[RADIATOR] Help with EAP-SIM simulator for evaluation
Mike McCauley
mikem at open.com.au
Mon Jan 10 17:35:38 CST 2011
Hello Heikki and support,
Just to let you know that this evaluator told us in his eval request he was
mostly interested in the MAP gateway simulator.
We are a bit suspicious about his intentions and whether he will actually
purchase if successful, so if you notice anything odd about what hes up to,
please let us know.
The Cisco MAP interface is only provided on demand to customers who can
confirm they have a Cisco ITP MAP gateway license. This is for legal reasons.
Cheers.
On Tuesday 11 January 2011 05:02:13 am Heikki Vatiainen wrote:
> On 01/10/2011 05:34 PM, Effi Rand wrote:
> > I need some help with the configuration of the radiator as a MAP-GATEWAY
> > with radius interface. I'm not that experienced in this product and it's
> > important for me to evaluate this feature since the expire date is due in
> > 2 weeks.
> >
> > I was able to test the EAP-SIM with the SSGN simulator using the
> > "odyssey" wireless client (after we cached some triplets to a local file)
> > However , when I try to test it with the MAP-GATEWAY simulator (same
> > client), I fail to get the access-accept message.
>
> There are a couple of things you should try. I will go through them below:
> > # radius.cfg
> >
> > # $Id: linux-radius.cfg,v 1.3 2002/03/24 23:07:49 mikem Exp $
>
> Looks like most of the content is from goodies/eap_simoperator.cfg
>
> > AuthPort 1645,1812,1647
> > AcctPort 1646,1813,1648
>
> Please remove ports 1647 and 1648 since they will be used by map.cfg
>
> > <Realm DEFAULT>
> > <AuthBy SIMOPERATOR>
> > # The name or address of the example MAP gateway(s) that
> > will server this instance # Radius requests are sent to this gateway
> > requesting triplets etc. Host localhost
> > AuthPort 1647
> > Secret cisco
>
> Please check README section "Testing with the Radius MAP gateway
> simulator". What you should have listening on localhost port 1647 is
> another Radiator running configuration from goodies/map.cfg
>
> The example mpa.cfg uses port 1647 with secret mysecret
>
> What happens now is that this Radiator instanc gets the request that is
> intented for the MAP simulator. Like README says, you should two
> Radiator instances running at the same time:
>
> 4. Run the MAP gateway simulator:
> radiusd -config goodies/map.cfg
>
> 5. Run Radiator EAP-SIM server
> radiusd -config goodies/eap_simoperator.cfg
>
> > <AuthBy MAP>
> > TripletsFile
> > /tmp/Modules/Radius-EAP-SIM/goodies/triplets.dat Pin 0000
> > </AuthBy>
>
> Remove the <AuthBy MAP> block. This AuthBy will be handled by the second
> Radiator that uses map.cfg
>
> > </Realm>
> >
> > Another thing , in the README file , you mention that there is also a
> > cisco-ipt simulator under Radius-EAP-SIM/goodies/ciscomap.cfg
> >
> > There is no file like that.
>
> You are correct. If will check what has happened to it.
>
> > Another question , so far I've failed to test the iPhone EAP-SIM client
> > against the EAP-SIM simulator. Any idea what can be done ?
>
> I have not tried iPhone myself, but unless you have already downloaded
> iPhone configuration utility from Apple you may want to do that. The
> utility gives you control over many things, including WLAN settings
> where you can disable all the other WPA-Enterprise methods.
>
> Thanks!
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd
9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
More information about the radiator
mailing list