim - ERROR: Failed retrieving UMTS vectors

"""



Summary of my setup:

  *   FreeRadius version4 -  Configured, compiled and installed from master Branch
  *   wpa_supplicant version 2.10
  *   Ubuntu 20.04 LTS



Any help would be greatly appreciated. Thank you in advance.

Best regards,

Mrudul Dighe.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: eap_aka_freeradius.log
Type: application/octet-stream
Size: 48163 bytes
Desc: eap_aka_freeradius.log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20230426/de74630e/attachment-0001.obj>

More information about the Freeradius-Users mailing list