kevin wrote:
How can I return Reject-Packet without default attributes?
It seems that the default attributes in the users file are returned
regardless of Accept or Reject.
I don't want to give a hint to hacker who can try a lot of rejects.
Is there a way? Somebody suggested Exec-Program-Wait
[EMAIL PROTECTED] wrote:
People might be able to do more if they had configs and debug output (-X)
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info/subscribe/unsubscribe? See
Armin,
At 15:40 24/08/05, you wrote:
Ok, the hole day i tried to get it to work but this time when i install
the certificate as a machine zertifikate the radius authentifikation log
ends up with this log below.
The Certificates where generated with openssl and all works fine as User
- Original Message -
From: Madhvi Gokool [EMAIL PROTECTED]
To: freeradius-users@lists.cistron.nl
Sent: Thursday, August 25, 2005 10:37 AM
Subject: FreeRadius 1.0.4
Hello
We have planned to replace our cistron radius servers with Freeradius.
We have the following setup :-
1. Users
Dear all,
I've configured my radius to load value of timeout based on NAS-Port-Type..
Using LDAP for user's entry..
In LDAP.. user's entry will have additional 2 attributes
TimeoutPSTN: 4000
TimeoutISDN: 1000
then in users file.. using exec to run small script to get correct value of
Hello,
I was hoping to send a few salt-encrypted VSAs to an ERX using
FreeRADIUS Version 1.0.4, but I can't find any examples of how to do
that. Is it possible, and if so, how?
The format of the VSAs is documented on
I also found using machine certificates to be hit and miss (some
machines they'd be picked up, others they wouldn't - all XP SP2 with
appropriate patches).
And then I stumbled on this
http://lists.cistron.nl/pipermail/freeradius-users/2004-July/034141.html
1.3.6.1.4.1.311.17.2
After I started
Hi, i found this thred yesterday and tried it out to add this OID but it had no effekt...OK maybe i made somthing wrong. Could you describe how you added this oid to your machine zertifikate? Today i built completely new root,server and client certificates depending on the article in
System pocztowy Galtex S.A. informuje, iz Twoja wiadomosc zostala dostarczona
Wiadomosc wygenerowana automatycznie przez system pocztowy uzytkownika belskia
Prosze na ta wiadomosc nie odpowiadac.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
Richard Cotrina [EMAIL PROTECTED] wrote:
(gdb) display mysql_sock
1: mysql_sock = (rlm_sql_mysql_sock *) 0x5f6c7173
That's bad. That's very bad. It's the ASCII string sql_,
interpreted as a pointer on an x86 machine. No wonder it crashes.
The short answer is
Hi
Has anybody got a digital certificate (with the extended key usage
attributes required for PEAP) installed on their FreeRADIUS box that has
been signed by a commercial trusted CA?
I have come to suspect that this is impossible due to the fact that
Verisign are the only company marketing such
Bjørn Mork [EMAIL PROTECTED] writes:
I was hoping to send a few salt-encrypted VSAs to an ERX using
FreeRADIUS Version 1.0.4, but I can't find any examples of how to do
that. Is it possible, and if so, how?
I should have Googled a bit more before posting...
I have now read the relevant part
sean [EMAIL PROTECTED] wrote:
I have made no progress in resolving the radaccct problem.
Radius is loading with no error messages and I've gone over the
radiusd.conf and sql.conf a million times.
But not the responses on this list.
below is the output from Radius when a client logs in.
haizam [EMAIL PROTECTED] wrote:
In LDAP.. user's entry will have additional 2 attributes
TimeoutPSTN: 4000
TimeoutISDN: 1000
then in users file.. using exec to run small script to get correct value of
sessiontimeout based on NAS-Port-Type
See raddb/ldap.attrmap You can map those
Ben Walding [EMAIL PROTECTED] wrote:
And then I stumbled on this
http://lists.cistron.nl/pipermail/freeradius-users/2004-July/034141.html
1.3.6.1.4.1.311.17.2
After I started adding that OID to my machine certs, everything
started working wonderfully.
