Joe Maimon wrote:
I can test for existence of Attribute X and if exists, remove
attribute Y (using rlm_attr_filter -- I am sure there are other
things I could trysuch as rlm_perl(?) sending all A/V to a shell
script...)
rlm_perl should be able to do it, but you'll need the latest CVS
Hello All,
I m Harish Gupta from india, i m working in a
Telecom ISP company as system Administator and I m using freeradius
application on linux platform(CentOS4.0) for my dialup users . its working fine,
but i want to add a new attribute like "caller-id and calling-id " how can add
Hi all. I have a hardware that sends me accounting using radius protocol
i have two records:
(Acct-Session-Id, Start Record)
14346//[EMAIL PROTECTED]/40AB4B43 ADA86932 80450002
401E622/originate/VoIP62.152.64.32
(Acct-Session-Id, Stop Record)
14346///40AB4B43 ADA86932 80450002
Tim O'Donovan wrote:
Hi Harish,
I am trying to accomplish almost exactly the same thing on our
freeradius setup. Our NAS servers send us an additional attribute,
'Timestamp', in UNIX time, but at the moment our radius server is
ignoring it altogether.
We are using MySQL for accounting
Hello
We are currently using freeradius to authenticate dialup users. We are
investigating several wasy of improving the service offered to the dialup
users and have encountered several issues: -
1. The Called-Station-Id is a 4-digit number in the detail log file.
While testing
I have tried altering the insert/update strings within sql.conf,
specifically by changing the %S variable to %{Timestamp} (and altering
the table definition to except an integer) but to no avail. It just
inserts a 0. I have searched the dictionary files for an attribute named
Timestamp but the
Did you debug the call setup in your AS5350? Usually Phone companies sends
as DNIS only the last four digits. I mean, this is most probabily not a NAS
or RADIUS issue, it is most probabily an issue with the provider of your PRI
line and/or phone number.
Also, by default Ciscos send
Hi,
Is it possible to tell radius to expire logins after a time period?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Is it possible to tell radius to expire logins after a time period?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Maq
On Tue, Oct 11, 2005 at 02:29:03PM +0100, Maqbool Hashim wrote:
Is it possible to tell radius to expire logins after a time period?
One option which we can use with our in-house RADIUS servers is to have an
'expiry' field on the SQL table, with the authorize_check_query checking
that
Hi Peter,
Thats a good way of solving it, especially as there doesn't seem to be
any RADIUS attributes satisfying that requirement. Is the expiry field
just a boolean field you set with a cronjob?
Peter Hicks wrote:
Hi Maq
On Tue, Oct 11, 2005 at 02:29:03PM +0100, Maqbool Hashim wrote:
I'm currently running FreeRADIUS in this setup:
Unix authentication with logging to mysql for accounting.
What I'm wondering is, I'm currently seeing the occasional message like this:
Tue Oct 11 10:06:32 2005 : Error: rlm_radutmp: Logout for NAS sb-ent2 port 24,
but no Login record
What I'm
Failed authentications cause that
On Tue, 2005-10-11 at 09:11, Curt LeCaptain wrote:
I'm currently running FreeRADIUS in this setup:
Unix authentication with logging to mysql for accounting.
What I'm wondering is, I'm currently seeing the occasional message like this:
Tue Oct 11
I'm not so sure that's the case, as I'm not seeing failed login attempts in my
log, and I do have it set to log those attempts. Not saying I don't believe
you, my log just isn't showing it that way.
On 10/11/2005 at 10:57:52 am, in message
[EMAIL PROTECTED], [EMAIL PROTECTED] wrote:
Failed
Is this value the mac or the ip address on Ethernet networks.
I need to know since I'm programming a radiusclient.
J.
--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See
If you're doing 802.1x authentication, then it will be the MAC. The
supplicant may not even have an IP address when it communicates with the
NAS (the ethernet switch) if it is configured for DHCP.
If you're logging into the CLI of a device configured to authenticate
using RADIUS, then I would
Normally is the ip address.
Yuri
Jonathan De Graeve wrote:
Is this value the mac or the ip address on Ethernet networks.
I need to know since I'm programming a radiusclient.
J.
--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]
-
Hi, Has any body had any experience implementing CHAP-PASSWORD to
authenticate http clients against a radius server ? I read a document
that says The CHAP-Challenge and CHAP-PASSWORD attributes are not
suitable since the CHAP algorithm is not compatible with HTTP digest.
If that is the case,
Nope.
josh.
nagaraj wrote:
Hi, Has any body had any experience implementing CHAP-PASSWORD to
authenticate http clients against a radius server ? I read a document
that says The CHAP-Challenge and CHAP-PASSWORD attributes are not
suitable since the CHAP algorithm is not compatible with HTTP
It is what ever you want, but it is best to pick something unique you
can use to identify the end point equipment.
For dial-up it is the caller-id, for EAP it is usually a MAC
address and for tunnelling it is usually an IP address.
On Tue, 2005-11-10 at 21:03 +0200, Jonathan De Graeve wrote:
So where should I expect to find a core dump?
If you've set user or group in radiusd.conf, you won't get a
core file.
o.k., I have unset the above and simply done everything by hand
so I was able to produce a core file this time. I also could get
gdb to backtrace it. So I am waiting for the
Curt LeCaptain [EMAIL PROTECTED] wrote:
What I'm wondering is, why, if I'm logging accounting to MySQL, are
entries showing up in /var/log/radius/radacct/?
Because you told it to. The radiusd.conf file still contains
references to radutmp.
Shouldn't I be avoiding those entries by logging to
Tim O'Donovan [EMAIL PROTECTED] wrote:
Mon Oct 10 22:25:37 2005
...
Timestamp = 1128979537
So it is recognising the Timestamp attribute, as you suggested. Where am
I going wrong?
The Timestamp entry is not a real attribute. It is added by the
detail module when the record gets
That was exactly my problem. My mistake for not looking closer, thank you very
much!
Curt LeCaptain
[EMAIL PROTECTED]
Curt LeCaptain [EMAIL PROTECTED] wrote:
What I'm wondering is, why, if I'm logging accounting to MySQL, are
entries showing up in /var/log/radius/radacct/?
Because you
I have setup SER to authenticate via FreeRADIUS with MSSQL DB. The SIP
proxy (SER) use digest authentication to authenticate with FreeRADIUS
server. This way the user's password is stored as cleartext in the
database. I'd like to know is there a way to make such setup using
hashed password (just
25 matches
Mail list logo