Hi Iliya Peregoudov thanx for your advice and your time 1. when i change users entry, i get notification that access-accept has succesfull but unfortunately, when i restart the system cant access-accept and i must change attribute in users from agsm program here the log:
Ready to process requests. rad_recv: Access-Request packet from host 192.168.1.1 port 2048, id=0, length=215 User-Name = "1510019760806...@wlan.mnc001.mcc510.3gppnetwork.org " NAS-IP-Address = 192.168.1.1 Called-Station-Id = "48f8b315461a" Calling-Station-Id = "1814563e5189" NAS-Identifier = "48f8b315461a" NAS-Port = 38 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x02000038013135313030313937363038303633393140776c616e2e6d6e633030312e6d63633531302e336770706e6574776f726b2e6f7267 Message-Authenticator = 0x95014bdec4f49a1b5363bd5988ab5ddd +- entering group authorize {...} ++[preprocess] returns ok [suffix] Looking up realm "wlan.mnc001.mcc510.3gppnetwork.org" for User-Name = "1510019760806...@wlan.mnc001.mcc510.3gppnetwork.org" [suffix] Found realm "wlan.mnc001.mcc510.3gppnetwork.org" [suffix] Adding Stripped-User-Name = "1510019760806391" [suffix] Adding Realm = "wlan.mnc001.mcc510.3gppnetwork.org" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok rlm_sim_files: insufficient number of challenges for imsi 1510019760806391: 0 ++[sim_files] returns notfound [eap] EAP packet type response id 0 length 56 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[unix] returns notfound [files] users: Matched entry DEFAULT at line 227 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] EAP Identity [eap] processing type sim [eap] Underlying EAP-Type set EAP ID to 81 ++[eap] returns handled Sending Access-Challenge of id 0 to 192.168.1.1 port 2048 EAP-Message = 0x01510014120a00000f0200020001000011010100 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xf0cf8a6cf09e98be2ec974e82cdf9f5b Finished request 0. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.1.1 port 2048, id=0, length=265 Cleaning up request 0 ID 0 with timestamp +13 User-Name = "1510019760806...@wlan.mnc001.mcc510.3gppnetwork.org " NAS-IP-Address = 192.168.1.1 Called-Station-Id = "48f8b315461a" Calling-Station-Id = "1814563e5189" NAS-Identifier = "48f8b315461a" NAS-Port = 38 Framed-MTU = 1400 State = 0xf0cf8a6cf09e98be2ec974e82cdf9f5b NAS-Port-Type = Wireless-802.11 EAP-Message = 0x02510058120a000007050000a3663d2e1ff07a1cb29d04fdb0047908100100010e0e00333135313030313937363038303633393140776c616e2e6d6e633030312e6d63633531302e336770706e6574776f726b2e6f726700 Message-Authenticator = 0x6b683386c02724d0f0b7710f5ede4a93 +- entering group authorize {...} ++[preprocess] returns ok [suffix] Looking up realm "wlan.mnc001.mcc510.3gppnetwork.org" for User-Name = "1510019760806...@wlan.mnc001.mcc510.3gppnetwork.org" [suffix] Found realm "wlan.mnc001.mcc510.3gppnetwork.org" [suffix] Adding Stripped-User-Name = "1510019760806391" [suffix] Adding Realm = "wlan.mnc001.mcc510.3gppnetwork.org" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok rlm_sim_files: insufficient number of challenges for imsi 1510019760806391: 0 ++[sim_files] returns notfound [eap] EAP packet type response id 81 length 88 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[unix] returns notfound [files] users: Matched entry DEFAULT at line 227 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/sim [eap] processing type sim rlm_eap_sim: subtype= 10 start. +++> EAP-sim decoded packet: User-Name = "1510019760806...@wlan.mnc001.mcc510.3gppnetwork.org " NAS-IP-Address = 192.168.1.1 Called-Station-Id = "48f8b315461a" Calling-Station-Id = "1814563e5189" NAS-Identifier = "48f8b315461a" NAS-Port = 38 Framed-MTU = 1400 State = 0xf0cf8a6cf09e98be2ec974e82cdf9f5b NAS-Port-Type = Wireless-802.11 EAP-Message = 0x02510058120a000007050000a3663d2e1ff07a1cb29d04fdb0047908100100010e0e00333135313030313937363038303633393140776c616e2e6d6e633030312e6d63633531302e336770706e6574776f726b2e6f726700 Message-Authenticator = 0x6b683386c02724d0f0b7710f5ede4a93 Stripped-User-Name = "1510019760806391" Realm = "wlan.mnc001.mcc510.3gppnetwork.org" EAP-Type = SIM EAP-Sim-Subtype = Start EAP-Sim-NONCE_MT = 0x0000a3663d2e1ff07a1cb29d04fdb0047908 EAP-Sim-SELECTED_VERSION = 0x0001 EAP-Sim-IDENTITY = 0x00333135313030313937363038303633393140776c616e2e6d6e633030312e6d63633531302e336770706e6574776f726b2e6f726700 [eap] Underlying EAP-Type set EAP ID to 82 ++[eap] returns handled Sending Access-Challenge of id 0 to 192.168.1.1 port 2048 EAP-Message = 0x01520050120b0000010d0000307ca6eca31a4a549e879b2674f0feef90b5da4be8174863a276a439c7c2cec79bd7fc87248f4db6af4646a80b4baca50b0500003e86636bdab81ae6982ce83aa6f14ac7 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xf0cf8a6cf19d98be2ec974e82cdf9f5b Finished request 1. