2008/10/10 Alan DeKok [EMAIL PROTECTED]
Stefan Eck (gmail) wrote:
running successfull freeradius in 1.x version, i'm looking for some free
radius documentation to the NAS-Identifier. Couldn't find anything in
the doc or wiki.
http://freeradius.org/rfc/attributes.html
Anyone who can
Hello all,
I am interested in running more than one configuration including
different authentification methods and different clients on one machine.
I have Freeradius 1.1.7 in production, but I installed and tested Freeradius
2.0.5 because of the virtual servers.
I want to run three separated
Stefan Eck (gmail) wrote:
Well, the new NAS device sends 5 different NAS-Identifier. eg WebAdmin,
SSLVPN or HTTP. But only one RADIUS can be configured.
One one RADIUS can be configured... where?
I'm just thinking about that users can be authenticated via RADIUS
server1 and
HRZ Konten wrote:
I am interested in running more than one configuration including
different authentification methods and different clients on one machine.
That's possible.
The issue ist that the configurations of the virtual servers are
separated but if one error occures in one instance
Hi
I want FreeRADIUS to return the Filter-Id attribute, on behalf of a
service of the client which is in another table (not in radreply or
radgroupreply). The idea is to have a different Filter-Id depending on
the region the client is connecting to (which means depending on the
If I understood you well, you want some users or groups to have access
from NAS1 but not from NAS2. Add attribute NAS-IP Address with
appropriate value to radcheck or radgroupcheck table.
Ivan Kalik
Kalik Informatika ISP
Dana 13/10/2008, BADAOUI Nasr-Eddine (P)
[EMAIL PROTECTED] piše:
Hi,
Mats Blomgren B wrote:
3 of the users should have full access (read/write) to the network (94
Extreme Switches). This is straight forward.
The other 3 should have read/write to about 80 switches and read only to
the last 14.
Put the users into groups. Put the NASes into groups. Apply
Tomas D wrote:
I'm trying to fetch radius from git and install it on my ubuntu server.
I'm having some issues compiling radius...
Here's what I'm doing;
...
frs_dhcp.c:183: error: 'RAD_LISTEN_DHCP' undeclared here (not in a
function)
OK. The module didn't have the appropriate
You can use the called-station-id variable to say yay or nay for
authentication. For example, we have a Staff network, that requires
different usernames/passwords from the regular wifi SSIDS. We use
regex to check for regular users trying to get onto the staff ssid.
On 10/13/08, Alan DeKok [EMAIL
username NAS-IP-Address (or Packet-Src-IP-Address) == whatever
Service-Type = whichever
Create huntgroups and use Huntgroup-Name for groups of devices.
Ivan Kalik
Kalik Informatika ISP
Dana 13/10/2008, Mats Blomgren B [EMAIL PROTECTED] piše:
Hi,
I have about 6 people
Alan,
FR 2.1.1, Solaris 5.10 x86 32-bit
We're using the latest code from git.freeradius.org.
We're using PEAP/MSCAHPv2 and authenticating against Microsoft AD. We've
encountered a race
condition affecting the server when the supplicant on a windows XP
station attempts to
reauthenticates 30
Ljupco Vangelski wrote:
I want FreeRADIUS to return the Filter-Id attribute, on behalf of a
service of the client which is in another table (not in radreply or
radgroupreply). The idea is to have a different Filter-Id depending on
the region the client is connecting to (which means depending
Chris Howley wrote:
We're using PEAP/MSCAHPv2 and authenticating against Microsoft AD. We've
encountered a race
condition affecting the server when the supplicant on a windows XP
station attempts to
reauthenticates 30 minutes after the initial user logon.
What is the race condition? It's
Hi all,
I have problems with the autentication of a Netopia R910 router with
firmware 4.11. The configuration of the Freeradius is ok but Netopia is
not accepting the Acces-Accept form the freeradius. The questions are:
Is there an atrribute the Freeradius must reply to the Netopia ? Is
Hi,
I'd like to know how to authorize some users or users's group created in mysql
tables can logged only on some mysql's clients, with freeradius.
Mysql's tables are :
nas table for clients
radcheck table for users
radgropucheck table
usergroup table
many thanks
-
List
Hello,
I've been trying for a few days to configure a new freeradius server with
mysql IP pools support and I noticed there's a few errors with the syntax of
some queries on sqlippool.conf for mysql.
First of all, some queries would never match because the schema provided
with freeradius for the
The configuration of the Freeradius is ok but Netopia is
not accepting the Acces-Accept form the freeradius. The questions are:
Is there an atrribute the Freeradius must reply to the Netopia ? Is
there any misconfiguration on the Netopia?
This is a freeradius users list. You need Netopia
On Sat, Oct 11, 2008 at 08:43:52PM +0200, Alan DeKok wrote:
: rad_recv: Access-Request packet from host 127.0.0.1 port 35273,
: id=127, length=55
: User-Name = jon
:...
: ++[unix] returns updated
:
: jon is in /etc/passwd.
Well spotted thank you!
This will let me go back up to 2.x which
Thanks so much for the reply.
I tried as Alex mentioned as realm base routing and it is working fine.
realm google.com {
type= radius
authhost= LOCAL
accthost= LOCAL
strip
}
Thanks so much.
Regards.
--- On Sat, 10/11/08, Arran
Hello,
I want freeradius to assign to a specific ippool any invalid user
(user not found or wrong password) as well as accept it.
I am trying to do the following in post-auth but so far I can get
freeradius to send the Reply-Message, DNS, etc...
but it will still send Reject-Access. I am
Yes, you can't change Auth-Type *after* authentication (post-auth
section). Move that to authorize section after pap. Check that Auth-Type
hasn't been set and do those updates.
Ivan Kalik
Kalik Informatika ISP
Dana 13/10/2008, Abel Alejandro [EMAIL PROTECTED] piše:
Hello,
I want freeradius to
How do I test if Auth-Type is not set?
I tried with:
if (!Auth-Type) {
and a few others and couldnt get it to do the trick.
Abel.
2008/10/13 [EMAIL PROTECTED]:
Yes, you can't change Auth-Type *after* authentication (post-auth
section). Move that to authorize section after pap. Check that
Hello,
I have freeradius authenticating ADSL users (several types ADSL).
request are comming from several BAS (my NASes).
I would like freeradius to give customers IP addresses from differents
IP pools based on the NAS from which the request come from (huntgroups
does it perfectly today) but also
23 matches
Mail list logo
