Hello, Thanks for the update. Pls let us know if we can help further
Cheers. On Tuesday 29 June 2010 05:28:26 pm Rajesh Thota wrote: > Mike/Hugh, > > Appreciate your help on this. I got it working. The problem was with > RAND attribute. Fixed the CGI which is delivering the Kc & RAND. > > Thanks. > > Rajesh. > > On Fri, Jun 25, 2010 at 1:53 AM, Mike McCauley <[email protected]> wrote: > > HEllo, > > > > On Thursday 24 June 2010 11:55:12 pm Rajesh Thota wrote: > > > Hello All, > > > > > > I am in the process of evaluating Radiator. 2 Main features I would be > > > needing is EAP-SIM and EAP-PEAP. > > > > > > I have been working on modifying the EAP-SIM.pm file I have just > > > > modified > > > > > the sim_request_triplets subroutine to pull the GSM triplets using a > > > HTTP GET request to a server. The HTTP Server talks to the MAP gateway > > > > passing > > > > > the IMSI. For the time being I have hard-coded the IMSI onto the URL. > > > The IMSI on the URL and the request is same. I am passing the RAND, > > > SRES > > > > & > > > > > Kc from this routine as shown in the sample code(comment). > > > > That looks OK, although I see you are passing the same triplet back 3 > > times. > > > > The last message indicates the client found a problem with the triplets > > sent > > to it. Suggest you look at the client side logs to determine why it did > > not like the triplets. May be related to the above point? > > > > Or may through some error, the triplets are not for the IMSI you are > > requesting. > > > > Cheers. > > > > > Any help is appreciated on this front. > > > > > > Thanks & Regards > > > > > > Rajesh > > > > ------------------------------------------------------------------------- > >-- > > > > >------------------------------------------------------------------------ > > >---- ---------------------- > > > > > > sub sim_request_triplets > > > { > > > my ($self, $context, $p, $n) = @_; > > > > > > my $ua1 = new LWP::UserAgent; > > > $ua1->agent("AgentName/0.1 " . $ua1->agent); > > > > > > # Create a request > > > my $req = new HTTP::Request GET => ' > > > > http://192.168.1.127:8080/cgi-bin/hlr_hex_cgi?TRANS_ID=102&IMSI=405803190 > >03 > > > > >2618 '; > > > $req->content_type('application/x-www-form-urlencoded'); > > > $req->content('match=www&errors=0'); > > > > > > # Pass request to the user agent and get a response back > > > my $res = $ua1->request($req); > > > my $webOut; > > > > > > # Check the outcome of the response > > > if ($res->is_success) { > > > $webOut = $res->content; > > > } else { > > > print "Bad luck this time\n"; > > > } > > > > > > my $row; > > > @$row = split( /\n/, $webOut); > > > > > > my $myARand; > > > my $myASres; > > > my $myAKc; > > > > > > @$myARand=split(/\=/, @$row[6]); > > > @$myASres=split(/\=/, @$row[7]); > > > @$myAKc=split(/\=/, @$row[8]); > > > > > > my $myKc = @$myAKc[1]; > > > my $mySres = @$myASres[1]; > > > my $myRand = @$myARand[1]; > > > > > > $self->log($main::LOG_DEBUG, "$myRand | $mySres | $myKc > > > ..................."); > > > > > > return ( > > > pack('H*', $myKc), pack('H*', $mySres), pack('H*', > > > $myRand), pack('H*', $myKc), pack('H*', $mySres), pack('H*', $myRand), > > > pack('H*', $myKc), pack('H*', $mySres), pack('H*', $myRand), ); > > > > > > return; > > > } > > > > ------------------------------------------------------------------------- > >-- > > > > >------------------------------------------------------------------------ > > >---- ---------------------- > > > > > > The Radius LOG file prints the following : > > > > > > *** Received from 192.168.1.152 port 2049 .... > > > Code: Access-Request > > > Identifier: 9 > > > Authentic: <145>BZ<135><209><1>Qi<214><11>r<248>e<174><141><224> > > > Attributes: > > > User-Name = > > > "[email protected] > > > > " > > > > > NAS-IP-Address = 192.168.1.152 > > > NAS-Identifier = "Wireless LAN Access Point" > > > NAS-Port = 0 > > > Called-Station-Id = "00-80-48-67-43-25:SIM-Test" > > > Calling-Station-Id = "00-24-7D-4A-52-87" > > > Framed-MTU = 1400 > > > NAS-Port-Type = Wireless-IEEE-802-11 > > > Connect-Info = "CONNECT 11Mbps 802.11b" > > > EAP-Message = <2><0><0>8<1> > > > [email protected] > > > Message-Authenticator = > > > <212>I<163>k?gNAGu<5><228><7><200>"<197> > > > > > > Thu Jun 24 19:02:13 2010: DEBUG: Handling request with Handler > > > 'Realm=DEFAULT' > > > Thu Jun 24 19:02:13 2010: DEBUG: Deleting session for > > > [email protected], 192.168.1.152, 0 > > > Thu Jun 24 19:02:13 2010: DEBUG: Handling with Radius::AuthSIM: > > > Thu Jun 24 19:02:13 2010: DEBUG: Handling with EAP: code 2, 0, 56, 1 > > > Thu Jun 24 19:02:13 2010: DEBUG: Response type 1 > > > Thu Jun 24 19:02:13 2010: DEBUG: EAP result: 3, EAP SIM/Start > > > Thu Jun 24 19:02:13 2010: DEBUG: AuthBy SIM result: CHALLENGE, EAP > > > SIM/Start Thu Jun 24 19:02:13 2010: DEBUG: Access challenged for > > > [email protected]: EAP SIM/Start > > > Thu Jun 24 19:02:13 2010: DEBUG: Packet dump: > > > *** Sending to 192.168.1.152 port 2049 .... > > > Code: Access-Challenge > > > Identifier: 9 > > > Authentic: > > > > <179><251><218><160><134><176><0><241>m'<240><216><136><188>kF > > > > > Attributes: > > > EAP-Message = > > > > <1><1><0><16><18><10><0><0><15><2><0><4><0><0><0><1> > > > > > Message-Authenticator = > > > <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> > > > > > > Thu Jun 24 19:02:13 2010: DEBUG: Packet dump: > > > *** Received from 192.168.1.152 port 2049 .... > > > Code: Access-Request > > > Identifier: 10 > > > Authentic: > > > <205><19><175><222><132><4>#<7><128><206><241><232><144><169><205>2 > > > Attributes: > > > User-Name = > > > "[email protected] > > > > " > > > > > NAS-IP-Address = 192.168.1.152 > > > NAS-Identifier = "Wireless LAN Access Point" > > > NAS-Port = 0 > > > Called-Station-Id = "00-80-48-67-43-25:SIM-Test" > > > Calling-Station-Id = "00-24-7D-4A-52-87" > > > Framed-MTU = 1400 > > > NAS-Port-Type = Wireless-IEEE-802-11 > > > Connect-Info = "CONNECT 11Mbps 802.11b" > > > EAP-Message = <2><1><0> > > > > <18><10><0><0><7><5><0><0><4><171><176><171><217>[$<216><231><10><135>|<1 > >81 > > > > >><172><167><245><16><1><0><1> Message-Authenticator = > > > > > > i<26>=/<243><153>,<192><215><237>~<157><240><163><S > > > > > > Thu Jun 24 19:02:13 2010: DEBUG: Handling request with Handler > > > 'Realm=DEFAULT' > > > Thu Jun 24 19:02:13 2010: DEBUG: Deleting session for > > > [email protected], 192.168.1.152, 0 > > > Thu Jun 24 19:02:13 2010: DEBUG: Handling with Radius::AuthSIM: > > > Thu Jun 24 19:02:13 2010: DEBUG: Handling with EAP: code 2, 1, 32, 18 > > > Thu Jun 24 19:02:13 2010: DEBUG: Response type 18 > > > Thu Jun 24 19:02:13 2010: DEBUG: .......................... > > > 2c191a3d8f1a2fd2553ff272433f142 | c56c879a | 2098f32fbf3e86b1 > > > ................... > > > Thu Jun 24 19:02:13 2010: DEBUG: EAP result: 3, EAP SIM/Challenge > > > Thu Jun 24 19:02:13 2010: DEBUG: AuthBy SIM result: CHALLENGE, EAP > > > SIM/Challenge > > > Thu Jun 24 19:02:13 2010: DEBUG: Access challenged for > > > [email protected]: EAP SIM/Challenge > > > Thu Jun 24 19:02:13 2010: DEBUG: Packet dump: > > > *** Sending to 192.168.1.152 port 2049 .... > > > Code: Access-Challenge > > > Identifier: 10 > > > Authentic: g<141><12><241>Bt<201>zf<202>lG<216>W<166>} > > > Attributes: > > > EAP-Message = > > > > <1><2><0>P<18><11><0><0><1><13><0><0>,<25><26>=<143><26>/<210>U?<242>rC?< > >20 > > > > >> ,<25><26>=<143><26>/<210>U?