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.1.1 port 2048, id=0, length=205 Cleaning up request 1 ID 0 with timestamp +13 User-Name = "1510019760806...@wlan.mnc001.mcc510.3gppnetwork.org " NAS-IP-Address = 192.168.1.1 Called-Station-Id = "48f8b315461a" Calling-Station-Id = "1814563e5189" NAS-Identifier = "48f8b315461a" NAS-Port = 38 Framed-MTU = 1400 State = 0xf0cf8a6cf19d98be2ec974e82cdf9f5b NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0252001c120b00000b050000bbff92fe6855f8aa9a62504e58070daa Message-Authenticator = 0xf3712470b4c966857d76f6ff1f44415e +- entering group authorize {...} ++[preprocess] returns ok [suffix] Looking up realm "wlan.mnc001.mcc510.3gppnetwork.org" for User-Name = "1510019760806...@wlan.mnc001.mcc510.3gppnetwork.org" [suffix] Found realm "wlan.mnc001.mcc510.3gppnetwork.org" [suffix] Adding Stripped-User-Name = "1510019760806391" [suffix] Adding Realm = "wlan.mnc001.mcc510.3gppnetwork.org" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok rlm_sim_files: insufficient number of challenges for imsi 1510019760806391: 0 ++[sim_files] returns notfound [eap] EAP packet type response id 82 length 28 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[unix] returns notfound [files] users: Matched entry DEFAULT at line 227 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/sim [eap] processing type sim rlm_eap_sim: subtype= 11 challenge. MAC check succeed [eap] Underlying EAP-Type set EAP ID to 83 [eap] Freeing handler ++[eap] returns ok +- entering group post-auth {...} ++[exec] returns noop Sending Access-Accept of id 0 to 192.168.1.1 port 2048 MS-MPPE-Recv-Key = 0xb1bd9cf479d08726b2277e72dd2b941613f870f149ebb11113b2cfb7de1b26d7 MS-MPPE-Send-Key = 0xa89a0b0b6d0d3b4d8d15314c00749f6135072e59c3c403afce10b0fb30c4386d EAP-Message = 0x03530004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "1510019760806391" Finished request 2. Going to the next request Waking up in 4.9 seconds. Cleaning up request 2 ID 0 with timestamp +14 Ready to process requests. 2. i've changed users entry as you suggest and i still get the same notification rlm_sim_files : isufficient number of challenges of challenges for imsi thanx for your help i'm really really appreciate it best regards On Tue, Jun 11, 2013 at 1:51 PM, Iliya Peregoudov <iperegu...@cboss.ru>wrote: > On 11.06.2013 7:00, raptor raptor wrote: > >> i'm sorry i dont understand about LF UNIX line ending, could you show me >> what should i do to simtriplets.dat format? >> is there any mistake? >> > > Run > > dos2unix simtriplets.dat > > in UNIX shell. This will ensure simtriplets.dat has UNIX line endings. > > > i got that format in /src/tests/eapsim-03/users-**example.txt >> what should i fill in Rand1 attribute? >> > > I assume that your simtriplets.dat contains correct auth vectors (e.g. > generated by SIM card and extracted using agsm program): > > 1510019760806391,**AAC0FAFDC47D4524AC9E2A3D51BDBA** > 39,2A71bac3,7868589a75fdc000 > 1510019760806391,**BF9A9F6EEB36422895D010927D7697** > 2C,F49dd880,3Afbcf2fA9b0a000 > 1510019760806391,**C63837CFECD348deB119C35CFECD48** > 98,49312999,FD488938B6f2a000 > > Equivalent users entry should look like: > > 1510019760806391 EAP-Type:=SIM > EAP-Sim-Rand1:=**0xAAC0FAFDC47D4524AC9E2A3D51BD**BA39, > EAP-Sim-SRES1:=0x2A71bac3, > EAP-Sim-KC1:=**0x7868589a75fdc000, > EAP-Sim-Rans2:=**0xBF9A9F6EEB36422895D010927D76**972C, > EAP-Sim-SRES2:=0xF49dd880, > EAP-Sim-KC2:=**0x3Afbcf2fA9b0a000, > EAP-Sim-Rand3:=**0xC63837CFECD348deB119C35CFECD**4898, > EAP-Sim-SRES3:=0x49312999, > EAP-Sim-KC3:=**0xFD488938B6f2a000 > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/** > list/users.html <http://www.freeradius.org/list/users.html> >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html