0

我希望将来自 freeRADIUS 的 EAP-SIM 请求代理到 freeDiameter,该过程涉及:

  1. 在 freeRADIUS 上设置代理(我的状态请求未被代理)
  2. 在 freeDiameter 上设置 NAS(由于缺少文档,我无法理解在哪里将 Radius 定义为 NAS)
  3. 将消息发送回 freeRADIUS(我认为一旦完成上述任务,Diameter 会自动完成)

我目前的状态是 freeRADIUS 是:

[suffix] Looking up realm "wlan.mnc010.mcc404.3gppnetwork.org" for ser-Name = "1404100508859867@wlan.mnc010.mcc404.3gppnetwork.org"
[suffix] Found realm "wlan.mnc010.mcc404.3gppnetwork.org"
[suffix] Adding Stripped-User-Name = "1404100508859867"
[suffix] Adding Realm = "wlan.mnc010.mcc404.3gppnetwork.org"
[suffix] Proxying request from user 1404100508859867 to realm wlan.mnc010.mcc404.3gppnetwork.org
[suffix] Preparing to proxy authentication request to realm "wlan.mnc010.mcc404.3gppnetwork.org" 
++[suffix] = updated
[eap] Request is supposed to be proxied to Realm wlan.mnc010.mcc404.3gppnetwork.org.  Not doing EAP.
++[eap] = noop

最后,我收到一条错误消息,上面写着:

+} # group authorize = updated
ERROR: Failed to find live home server for realm wlan.mnc010.mcc404.3gppnetwork.org
There was no response configured: rejecting request 6
Using Post-Auth-Type REJECT
# Executing group from file /etc/raddb/sites-enabled/default
+group REJECT {
[attr_filter.access_reject]     expand: %{User-Name} -> 1404100508859867@wlan.mnc010.mcc404.3gppnetwork.org
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] = updated
+} # group REJECT = updated

我无法理解我可能做错了什么

另外,需要注意的是,我的 Diameter 中没有任何调试:

freeDiameterd
libfdproto initialized.
libgnutls '2.12.23', libgcrypt '1.4.5', initialized.
Generating fresh Diffie-Hellman parameters of size 1024 (this takes some time)... 
All extensions loaded.
-- Configuration :
  Debug trace level ...... : +1
  Configuration file ..... : /usr/etc/freeDiameter/freeDiameter.conf
  Diameter Identity ...... : diameter.<identity hidden> (l:19)
  Diameter Realm ......... : <identity hidden> (l:10)
  Tc Timer ............... : 30
  Tw Timer ............... : 30
  Local port ............. : 3868
  Local secure port ...... : 3869
  Number of SCTP streams . : 30
  Number of server threads : 4
  Local endpoints ........ : 
                             [103.206.180.2]:0 {C---}
  Local applications ..... : (none)
  Flags : - IP ........... : Enabled
          - IPv6 ......... : DISABLED
          - Relay app .... : DISABLED
          - TCP .......... : Enabled
          - SCTP ......... : DISABLED
          - Pref. proto .. : SCTP
          - TLS method ... : Separate port
  TLS :   - Certificate .. : /etc/ssl/certs/freeDiameter.pem
          - Private key .. : /etc/ssl/private/freeDiameter.key
          - CA (trust) ... : /etc/ssl/certs/freeDiameter.pem (1 certs)
          - CRL .......... : (none)
          - Priority ..... : (default: 'NORMAL')
          - DH bits ...... : 1024
  Origin-State-Id ........ : 1493381358
freeDiameterd daemon initialized.

在这方面的所有帮助将是非常可观的。

4

0 回答 0