Judging by that access-accept message you don't have all of the attributes needed to set up a WiMax service flow. There are far more attributes that need to be sent than you have listed below, and they all have to be sent in the order listed in dictionary.wimax. Check the archives of this list for WiMax service flow replies, this is fairly well documented.
Your ASN manufacturer should be able to supply you with an IOT document or other radius documentation. David -----Original Message----- From: freeradius-users-bounces+davidp=wirelessconnections....@lists.freeradius.org [mailto:freeradius-users-bounces+davidp=wirelessconnections.net@lists.freera dius.org] On Behalf Of Rathod Subhashchandra Sent: Monday, June 11, 2012 9:10 AM To: 'Fajar A. Nugraha'; 'FreeRadius users mailing list' Subject: RE: WING-ASN throwing error - Mandatory HA Mode parameter Importance: High Dear Fajar, ACCESS-ACCEPT screen logs shows following attributes but not in pcap. Screen logs: Sending Access-Accept of id 6 to 125.125.40.38 port 1812 WiMAX-MN-NAI = "u...@tataelxsi.com" Service-Type = Authenticate-Only State = 0xd2be425bd6b84f57c4a7ea648e1803b6 MS-MPPE-Recv-Key = 0xd967448623358aa2149aee72c8d59c7640ca9b7fb4c06836781533bb9ae7679d MS-MPPE-Send-Key = 0x49a17afa5f030067f31c8a3e44d14e88a312af0a90e1299e73019fa1c27e7fb3 WiMAX-MSK = 0xd967448623358aa2149aee72c8d59c7640ca9b7fb4c06836781533bb9ae7679d49a17afa5f 030067f31c8a3e44d14e88a312af0a90e1299e73019fa1c27e7fb3 EAP-Message = 0x03060004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "u...@tataelxsi.com" WiMAX-IP-Technology = PMIP4 WiMAX-hHA-IP-MIP4 = 172.16.104.175 WiMAX-DNS-Server = 192.168.10.3 WiMAX-Accounting-Capabilities = IP-Session-Based WiMAX-Idle-Mode-Notification-Cap = Supported WiMAX-AAA-Session-Id = 0x30313032 WiMAX-Packet-Data-Flow-Id = 1 WiMAX-Service-Data-Flow-Id = 1 WiMAX-Service-Profile-Id = 1 WiMAX-Direction = Bi-Directional WiMAX-FA-RK-Key = 0xb977ed6f9bf2231bba840d7cf1c02cd1bd7f47fa Framed-IP-Address = 192.168.10.3 Session-Timeout = 172800 Termination-Action = 3 Chargeable-User-Identity = "u...@tataelxsi.com" WiMAX-HA-RK-Lifetime = 900 WiMAX-HA-RK-SPI = 0 WiMAX-HA-RK-Key = 0x2b83c9fd0e5c3e2f8af0aa4464ba27ff8372fe4b WiMAX-FA-RK-SPI = 2474926121 The content of Wireshark is attached. Wireshark ACCESS-ACCEPT message does not reflect WiMAX-HA-RK-Lifetime, WiMAX-HA-RK-SPI, WiMAX-HA-RK-Key, and WiMAX-FA-RK-SPI. Does it mean that above attributes are not added in the message and simply printed by FreeRadius server? Or Vendor specific HA mode parameters are different? Thanks ! Rathod. -----Original Message----- From: Fajar A. Nugraha [mailto:l...@fajar.net] Sent: Monday, June 11, 2012 11:39 AM To: rat...@tataelxsi.co.in; FreeRadius users mailing list Subject: Re: WING-ASN throwing error - Mandatory HA Mode parameter On Mon, Jun 11, 2012 at 12:50 PM, Rathod Subhashchandra <rat...@tataelxsi.co.in> wrote: > I am using Free Radius only. > I would like to know whether FreeRadius supports following attributes > in ACCESS-ACCEPT. > > HA_RK_Lifetime, HA_RK_SPI, HA_RK_KEY, Duration Quota, MN_HA_SPI, HA_IP_ADDR, > MN_HA_KEY freeradius supports adding custom or vendor-specific attributes. You need to know what they are to add them. Ask your NAS vendor for the radius dictionary file, and what the values should be for a successful authentication. IF (and ONLY if) you already have a working radius server for that NAS, you could probably use wireshark/tcpdump/whatever to capture what attributes were sent, and configure FR to send those attributes as well. I don't recommend this method for newbies though, better ask your vendor. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html