Re: [RADIATOR] ERR: Attribute number 101
They sent me:
# Bluesocket vendor specific
VENDOR BLUESOCKET 9967
ATTRIBUTE BlueSocketRole 100 string BLUESOCKET
ATTRIBUTE Bluesocketap101 string BLUESOCK
I see from the examples VENDORATTR, should it be changed to:
# Bluesocket vendor specific
VENDOR BLUESOCKET 9967
VENDORATTR BlueSocketRole 100 string BLUESOCKET
VENDORATTR Bluesocketap101 string BLUESOCK
--
Adam Gerson
Assistant Director of Technology
Columbia Grammar and Prep School
phone. 212-749-6200 ex. 321
fax. 212-428-6806
ager...@cgps.org
http://www.cgps.org
On 6/25/10 4:42 PM, Hugh Irvine wrote:
>
> Hello Adam -
>
> The dictionary is the file that contains all of the RADIUS attribute
> definitions for the standard set plus all the vendor specifics.
>
> The error you show is due to a missing vendor-specific for vendor 9967 which
> is listed as Bluesocket.
>
> You should ask Bluesocket for their vendor-specific attribute definitions and
> add them to your dictionary.
>
> The Radiator dictionary is a simple text file called "dictionary" in the main
> distribution directory.
>
> In the meantime you can add the following to your dictionary to stop the
> error messages:
>
>
> #
> # Bluesocket
> #
>
> VENDOR Bluesocket 9967
> VENDORATTR 9967Bluesocket-101 101 string
>
>
> You will need to restart "radiusd" to have the dictionary re-read.
>
> When you do find out from Bluesocket what attributes they use, please send us
> a copy so we can add them to the standard Radiator dictionary.
>
> regards
>
> Hugh
>
>
>
> On 26 Jun 2010, at 02:59, Adam Gerson wrote:
>
>> Bluesocket is what we use.
>>
>> What is a radius dictionary and whats it used for? What would I do with
>> it once I got it?
>>
>> Adam
>>
>>
>> --
>> Adam Gerson
>> Assistant Director of Technology
>> Columbia Grammar and Prep School
>> phone. 212-749-6200 ex. 321
>> fax. 212-428-6806
>> ager...@cgps.org
>> http://www.cgps.org
>>
>> On 6/25/10 11:31 AM, Kurt Jaeger wrote:
>>> Hi!
>>>
I see this a lot in my logs. Is that a problem?
Fri Jun 25 00:07:45 2010: ERR: Attribute number 101 (vendor 9967) is not
defined in your dictionary
>>>
>>> What kind of device do you have ?
>>>
>>> http://www.iana.org/assignments/enterprise-numbers
>>>
>>> says that 9967 was assigned to
>>>
>>> Bluesocket, Inc.
>>> Suresh Gandhi
>>>sgan...@bluesocket.com
>>>
>>> Hmm, the webpage says: 802.11n virtual WLAN stuff. Is this what you
>>> use ? Can you ask them for their radius dictionary ?
>>>
>>
>> ___
>> radiator mailing list
>> radiator@open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive
> (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] EAP-SIM Authentication Issue
Hello,
Thanks for the update.
Pls let us know if we can help further
Cheers.
On Tuesday 29 June 2010 05:28:26 pm Rajesh Thota wrote:
> Mike/Hugh,
>
> Appreciate your help on this. I got it working. The problem was with
> RAND attribute. Fixed the CGI which is delivering the Kc & RAND.
>
> Thanks.
>
> Rajesh.
>
> On Fri, Jun 25, 2010 at 1:53 AM, Mike McCauley wrote:
> > HEllo,
> >
> > On Thursday 24 June 2010 11:55:12 pm Rajesh Thota wrote:
> > > Hello All,
> > >
> > > I am in the process of evaluating Radiator. 2 Main features I would be
> > > needing is EAP-SIM and EAP-PEAP.
> > >
> > > I have been working on modifying the EAP-SIM.pm file I have just
> >
> > modified
> >
> > > the sim_request_triplets subroutine to pull the GSM triplets using a
> > > HTTP GET request to a server. The HTTP Server talks to the MAP gateway
> >
> > passing
> >
> > > the IMSI. For the time being I have hard-coded the IMSI onto the URL.
> > > The IMSI on the URL and the request is same. I am passing the RAND,
> > > SRES
> >
> > &
> >
> > > Kc from this routine as shown in the sample code(comment).
> >
> > That looks OK, although I see you are passing the same triplet back 3
> > times.
> >
> > The last message indicates the client found a problem with the triplets
> > sent
> > to it. Suggest you look at the client side logs to determine why it did
> > not like the triplets. May be related to the above point?
> >
> > Or may through some error, the triplets are not for the IMSI you are
> > requesting.
> >
> > Cheers.
