[Dime] EAP-SIM transfer to proxy freeRADIUS to freeDiameter
Krauss International <sanman.krauss@gmail.com> Fri, 28 April 2017 17:44 UTC
Return-Path: <sanman.krauss@gmail.com>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4BAA12932A for <dime@ietfa.amsl.com>; Fri, 28 Apr 2017 10:44:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j_zyT_srDEGw for <dime@ietfa.amsl.com>; Fri, 28 Apr 2017 10:44:07 -0700 (PDT)
Received: from mail-yw0-x22d.google.com (mail-yw0-x22d.google.com [IPv6:2607:f8b0:4002:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 003041273B1 for <dime@ietf.org>; Fri, 28 Apr 2017 10:40:13 -0700 (PDT)
Received: by mail-yw0-x22d.google.com with SMTP id k11so34275208ywb.1 for <dime@ietf.org>; Fri, 28 Apr 2017 10:40:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=kYUxg5EHZZSUHVxURBke96FFuXJHvd8nZNAIWCD6+qY=; b=XqzSXzXJRIBZ2/FElesrNl/dWv9I6KaEKoVlKwvmjEHeBcAaYFf+qy67RAvx3MyLP2 gRKLloILzaNEN+qxG49EiUPQR5/2q3ExmSvh39lP73mFwhtputFDidfLnM98dYb/2l/9 krz27VEAmJwA1tK0Inzbagcklu5RJsApAl2aFmfXuXVRR0R3JcCGQOoCB4pxLgA4c3tq jzpNShTM42np4vRUQUrMHdhTrJex4OQIqsmS+LKVap1lHYajLblpowpPQYc7yJLWFOx+ EdIat766yJ8d6BgvU3Z7dxDxCIVzOsxBZOKxEgXhl5bWiFfsXjMKDxduPnLQAvFGvtyV 12HQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=kYUxg5EHZZSUHVxURBke96FFuXJHvd8nZNAIWCD6+qY=; b=N8qm7T5xIfJbe5bqvYHr6atQh5gz2cLKbw7hT38vHPnf/f0I8vjASUyK4fSoT1OMNi Jl33Eus2l3CCccmsYxsO3GmAlZHtb4yBzpfqzwJx/YToFhSJgtxcbVH5aJKtsIqb1ofP Z0B02g/pPEpWjnLcb8DEM91wh3V6k/AGTOOFoq75p+sUKqc5vheTKo4Uo+HrisIrLG9o AEBoegS+lAApvSJrqpAlp4RMubMtbQ8HVTvPvU74RDALRwPzwgwaLRDH8IEUOXW0TOPi bLoNkIoafpTuRT7IeIBaNuS31YCfxhEavgP6XzOv9gJ/SsoHbTCTLFsrQmpm/RxxQ3a+ zy5w==
X-Gm-Message-State: AN3rC/6E7+2PCuwr3VDnLjZoqVU6IIWMGbqtz5LzlM1WZQzSViw0a88N wKN9qx5pRTEUnK7yvBjv5upzZqK9J0DN
X-Received: by 10.129.160.144 with SMTP id x138mr10137692ywg.302.1493401213066; Fri, 28 Apr 2017 10:40:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.53.13 with HTTP; Fri, 28 Apr 2017 10:40:12 -0700 (PDT)
From: Krauss International <sanman.krauss@gmail.com>
Date: Fri, 28 Apr 2017 23:10:12 +0530
Message-ID: <CAGGf3Gj-H3e9DLs6Cod6=u4Ls7c-ZVpTdKDEeuSx5y_Yz+66vw@mail.gmail.com>
To: dime@ietf.org
Content-Type: multipart/alternative; boundary="94eb2c07ebf2d01433054e3d9051"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dime/GIQjnb6U9ahnBiMoUgxxr6eqtXE>
Subject: [Dime] EAP-SIM transfer to proxy freeRADIUS to freeDiameter
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dime/>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Apr 2017 17:56:02 -0000
I am looking to proxy EAP-SIM request from freeRADIUS to freeDiameter, the process involves: 1. Set proxy on freeRADIUS (my status is requested is not being proxied) 2. Set NAS on freeDiameter (due to lack of documentation I am not able to understand where to define Radius as a NAS) 3. Send message back to freeRADIUS (I think this will be done automatically by Diameter once the above tasks are completed) my current status is freeRADIUS is: [suffix] Looking up realm "wlan.mnc010.mcc404.3gppnetwork.org" for ser-Name = "1404100508859867@wlan.mnc010.mcc404.3gppnetwork.org" [suffix] Found realm "wlan.mnc010.mcc404.3gppnetwork.org" [suffix] Adding Stripped-User-Name = "1404100508859867" [suffix] Adding Realm = "wlan.mnc010.mcc404.3gppnetwork.org" [suffix] Proxying request from user 1404100508859867 to realm wlan.mnc010.mcc404.3gppnetwork.org [suffix] Preparing to proxy authentication request to realm "wlan.mnc010.mcc404.3gppnetwork.org" ++[suffix] = updated [eap] Request is supposed to be proxied to Realm wlan.mnc010.mcc404.3gppnetwork.org. Not doing EAP. ++[eap] = noop in the end, I get an error message which says: +} # group authorize = updated ERROR: Failed to find live home server for realm wlan.mnc010.mcc404.3gppnetwork.org There was no response configured: rejecting request 6 Using Post-Auth-Type REJECT # Executing group from file /etc/raddb/sites-enabled/default +group REJECT { [attr_filter.access_reject] expand: %{User-Name} -> 1404100508859867@wlan.mnc010.mcc404.3gppnetwork.org attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] = updated +} # group REJECT = updated I am not able to understand what I might be doing wrong Also, a point to note I don't get any debug in my Diameter: freeDiameterd libfdproto initialized. libgnutls '2.12.23', libgcrypt '1.4.5', initialized. Generating fresh Diffie-Hellman parameters of size 1024 (this takes some time)... All extensions loaded. -- Configuration : Debug trace level ...... : +1 Configuration file ..... : /usr/etc/freeDiameter/freeDiameter.conf Diameter Identity ...... : diameter.<identity hidden> (l:19) Diameter Realm ......... : <identity hidden> (l:10) Tc Timer ............... : 30 Tw Timer ............... : 30 Local port ............. : 3868 Local secure port ...... : 3869 Number of SCTP streams . : 30 Number of server threads : 4 Local endpoints ........ : [103.206.180.2]:0 {C---} Local applications ..... : (none) Flags : - IP ........... : Enabled - IPv6 ......... : DISABLED - Relay app .... : DISABLED - TCP .......... : Enabled - SCTP ......... : DISABLED - Pref. proto .. : SCTP - TLS method ... : Separate port TLS : - Certificate .. : /etc/ssl/certs/freeDiameter.pem - Private key .. : /etc/ssl/private/freeDiameter.key - CA (trust) ... : /etc/ssl/certs/freeDiameter.pem (1 certs) - CRL .......... : (none) - Priority ..... : (default: 'NORMAL') - DH bits ...... : 1024 Origin-State-Id ........ : 1493381358 freeDiameterd daemon initialized. All the help in this will be highly appreciable. Thanks & regards Mankomal Singh Krauss International P: +91-9910416231 E: ms@kc-india.com PS: Send all bulk emails to sanman.krauss@gmail.com ONLY
- [Dime] EAP-SIM transfer to proxy freeRADIUS to fr… Krauss International