Re[2]: Wimax + Freeradius

2009-05-18 Thread Maxim Vinnichenko 
Hello Alan,



Monday, May 18, 2009, 4:03:42 PM, you wrote:

> Maxim Vinnichenko wrote:
>> Thank you for you answer. I've changed test user and now the server
>> sends access-accept but CPE still doesn't connect.

>   Some NAS equipment will ignore Access-Accept if it doesn't contain the
> right magic.  The exact definition of this magic is usually found buried
> in a footnote on page 400 out of 800 of the vendor documentation.

>   Go look at the NAS logs, and see if there is any useful messages. If
> not, call the NAS vendor, and tell them that their product is defective.

>   FreeRADIUS works with WiMAX equipment from Nokia, Cisco and Motorola.
>  (That I've seen.)  Other vendors known to have problems include
> Alvarion.  They don't seem to care that their equipment doesn't work,
> and they haven't answered any of my messages about it.

>   The only solution is to point out publicly that Alvarion is *not*
> following the WiMAX specs, and therefore people should buy *real* WiMAX
> equipment.

>   Alan DeKok.

Thank You very much. Vendor forces us to buy theirs "unique" TRIAS
server aka radius. :) That costs several hundred thousands.

Anyway thanks to all of you for help.



-- 
Винниченко Максим
Отдел IP телефонии
__
 
ООО "Babilon - T", Таджикистан,
г. Душанбе, п-кт Сомони 8.
Офис:   (992 44) 600 00 83
Мобильный:  (992 918) 62 37 22
Эл. почта:   ma...@babilon-t.tj


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re[2]: Wimax + Freeradius

2009-05-18 Thread Maxim Vinnichenko 
Hello Ivan,

Monday, May 18, 2009, 2:09:39 PM, you wrote:

>>   We are trying to implement AAA service for WIMAX project and have
>>   some problems.
>>
>>   Freeradius ver 2.1.3 is installed on Gentoo. The schema is this
>>
>>   CPE >> WASN9770 GW >> RADIUS
>>
>>   At the moment problem is the following
>>
>> [mschap] No Cleartext-Password configured.  Cannot create LM-Password.
>> [mschap] No Cleartext-Password configured.  Cannot create NT-Password.
>> [mschap] Told to do MS-CHAPv2 for 1...@wimax.tj with NT-Password
>> [mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
>> [mschap] FAILED: MS-CHAP2-Response is incorrect
>>
>> The test user is listed in users.

> Is he?

> server inner-tunnel {
> +- entering group authorize {...}
> ...
> ++[files] returns noop
> ...

Thank you for you answer. I've changed test user and now the server
sends access-accept but CPE still doesn't connect.

[eap] Freeing handler
++[eap] returns ok
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 47 to 10.155.11.20 port 10001
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-Routing = Broadcast-Listen
Framed-MTU = 1500
MS-MPPE-Recv-Key = 
0xc7aba316325d0182e2d6fe42f5592cbef7f5039843cc2166245465ba9d3fb62f
MS-MPPE-Send-Key = 
0x526fc822f641a56a7fcc024b2cbd5891072192621baf10d2d1efbc52e448127e
EAP-Message = 0x03080004
Message-Authenticator = 0x
User-Name = "123"
Finished request 7.
Going to the next request


Full log is here
http://217.11.185.178:8080/eap2.log




> Ivan Kalik
> Kalik Informatika ISP



-- 
Винниченко Максим
Отдел IP телефонии
__
 
ООО "Babilon - T", Таджикистан,
г. Душанбе, п-кт Сомони 8.
Офис:   (992 44) 600 00 83
Мобильный:  (992 918) 62 37 22
Эл. почта:   ma...@babilon-t.tj


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html