From: Alan T. DeKok <aland@freeradius.org>
Date: Tue, 24 Mar 2009 19:18:58 +0000 (-0700)
Subject: Documentation for WiMAX
X-Git-Tag: release_2_1_7~227
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=577c6d07304e62316f44d06225d91682fbd74e56;p=thirdparty%2Ffreeradius-server.git

Documentation for WiMAX
---

diff --git a/raddb/sites-available/default b/raddb/sites-available/default
index d3798a4dc36..9cd37dddcf9 100644
--- a/raddb/sites-available/default
+++ b/raddb/sites-available/default
@@ -96,6 +96,15 @@ authorize {
 	#  line in the 'authenticate' section.
 #	digest
 
+	#
+	#  The WiMAX specification says that the Calling-Station-Id
+	#  is 6 octets of the MAC.  This definition conflicts with
+	#  RFC 3580, and all common RADIUS practices.  Un-commenting
+	#  the "wimax" module here means that it will fix the
+	#  Calling-Station-Id attribute to the normal format as
+	#  specified in RFC 3580 Section 3.21
+#	wimax
+
 	#
 	#  Look for IPASS style 'realm/', and if not found, look for
 	#  '@realm', and decide whether or not to proxy, based on
@@ -408,6 +417,28 @@ post-auth {
 
 	exec
 
+	#
+	#  Calculate the various WiMAX keys.  In order for this to work,
+	#  you will need to define the WiMAX NAI, usually via
+	#
+	#	update request {
+	#	       WiMAX-MN-NAI = "%{User-Name}"
+	#	}
+	#
+	#  If you want various keys to be calculated, you will need to
+	#  update the reply with "template" values.  The module will see
+	#  this, and replace the template values with the correct ones
+	#  taken from the cryptographic calculations.  e.g.
+	#
+	# 	update reply {
+	#		WiMAX-FA-RK-Key = 0x00
+	#	}
+	#
+	#  Do this at some point before running the "wimax" module.
+	#
+#	wimax
+
+
 	#
 	#  Access-Reject packets are sent through the REJECT sub-section of the
 	#  post-auth section.