> >
> > > Any help is appreciated on this front.
> > >
> > > Thanks & Regards
> > >
> > > Rajesh
> >
> > -
> >--
> >
> > >
> > > --
> > >
> > > sub sim_request_triplets
> > > {
> > > my ($self, $context, $p, $n) = @_;
> > >
> > > my $ua1 = new LWP::UserAgent;
> > > $ua1->agent("AgentName/0.1 " . $ua1->agent);
> > >
> > > # Create a request
> > > my $req = new HTTP::Request GET => '
> >
> > http://192.168.1.127:8080/cgi-bin/hlr_hex_cgi?TRANS_ID=102&IMSI=405803190
> >03
> >
> > >2618 ';
> > > $req->content_type('application/x-www-form-urlencoded');
> > > $req->content('match=www&errors=0');
> > >
> > > # Pass request to the user agent and get a response back
> > > my $res = $ua1->request($req);
> > > my $webOut;
> > >
> > > # Check the outcome of the response
> > > if ($res->is_success) {
> > > $webOut = $res->content;
> > > } else {
> > > print "Bad luck this time\n";
> > > }
> > >
> > > my $row;
> > > @$row = split( /\n/, $webOut);
> > >
> > > my $myARand;
> > > my $myASres;
> > > my $myAKc;
> > >
> > > @$myARand=split(/\=/, @$row[6]);
> > > @$myASres=split(/\=/, @$row[7]);
> > > @$myAKc=split(/\=/, @$row[8]);
> > >
> > > my $myKc = @$myAKc[1];
> > > my $mySres = @$myASres[1];
> > > my $myRand = @$myARand[1];
> > >
> > > $self->log($main::LOG_DEBUG, "$myRand | $mySres | $myKc
> > > ...");
> > >
> > > return (
> > > pack('H*', $myKc), pack('H*', $mySres), pack('H*',
> > > $myRand), pack('H*', $myKc), pack('H*', $mySres), pack('H*', $myRand),
> > > pack('H*', $myKc), pack('H*', $mySres), pack('H*', $myRand), );
> > >
> > > return;
> > > }
> >
> > -
> >--
> >
> > >
> > > --
> > >
> > > The Radius LOG file prints the following :
> > >
> > > *** Received from 192.168.1.152 port 2049
> > > Code: Access-Request
> > > Identifier: 9
> > > Authentic: <145>BZ<135><209><1>Qi<214><11>r<248>e<174><141><224>
> > > Attributes:
> > > User-Name =
> > > "1405803190032...@wlan.mnc080.mcc405.3gppnetwork.org
> >
> > "
> >
> > > NAS-IP-Address = 192.168.1.152
> > > NAS-Identifier = "Wireless LAN Access Point"
> > > NAS-Port = 0
> > > Called-Station-Id = "00-80-48-67-43-25:SIM-Test"
> > > Calling-Station-Id = "00-24-7D-4A-52-87"
> > > Framed-MTU = 1400
> > > NAS-Port-Type = Wireless-IEEE-802-11
> > > Connect-Info = "CONNECT 11Mbps 802.11b"
> > > EAP-Message = <2><0><0>8<1>
> > > 1405803190032...@wlan.mnc080.mcc405.3gppnetwork.org
> > > Message-Authenticator =
> > > <212>I<163>k?gNAGu<5><228><7><200>"<197>
> > >
> > > Thu Jun 24 19:02:13 2010: DEBUG: Handling request with Handler
> > > 'Realm=DEFAULT'
> > > Thu Jun 24 19:02:13 2010: DEBUG: Deleting session for
> > > 1405803190032...@wlan.mnc080.mcc405.3gppnetwork.org, 192.168.1.152, 0
> > > Thu Jun 24 19:02:13 2010: DEBUG: Handling with Radius::AuthSIM:
> > > Thu Jun 24 19:02:13 2010: DEBUG: Handling with EAP: code 2, 0, 56, 1
> > > Thu Jun 24 19:02:13 2010: DEBUG: Response type 1
> > > Thu Jun 24
Re: [RADIATOR] EAP-SIM Authentication Issue
Mike/Hugh,
Appreciate your help on this. I got it working. The problem was with RAND
attribute. Fixed the CGI which is delivering the Kc & RAND.
Thanks.
Rajesh.
On Fri, Jun 25, 2010 at 1:53 AM, Mike McCauley wrote:
> HEllo,
>
> On Thursday 24 June 2010 11:55:12 pm Rajesh Thota wrote:
> > Hello All,
> >
> > I am in the process of evaluating Radiator. 2 Main features I would be
> > needing is EAP-SIM and EAP-PEAP.
> >
> > I have been working on modifying the EAP-SIM.pm file I have just
> modified
> > the sim_request_triplets subroutine to pull the GSM triplets using a HTTP
> > GET request to a server. The HTTP Server talks to the MAP gateway
> passing
> > the IMSI. For the time being I have hard-coded the IMSI onto the URL.