That OID is added by the cert
Hi all,
I have the following setup that I am struggling to make it work;
Fedora core 3
FreeRadius 1.0.4
openssl .098
Dell TrueMobile 1170 Access Pointv2.3.3
Dell 802.11b/g cards for AP and supplicant
Windows XP SP2
I have a 2 part question.
1.I recall reading on this forum that, Windows XP
On Aug 25, 2005, at 10:34 AM, Hamid Salim wrote:
I have a 2 part question.
1.I recall reading on this forum that, Windows XP broke EAP-TLS, does
this apply to SP2 also?
I've had XP SP2 EAP-TLS clients running against FR with no problems.
Also, for what it's worth, I've built XP Embedded
Richard Cotrina [EMAIL PROTECTED] wrote:
Can you print out the contents of sqlsocket, too? Both the
structure contents, and the *hex* contents of that area of memory.
These values are what I've got :
(gdb) display sqlsocket
1: sqlsocket = (SQLSOCK *) 0x8092720
(gdb) x 0x8092720
rlm_exec what?
Thor Spruyt wrote:
kevin wrote:
How can I return Reject-Packet without default attributes?
It seems that the default attributes in the users file are returned
regardless of Accept or Reject.
I don't want to give a hint to hacker who can try a lot of rejects.
Is
Hi,
I am having problems with freeradius 1.04 on debian. I previously installed
the deb package, but later found out it doesn't support EAP-TLS, so had to
build from source. I built it with the following command:
./configure --with-rlm_eap_tls --disable-shared make make install
I have setup
I've loaded up radiusd into gdb and the bug looks the same as
http://bugs.freeradius.org/show_bug.cgi?id=98. That page says the solution is
to pass configure the --disable-shared flag, which I have done, yet the bug
remains.
Any help would be greatly appreciated,
Ben
Program received signal
Ben Dowling [EMAIL PROTECTED] wrote:
I've loaded up radiusd into gdb and the bug looks the same as
http://bugs.freeradius.org/show_bug.cgi?id=98. That page says the solution is
to pass configure the --disable-shared flag, which I have done, yet the bug
remains.
Then put the libraries some
Is this the freeradius libs it cannot find? And if so will adding the fr
lib directory to /etc/ld.so.conf fix the problem?
Thanks in advance, Ben
Alan DeKok wrote:
Ben Dowling [EMAIL PROTECTED] wrote:
I've loaded up radiusd into gdb and the bug looks the same as
Ben Dowling [EMAIL PROTECTED] wrote:
Is this the freeradius libs it cannot find? And if so will adding the fr
lib directory to /etc/ld.so.conf fix the problem?
No, it's probably the SSL libraries.
And, because libltdl is garbage, it can't handle this case. sigh
Alan DeKok.
-
List
Tariq Rashid [EMAIL PROTECTED] wrote:
can i enable a switch so that ABC.co.uk, aBc.Co.UK and so on are also
matched? however, we don't want the User-Name to be rewritten as per
to_lower in radiusd.conf
It's hard to do on a per-attribute basis. Source code patches are
pretty much the only
Ahh I've solved it - the library directory wasn't set correctly in the
radius conf file, I updated and it worked fine.
Thanks for the help, Ben
Alan DeKok wrote:
Ben Dowling [EMAIL PROTECTED] wrote:
Is this the freeradius libs it cannot find? And if so will adding the fr
lib directory to
Still not sure how to handle with rlm_exec.
Can anybody give me more details?
kevin
Thor Spruyt wrote:
kevin wrote:
How can I return Reject-Packet without default attributes?
It seems that the default attributes in the users file are returned
regardless of Accept or Reject.
I don't want
Alan,
I've tried to map new attributes in ldap.attrmap but for every match in
users file.. it will return both new attributes but the sessiontimeout still
ruturn no value..
So at the moment i stick to use exec to run external script unless
somebody can suggest better way to do it..
28 matches
Mail list logo