<242>rC?<20> > > > > > > ,<25><26>=<143><26>/<210>U?<242>rC?<20> > > > <11><5><0><0><234><197>L'<152><227><237><153><164>^<200><152>P<239><10> > > >h Message-Authenticator = > > > <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> > > > > > > Thu Jun 24 19:02:17 2010: DEBUG: Packet dump: > > > *** Received from 192.168.1.152 port 2049 .... > > > Code: Access-Request > > > Identifier: 11 > > > Authentic: > > > <238>H<203><145><189><211><135>g<230><145><233><234>R<170>+5 > > > Attributes: > > > User-Name = > > > "[email protected] > > > > " > > > > > NAS-IP-Address = 192.168.1.152 > > > NAS-Identifier = "Wireless LAN Access Point" > > > NAS-Port = 0 > > > Called-Station-Id = "00-80-48-67-43-25:SIM-Test" > > > Calling-Station-Id = "00-24-7D-4A-52-87" > > > Framed-MTU = 1400 > > > NAS-Port-Type = Wireless-IEEE-802-11 > > > Connect-Info = "CONNECT 11Mbps 802.11b" > > > EAP-Message = <2><2><0><12><18><14><0><0><22><1><0><0> > > > Message-Authenticator = > > > <164>.n<14><227><19>szL<200><175><193><221><21>#' > > > > > > Thu Jun 24 19:02:17 2010: DEBUG: Handling request with Handler > > > 'Realm=DEFAULT' > > > Thu Jun 24 19:02:17 2010: DEBUG: Deleting session for > > > [email protected], 192.168.1.152, 0 > > > Thu Jun 24 19:02:17 2010: DEBUG: Handling with Radius::AuthSIM: > > > Thu Jun 24 19:02:17 2010: DEBUG: Handling with EAP: code 2, 2, 12, 18 > > > Thu Jun 24 19:02:17 2010: DEBUG: Response type 18 > > > Thu Jun 24 19:02:17 2010: WARNING: EAP SIM Client Error code 0: Unable > > > to Process > > > Thu Jun 24 19:02:17 2010: DEBUG: EAP result: 1, EAP SIM Client Error > > > Thu Jun 24 19:02:17 2010: DEBUG: AuthBy SIM result: REJECT, EAP SIM > > > > Client > > > > > Error > > > Thu Jun 24 19:02:17 2010: INFO: Access rejected for > > > [email protected]: EAP SIM Client > > > > Error > > > > > Thu Jun 24 19:02:17 2010: DEBUG: Packet dump: > > > *** Sending to 192.168.1.152 port 2049 .... > > > Code: Access-Reject > > > Identifier: 11 > > > Authentic: > > > #<145><185><187><185>y<216><180><140><26>B<217><176><210><146><224> > > > Attributes: > > > EAP-Message = <4><2><0><4> > > > Message-Authenticator = > > > <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> > > > Reply-Message = "Request Denied" > > > > ------------------------------------------------------------------------- > >-- > > > > >------------------------------------------------------------------------ > > >---- ---------------------- > > > > > > The CGI program I am invoking returns the following > > > > > > TRANS_ID=102 > > > PRIM_ID=56242 > > > IMSI=405803190032618 > > > RESPONSE_CODE=0 > > > VECTOR_COUNT=1 > > > VECTOR_TYPE=2G > > > RAND=c2de1c1ec4d73dc1e6ece5ce624e85 > > > SRES=84566be > > > KC=bb2a2c1388718b99 > > > ; > > > > ------------------------------------------------------------------------- > >-- > > > > >------------------------------------------------------------------------ > > >---- ---------------------- > > > > > > > > > Wondering What is going Wrong ? Any help is much appreciated. > > > > -- > > Mike McCauley [email protected] > > Open System Consultants Pty. Ltd > > 9 Bulbul Place Currumbin Waters QLD 4223 Australia > > http://www.open.com.au > > Phone +61 7 5598-7474 Fax +61 7 5598-7070 > > > > Radiator: the most portable, flexible and configurable RADIUS server > > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, > > TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, > > DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare > > etc. -- Mike McCauley [email protected] Open System Consultants Pty. Ltd 9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au Phone +61 7 5598-7474 Fax +61 7 5598-7070 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
