23,125
社区成员
发帖
与我相关
我的任务
分享freeradius下AKA与SIM的问题
freeradius已搭建。可获取手机发送的包。
但现在问题是,无论是sim验证还是aka验证,服务器只要一获得请求便立即拒绝。
secret是正确的,主要是提示
1.无start。 实际上第一个手机发送的包应当是有start的。
2.sim下找不到rand1,aka下找不到rand。我曾经调试过程序,各种key都是空的。此时手机其实还没有发送key呢。
所以就这么悲剧了。接到第一个请求包直接回送reject,后边的respond challenge都没出现过。
但我用终端运行eapradclient测试sim是成功的(aka算法还没完成)
还望有这方面经验的朋友不吝赐教。
附:服务器端部分错误信息
[eap] EAP packet type response id 0 length 21
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
[sql] expand: %{User-Name} -> 0460011032624046
[sql] sql_set_user escaped user --> '0460011032624046'
rlm_sql (sql): Reserving sql socket id: 0
[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '0460011032624046' ORDER BY id
[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '0460011032624046' ORDER BY priority
rlm_sql (sql): Released sql socket id: 0
[sql] User 0460011032624046 not found
++[sql] returns notfound
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group EAP {...}
[eap] EAP Identity
[eap] processing type sim
can not initiate sim, no RAND1 attribute
[eap] Default EAP type sim failed in initiate
[eap] Failed in EAP select
但现在问题是,无论是sim验证还是aka验证,服务器只要一获得请求便立即拒绝。
secret是正确的,主要是提示
1.无start。 实际上第一个手机发送的包应当是有start的。
2.sim下找不到rand1,aka下找不到rand。我曾经调试过程序,各种key都是空的。此时手机其实还没有发送key呢。
所以就这么悲剧了。接到第一个请求包直接回送reject,后边的respond challenge都没出现过。
但我用终端运行eapradclient测试sim是成功的(aka算法还没完成)
还望有这方面经验的朋友不吝赐教。
附:服务器端部分错误信息
[eap] EAP packet type response id 0 length 21
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
[sql] expand: %{User-Name} -> 0460011032624046
[sql] sql_set_user escaped user --> '0460011032624046'
rlm_sql (sql): Reserving sql socket id: 0
[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '0460011032624046' ORDER BY id
[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '0460011032624046' ORDER BY priority
rlm_sql (sql): Released sql socket id: 0
[sql] User 0460011032624046 not found
++[sql] returns notfound
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group EAP {...}
[eap] EAP Identity
[eap] processing type sim
can not initiate sim, no RAND1 attribute
[eap] Default EAP type sim failed in initiate
[eap] Failed in EAP select
...全文
请发表友善的回复…
发表回复
