Hi IIiya,
thanx for your answer
i tried to fix syntax error in in users file
and also i tried using patch in
http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120914/13b2c044/attachment.ksh
but unfortunately,
the result is same, my first device can connect to internet and the
Hi, thanx for your reply
i also tried using patch in
http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120914/13b2c044/attachment.ksh
but unfortunately,
when i already connect with one device successfully, i try another
device the result another device is
rejected by server
On 20.06.2013 17:56, raptor raptor wrote:
my users format
1510019760806...@wlan.mnc001.mcc510.3gppnetwork.org EAP-Type := SIM
EAP-Sim-Rand1 = 0x 326258E6F77C40f3866DB25DEA60AE4D,
EAP-Sim-SRES1 = 0x DD287535,
EAP-Sim-KC1 = 0x 7F743521EBabb000,
EAP-Sim-Rand2 = 0x FD9989BD90AD4a03962E6C08C000C14B,
Hi, IIiya
i'm sorry my posting above is about one client
first, i connect with one client and it's success
(until "Finished request 2" in debug log)
and then in next request, i try with different supplicant/client to
authenticate and i have input identitiy (IMSI, RAND, SRES,KC) in to
simtriplets.
On 20.06.2013 13:38, raptor raptor wrote:
Sending Access-Accept of id 0 to 192.168.2.1 port 2048
MS-MPPE-Recv-Key =
0x9d0b6b0a9151822473399a9fed44e8f0d74df083532a7d437e436f60866252d8
MS-MPPE-Send-Key =
0xebf07da25ca3cd97267d1fc6a1ce18d68ad2737902f610284bdb45c6eed0cb7f
EAP-Message = 0x03760004
M
Hi IIiya,
thanx for your quick response
here is my log debug
rad_recv: Access-Request packet from host 192.168.2.1 port 2048, id=0,
length=215
User-Name = "1510019760806...@wlan.mnc001.mcc510.3gppnetwork.org
"
NAS-IP-Address = 192.168.2.1
Called-Station-Id =
On 20.06.2013 8:38, raptor raptor wrote:
i just try one client and success but when i use another client and it fails
Post debug log if you want to diagnose authentication failure.
is it correct if i add other client in users and simtriplets.dat?
Yes, you should add auth vectors for all you
Hi,
i have tried with one client and it's success to authenticate and access
internet in wlan
could this test we use multiple clients?
i just try one client and success but when i use another client and it fails
is it correct if i add other client in users and simtriplets.dat?
ex:
simtriplets.da
Hi, IIlya
Thanx for your advice
it works
On Thu, Jun 13, 2013 at 2:47 PM, Iliya Peregoudov wrote:
> On 11.06.2013 12:27, raptor raptor wrote:
>
>> 1.
>> when i change users entry, i get notification that access-accept has
>> succesfull
>> but unfortunately, when i restart the system cant access-
On 11.06.2013 12:27, raptor raptor wrote:
1.
when i change users entry, i get notification that access-accept has
succesfull
but unfortunately, when i restart the system cant access-accept and i
must change attribute in users from agsm program
here the log:
I do not understand clearly whether y
On 11.06.2013 22:21, Rodney Machado wrote:
After reading again the documentation, i got to this point:
[skipped]
I'm going to fix the user file and give it a try again.
rlm_eap_sim expects EAP-Sim-RAND1 (and friends) on reply list, not in
control list.
So correct users entry for EAP-SIM is
After reading again the documentation, i got to this point:
What's with the commas in the raddb/users file?
Commas link lists of attributes together. The general format for a raddb/users
file entry is:
name Check-Item = Value, ..., Check-Item = Value Reply-Item = Value, . . .
Reply-Item = Value
Hi Iliya,
I'm been trying my self EAP-SIM auth for a while, with nothing but odd results.
I'm using FreeRADIUS Version 3.0.0 (git #25b6fdd), in wich the support for
sim_files module have been dropped. I tryied setting the vectors vía the users
file for my IMSI but its not working, I was just ab
Hi Iliya Peregoudov
thanx for your advice and your time
1.
when i change users entry, i get notification that access-accept has
succesfull
but unfortunately, when i restart the system cant access-accept and i must
change attribute in users from agsm program
here the log:
Ready to process requests
On 11.06.2013 7:00, raptor raptor wrote:
i'm sorry i dont understand about LF UNIX line ending, could you show me
what should i do to simtriplets.dat format?
is there any mistake?
Run
dos2unix simtriplets.dat
in UNIX shell. This will ensure simtriplets.dat has UNIX line endings.
i got that
Iliya Peregoudov wite :
1.
