Hello Heikki, As a follow-up to my previous e-mail, I found out that the IMSI information sometimes appear on the User-Name attribute (with an additional prefix of 1) and sometimes as part of the long value of the EAP-Message attribute. It's not consistent though. But lately I noticed that the User-Name attribute now contains TMSI instead of IMSI and even the EAP-Message attribute, it's the TMSI that is present instead of IMSI. - - - < s n i p > - - -# grep -i 525053102410897 * | grep -v -i query | grep -v -i GSM-IMSI | grep -v -i DEBUGradiator-20110614.log: User-Name = "1525053102410897"radiator-20110614.log: EAP-Message = <2><0><0>8<1>1525053102410...@wlan.mnc005.mcc525.3gppnetwork.orgradiator-20110614.log: User-Name = "1525053102410897"radiator-20110614.log: User-Name = "1525053102410897"radiator-20110623.log: EAP-Message = <2><2><0>X<18><10><0><0><14><14><0>[email protected]<16><1><0><1><7><5><0><0>5k<129><138>u<152><132><213><20><146>Y<169><245>Y<238><196>radiator-20110714.log: EAP-Message = <2><2><0>X<18><10><0><0><14><14><0>[email protected]<16><1><0><1><7><5><0><0><241><169><204><25>2<190><157>u<189>]@<160>>A<130>j- - - < s n i p > - - - Is there any configuration that I can do in Radiator in order for me to see the actual IMSI value consistently in one of the RADIUS attribute from every Access-Request?
From: [email protected] To: [email protected] Date: Wed, 24 Aug 2011 23:30:00 +0800 CC: [email protected] Subject: Re: [RADIATOR] EAP-SIM Authentication Hello Heikki, > Date: Wed, 24 Aug 2011 11:12:16 +0300 > From: [email protected] > To: [email protected] > CC: [email protected] > Subject: Re: [RADIATOR] EAP-SIM Authentication > > Hmm, what does the User-Name attribute look like. Isn't IMSI part of the > username part? Below is a snippet from the first Access-Request: User-Name = "3d860eab069282e65" EAP-Message = <2><0><0>9<1>[email protected] The username contains the TMSI. In which RADIUS attribute I can exactly find the IMSI? > If not, you could take a look at the goodies/ examples in the SIM pack. > The example co nfigurations show there's AuthorisedHook which might be > useful: > > # AuthorisedHook is called when the SIM request is completely > # authorised, and before the Access-Accept is returned. > > One of the parameters is a pointer to EAP context Radiator keeps and the > IMSI should be available from the context information. Are you saying that I only have to uncomment the below line from the configuration? AuthorisedHook sub {print "here in AuthorisedHook @_\n";} Moving forward on the EAP-SIM authentication, if I am going to try authenticating via the API of the MAP gateway, I shoul d only be using the "AuthBy EXTERNAL" and execute a script whenever there is an Access-Request and I don't need the configurations of the "AuthBy SIMOPERATOR" anymore, right? Please advice. Thank you once again. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
_______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
