Hi,
I'm trying to configure my GPRS network to
Authenticate with username/password to FreeRadius
before having an access to Kannel WAP gateway. But
whenever I setup my NAS(CISCO) in a Non-Transparent
accessmode, the mobile wap users cannot perform WAP
browsing. As per radius logs it successfully
authenticates but it does'nt redirect to the WAP
Gateway. I dont know if i'm doing it the right way.
Below are my scenario and the radius logs.
Thanks for any help and reply...
Scenario:
MobileWAP ---->NAS <------> FreeRadius
Access-Accept
-------> WAP Browsing <---> Kannel
Radius Logs:
rad_recv: Access-Request packet from host
10.100.80.10:21817, id=103, length=102
User-Name = "[EMAIL PROTECTED]"
User-Password = "053197"
Called-Station-Id = "nus_apn"
Calling-Station-Id = "XXXXXXXXXXXX" (Intentionally
omitted)
Framed-Protocol = GPRS-PDP-Context
NAS-Port-Type = Virtual
NAS-Port = 60000
Service-Type = Framed-User
NAS-IP-Address = 10.100.80.10
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok
for request 6
modcall[authorize]: module "chap" returns noop for
request 6
modcall[authorize]: module "mschap" returns noop for
request 6
rlm_realm: Looking up realm "WAP" for User-Name =
"[EMAIL PROTECTED]"
rlm_realm: Found realm "WAP"
rlm_realm: Adding Stripped-User-Name = "nus"
rlm_realm: Proxying request from user nus to realm
WAP
rlm_realm: Adding Realm = "WAP"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for
request 6
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for
request 6
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
modcall[authorize]: module "files" returns ok for
request 6
modcall: leaving group authorize (returns ok) for
request 6
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
modcall[authenticate]: module "unix" returns ok for
request 6
modcall: leaving group authenticate (returns ok) for
request 6
Sending Access-Accept of id 103 to 10.100.80.10 port
21817
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
Finished request 6
Going to the next request
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host
10.100.80.10:21817, id=104, length=125
Acct-Session-Id = "CA8A9FCA332B546"
Framed-Protocol = GPRS-PDP-Context
Called-Station-Id = "nus_apn"
Calling-Station-Id = "XXXXXXXXXXXX" (Intentionally
omitted)
Framed-IP-Address = 10.150.192.130
Acct-Authentic = RADIUS
User-Name = "[EMAIL PROTECTED]"
Acct-Status-Type = Start
NAS-Port-Type = Virtual
NAS-Port = 60000
Service-Type = Framed-User
NAS-IP-Address = 10.100.80.10
Acct-Delay-Time = 0
Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 7
modcall[preacct]: module "preprocess" returns noop
for request 7
rlm_acct_unique: Hashing 'NAS-Port =
60000,Client-IP-Address = 10.100.80.10,NAS-IP-Address
= 10.100.80.10,Acct-Session-Id =
"CA8A9FCA332B546",User-Name = "[EMAIL PROTECTED]"'
rlm_acct_unique: Acct-Unique-Session-ID =
"fe3b2a13273eb6bc".
modcall[preacct]: module "acct_unique" returns ok
for request 7
rlm_realm: Looking up realm "WAP" for User-Name =
"[EMAIL PROTECTED]"
rlm_realm: Found realm "WAP"
rlm_realm: Adding Stripped-User-Name = "nus"
rlm_realm: Proxying request from user nus to realm
WAP
rlm_realm: Adding Realm = "WAP"
rlm_realm: Accounting realm is LOCAL.
modcall[preacct]: module "suffix" returns noop for
request 7
modcall[preacct]: module "files" returns noop for
request 7
modcall: leaving group preacct (returns ok) for
request 7
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 7
radius_xlat:
'/usr/local/var/log/radius/radacct/10.100.80.10/detail-20061013'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.100.80.10/detail-20061013
modcall[accounting]: module "detail" returns ok for
request 7
modcall[accounting]: module "unix" returns ok for
request 7
radius_xlat: '/usr/local/var/log/radius/radutmp'
radius_xlat: '[EMAIL PROTECTED]'
modcall[accounting]: module "radutmp" returns ok for
request 7
modcall: leaving group accounting (returns ok) for
request 7
Sending Accounting-Response of id 104 to 10.100.80.10
port 21817
Finished request 7
Going to the next request
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 5 ID 102 with timestamp 452f6d4c
Cleaning up request 6 ID 103 with timestamp 452f6d4c
Cleaning up request 7 ID 104 with timestamp 452f6d4c
Nothing to do. Sleeping until we see a request.
rad_recv: Accounting-Request packet from host
10.100.80.10:21817, id=112, length=161
Acct-Session-Id = "CA8A9FCA332B546"
Framed-Protocol = GPRS-PDP-Context
Called-Station-Id = "nus_apn"
Calling-Station-Id = "XXXXXXXXXXXX" (Intentionally
omitted)
Framed-IP-Address = 10.150.192.130
Acct-Authentic = RADIUS
Acct-Session-Time = 19
Acct-Input-Octets = 85
Acct-Output-Octets = 113
Acct-Input-Packets = 1
Acct-Output-Packets = 1
Acct-Terminate-Cause = User-Request
User-Name = "[EMAIL PROTECTED]"
Acct-Status-Type = Stop
NAS-Port-Type = Virtual
NAS-Port = 60000
Service-Type = Framed-User
NAS-IP-Address = 10.100.80.10
Acct-Delay-Time = 0
Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 8
modcall[preacct]: module "preprocess" returns noop
for request 8
rlm_acct_unique: Hashing 'NAS-Port =
60000,Client-IP-Address = 10.100.80.10,NAS-IP-Address
= 10.100.80.10,Acct-Session-Id =
"CA8A9FCA332B546",User-Name = "[EMAIL PROTECTED]"'
rlm_acct_unique: Acct-Unique-Session-ID =
"fe3b2a13273eb6bc".
modcall[preacct]: module "acct_unique" returns ok
for request 8
rlm_realm: Looking up realm "WAP" for User-Name =
"[EMAIL PROTECTED]"
rlm_realm: Found realm "WAP"
rlm_realm: Adding Stripped-User-Name = "nus"
rlm_realm: Proxying request from user nus to realm
WAP
rlm_realm: Adding Realm = "WAP"
rlm_realm: Accounting realm is LOCAL.
modcall[preacct]: module "suffix" returns noop for
request 8
modcall[preacct]: module "files" returns noop for
request 8
modcall: leaving group preacct (returns ok) for
request 8
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 8
radius_xlat:
'/usr/local/var/log/radius/radacct/10.100.80.10/detail-20061013'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.100.80.10/detail-20061013
modcall[accounting]: module "detail" returns ok for
request 8
modcall[accounting]: module "unix" returns ok for
request 8
radius_xlat: '/usr/local/var/log/radius/radutmp'
radius_xlat: '[EMAIL PROTECTED]'
modcall[accounting]: module "radutmp" returns ok for
request 8
modcall: leaving group accounting (returns ok) for
request 8
Sending Accounting-Response of id 112 to 10.100.80.10
port 21817
Finished request 8
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 8 ID 112 with timestamp 452f6d5f
Nothing to do. Sleeping until we see a request
NUS
__________________________________
What is the internet to you?
Contribute to the Yahoo! Time Capsule and be a part of internet history.
http://timecapsule.yahoo.com/capsule.php?intl=ph