> rlm_sim_files: insufficient number of challenges for imsi
> 1510019760806391: 0
> ++[sim_files] returns notfound
>
It's strange that rlm_sim_files was unable to find auth vectors.
Ensure that simtriplets.dat has UNIX line endings (LF, not CRLF).
i'm sorry i dont und
On 09.06.2013 5:34, raptor raptor wrote:
simtriplets.dat format that i wite:
1,,,
1510019760806391,AAC0FAFDC47D4524AC9E2A3D51BDBA39,2A71bac3,7868589a75fdc000
1510019760806391,BF9A9F6EEB36422895D010927D76972C,F49dd880,3Afbcf2fA9b0a000
1510019760806391,C63837CFECD348deB119C35CFECD4898,49312999,FD4
simtriplets.dat format that i wite:
1,,,
1510019760806391,AAC0FAFDC47D4524AC9E2A3D51BDBA39,2A71bac3,7868589a75fdc000
1510019760806391,BF9A9F6EEB36422895D010927D76972C,F49dd880,3Afbcf2fA9b0a000
1510019760806391,C63837CFECD348deB119C35CFECD4898,49312999,FD488938B6f2a000
i add in users file:
DEFAUL
my simtriplets.dat :
1
1510019760806391,AAC0FAFDC47D4524AC9E2A3D51BDBA39,2A71bac3,7868589a75fdc000
1510019760806391,BF9A9F6EEB36422895D010927D76972C,F49dd880,3Afbcf2fA9b0a000
1510019760806391,C63837CFECD348deB119C35CFECD4898,49312999,FD488938B6f2a000
On Mon, Jun 3, 2013 at 9:26 PM, Alan DeKok w
Iliya Peregoudov wrote:
> Apparently there is an error in simtriplets.dat. Format is
>
> 1,,,
>
> , , and should be in hexadecimal digits, without 0x
> prefix. An even number of hexadecimal digits should be in there.
The simtriplets.dat dile doesn't have "0x" prefixes in its examples
In an
Apparently there is an error in simtriplets.dat. Format is
1,,,
, , and should be in hexadecimal digits, without 0x
prefix. An even number of hexadecimal digits should be in there.
On 01.06.2013 5:51, raptor raptor wrote:
ASSERT FAILED rlm_sim_files.c[212]: k != NULL
-
List info/subscribe
i have added Stripped-User-Name in sites-enabled/default and also i
disabled suffix module
but, i found like fatal mistake
could someone tell me what i should do to fix this
this is my log
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.1.1 port 2048, id=0,
length=2
Call suffix before sim_files.
The rlm_sim_files module uses "canonical username" as a key for
searching authentication vectors. Initially canonical username points to
User-Name attribute. rlm_realm module (suffix is an instance of this
module) split User-Name to Stripped-User-Name and Realm an
Hi,
i have added simtriplets.dat and create file sim_files in
/freeradius/modules
and also i configure sim_files in authorize{} in /sites-enabled/default
but i dont use suffix module
so my concern is how to solve this message :
"rlm_sim_files: insufficient number of challenges for imsi
i...@wlan
Hi, Phil
Better yet, don't use the "suffix" module; look for the realm and strip it
yourself:
authorize {
if (User-Name =~ /^(.*)@(.+)$/) {
update request {
Stripped-User-Name := "%{1}"
Realm := "%{2}"
}
}
}
See the policy.conf/policy.d and list archives for better regexp
On 30/05/13 08:22, EasyHorpak.com wrote:
On 30/05/2556 13:44, raptor raptor wrote:
[pap] WARNING! No "known good" password found for the
user.Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
[pap] WARNING! No "known good" password found for the
user.Authe
On 30/05/13 08:16, Iliya Peregoudov wrote:
You should designate realm wlan.mnc001.mcc510.3gppnetwork.org as locally
served in raddb/proxy.conf:
Better yet, don't use the "suffix" module; look for the realm and strip
it yourself:
authorize {
if (User-Name =~ /^(.*)@(.+)$/) {
update requ
On 30/05/2556 13:44, raptor raptor
wrote:
[pap] WARNING! No "known good"
password found for the user.
Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
[pap] WARNING! No "known good"
You should designate realm wlan.mnc001.mcc510.3gppnetwork.org as locally
served in raddb/proxy.conf:
# raddb/proxy.conf
realm wlan.mnc001.mcc510.3gppnetwork.org {
}
Then you should add authentication vectors to raddb/simtriplets.dat:
# raddb/simtriplets.dat
# 1,,,
1250991417456196,cf92007bd381
29 matches
Mail list logo
