On 01/12/2011 06:01 PM, Effi Rand wrote: Hello Effi,
> I have tried it with your remarks (though I had to use the > eap_simoperator.cfg as the /etc/radius.cfg , with the map.cfg as a second > instance) and it worked. Good to hear. > I still can't get the iPhone EAPSIM authentication to work even though the > MAP output says it's accepted. The log from the main instance says not enough > credentials. Please check the value of NumTriplets in your configuration file. Based on the log below, the value seems to be 2. Try with 3. The EAP SIM RFC says valid values are 2 or 3 and the correct settings depends on the peer policy. Note that if you are using triplets file, you need to extract more triplets in it in case you have only extracted two so far. > Code: Access-Request > Identifier: 8 > Authentic: 9"<236><26>SC<225><171><209><9><18><251><155><225><135><211> > Attributes: > GSM-IMSI = "310410318197284" > GSM-NumTriplets = 2 Two triplets are being requests from MAP. > Tue Jan 11 17:46:56 2011: WARNING: EAP SIM Client Error code 2: Insufficient > Challenges Two is not enough for the client. > Log from the map: The MAP log also shows two triplets being used. > Any idea on the cause ? ofcourse I used the iphone utility to set the EAPSIM > authentication. Please let us know if this gets iPhone working. Thanks! Heikki -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
