Question

我希望将freeRADIUS的EAP-SIM请求代理到freeDiameter，该过程涉及：

在freeRADIUS上设置代理（请求状态未被代理）
在freeDiameter上设置NAS（由于缺少文档，我无法理解将Radius定义为NAS的位置）
发送消息回freeRADIUS（我认为一旦上述任务完成，这将由Diameter自动完成）

我目前的状态是freeRADIUS：

[suffix] Looking up realm "wlan.mnc010.mcc404.3gppnetwork.org" for ser-Name = "1404100508859867@wlan.mnc010.mcc404.3gppnetwork.org"
[suffix] Found realm "wlan.mnc010.mcc404.3gppnetwork.org"
[suffix] Adding Stripped-User-Name = "1404100508859867"
[suffix] Adding Realm = "wlan.mnc010.mcc404.3gppnetwork.org"
[suffix] Proxying request from user 1404100508859867 to realm wlan.mnc010.mcc404.3gppnetwork.org
[suffix] Preparing to proxy authentication request to realm "wlan.mnc010.mcc404.3gppnetwork.org" 
++[suffix] = updated
[eap] Request is supposed to be proxied to Realm wlan.mnc010.mcc404.3gppnetwork.org.  Not doing EAP.
++[eap] = noop

最后，我收到一条错误消息：

+} # group authorize = updated
ERROR: Failed to find live home server for realm wlan.mnc010.mcc404.3gppnetwork.org
There was no response configured: rejecting request 6
Using Post-Auth-Type REJECT
# Executing group from file /etc/raddb/sites-enabled/default
+group REJECT {
[attr_filter.access_reject]     expand: %{User-Name} -> 1404100508859867@wlan.mnc010.mcc404.3gppnetwork.org
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] = updated
+} # group REJECT = updated

我无法理解我可能做错了什么

另外，请注意我的Diameter中没有任何调试：

freeDiameterd
libfdproto initialized.
libgnutls '2.12.23', libgcrypt '1.4.5', initialized.
Generating fresh Diffie-Hellman parameters of size 1024 (this takes some time)... 
All extensions loaded.
-- Configuration :
  Debug trace level ...... : +1
  Configuration file ..... : /usr/etc/freeDiameter/freeDiameter.conf
  Diameter Identity ...... : diameter.<identity hidden> (l:19)
  Diameter Realm ......... : <identity hidden> (l:10)
  Tc Timer ............... : 30
  Tw Timer ............... : 30
  Local port ............. : 3868
  Local secure port ...... : 3869
  Number of SCTP streams . : 30
  Number of server threads : 4
  Local endpoints ........ : 
                             [103.206.180.2]:0 {C---}
  Local applications ..... : (none)
  Flags : - IP ........... : Enabled
          - IPv6 ......... : DISABLED
          - Relay app .... : DISABLED
          - TCP .......... : Enabled
          - SCTP ......... : DISABLED
          - Pref. proto .. : SCTP
          - TLS method ... : Separate port
  TLS :   - Certificate .. : /etc/ssl/certs/freeDiameter.pem
          - Private key .. : /etc/ssl/private/freeDiameter.key
          - CA (trust) ... : /etc/ssl/certs/freeDiameter.pem (1 certs)
          - CRL .......... : (none)
          - Priority ..... : (default: 'NORMAL')
          - DH bits ...... : 1024
  Origin-State-Id ........ : 1493381358
freeDiameterd daemon initialized.

这方面的所有帮助都非常值得赞赏。

freeradius请求代理到freediameter

0 个答案: