On 16/02/2012 03:36, Fajar A. Nugraha wrote:
On Thu, Feb 16, 2012 at 8:56 AM, Richard J Palmer<rich...@merula.net> wrote:
update request {
User-Name := "%{Calling-Station-Id}"
User-Password :="SIMUSER"
}
Are you SURE your clients use CHAP?
They may be a better way... but this seems to work :-)
It would work for PAP, in which case you can also just use this:
http://wiki.freeradius.org/FAQ#How+do+I+permit+access+to+any+user+regardless+of+password%3F
It should not work on (MS)CHAP since both client and server needs to
know the password, otherwise the challenge/response process will fail.
It's entirely possible though that your clients are configured to use
any available authentication method, in which case when chap fails
they fallback to PAP.
Due to the design of the mobile network, the actual session is
originated from the network rather than the device, which iirc presents
only CHAP, but may or may not include a username/password pair and
thusly the calling station id can include identifying info such as sim
id or phone number
Using the Auth-Type method does work, but as the username is the lookup
key, it doesn't provide the ability to deliver attributes to the NAS
(from what I can see), I ran into this exact issue when first looking at
implementing it
Thanks,
J
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html