> > The IMSI on the URL and the request is same. I am passing the RAND, SRES
> &
> > Kc from this routine as shown in the sample code(comment).
>
> That looks OK, although I see you are passing the same triplet back 3
> times.
>
> The last message indicates the client found a problem with the triplets
> sent
> to it. Suggest you look at the client side logs to determine why it did not
> like the triplets. May be related to the above point?
>
> Or may through some error, the triplets are not for the IMSI you are
> requesting.
>
> Cheers.
>
> >
> > Any help is appreciated on this front.
> >
> > Thanks & Regards
> >
> > Rajesh
> >
> >
> ---
>
> >
> >--
> >
> > sub sim_request_triplets
> > {
> > my ($self, $context, $p, $n) = @_;
> >
> > my $ua1 = new LWP::UserAgent;
> > $ua1->agent("AgentName/0.1 " . $ua1->agent);
> >
> > # Create a request
> > my $req = new HTTP::Request GET => '
> >
> http://192.168.1.127:8080/cgi-bin/hlr_hex_cgi?TRANS_ID=102&IMSI=40580319003
> >2618 ';
> > $req->content_type('application/x-www-form-urlencoded');
> > $req->content('match=www&errors=0');
> >
> > # Pass request to the user agent and get a response back
> > my $res = $ua1->request($req);
> > my $webOut;
> >
> > # Check the outcome of the response
> > if ($res->is_success) {
> > $webOut = $res->content;
> > } else {
> > print "Bad luck this time\n";
> > }
> >
> > my $row;
> > @$row = split( /\n/, $webOut);
> >
> > my $myARand;
> > my $myASres;
> > my $myAKc;
> >
> > @$myARand=split(/\=/, @$row[6]);
> > @$myASres=split(/\=/, @$row[7]);
> > @$myAKc=split(/\=/, @$row[8]);
> >
> > my $myKc = @$myAKc[1];
> > my $mySres = @$myASres[1];
> > my $myRand = @$myARand[1];
> >
> > $self->log($main::LOG_DEBUG, "$myRand | $mySres | $myKc
> > ...");
> >
> > return (
> > pack('H*', $myKc), pack('H*', $mySres), pack('H*', $myRand),
> > pack('H*', $myKc), pack('H*', $mySres), pack('H*', $myRand),
> > pack('H*', $myKc), pack('H*', $mySres), pack('H*', $myRand),
> > );
> >
> > return;
> > }
> >
> >
> ---
>
> >
> >--
> >
> > The Radius LOG file prints the following :
> >
> > *** Received from 192.168.1.152 port 2049
> > Code: Access-Request
> > Identifier: 9
> > Authentic: <145>BZ<135><209><1>Qi<214><11>r<248>e<174><141><224>
> > Attributes:
> > User-Name = "1405803190032...@wlan.mnc080.mcc405.3gppnetwork.org
> "
> > NAS-IP-Address = 192.168.1.152
> > NAS-Identifier = "Wireless LAN Access Point"
> > NAS-Port = 0
> > Called-Station-Id = "00-80-48-67-43-25:SIM-Test"
> > Calling-Station-Id = "00-24-7D-4A-52-87"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-IEEE-802-11
> > Connect-Info = "CONNECT 11Mbps 802.11b"
> > EAP-Message = <2><0><0>8<1>
> > 1405803190032...@wlan.mnc080.mcc405.3gppnetwork.org
> > Message-Authenticator = <212>I<163>k?gNAGu<5><228><7><200>"<197>
> >
> > Thu Jun 24 19:02:13 2010: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Thu Jun 24 19:02:13 2010: DEBUG: Deleting session for
> > 1405803190032...@wlan.mnc080.mcc405.3gppnetwork.org, 192.168.1.152, 0
> > Thu Jun 24 19:02:13 2010: DEBUG: Handling with Radius::AuthSIM:
> > Thu Jun 24 19:02:13 2010: DEBUG: Handling with EAP: code 2, 0, 56, 1
> > Thu Jun 24 19:02:13 2010: DEBUG: Response type 1
> > Thu Jun 24 19:02:13 2010: DEBUG: EAP result: 3, EAP SIM/Start
> > Thu Jun 24 19:02:13 2010: DEBUG: AuthBy SIM result: CHALLENGE, EAP
> > SIM/Start Thu Jun 24 19:02:13 2010: DEBUG: Access challenged for
> > 1405803190032...@wlan.mnc080.mcc405.3gppnetwork.org: EAP SIM/Start
> > Thu Jun 24 19:02:13 2010: DEBUG: Packet dump:
> > *** Sending to 192.168.1.152 port 2049
> > Code: Access-Challenge
> > Identifier: 9
> > A
