##
#
# Create a new client certificate, signed by the the above server
# certificate.
#
##
client.csr client.key: client.cnf
openssl req -new -out
When i click on my SSID i get authentication failed. The Proxim AP reports
Radius not connected and i dont get to see any reply on Radius Server
2010/1/20 Devinder Singh devinbhul...@gmail.com
##
#
# Create a new client
group authorize {...}
Wed Jan 20 10:01:07 2010 : Info: ++[preprocess] returns ok
Wed Jan 20 10:01:07 2010 : Debug: expand:
/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d -
/var/log/freeradius/radacct/172.30.80.1/detail-20100120
Wed Jan 20 10:01:07 2010 : Info: [detail]
/var
After i had restarted my XP
i get to see Windows was unable to log you on to palstaff.
palstaff is my sssid
Devinder
2010/1/20 Devinder Singh devinbhul...@gmail.com
When i click on my SSID i get authentication failed. The Proxim AP reports
Radius not connected and i dont get to see any
Hi,
I'm seeing a strange behaviour for a 802.1X supplicant, and can't really
explain it. The device (Samsung GT-S5560 mobile) claims to do PEAP/MSCHAPv2.
In -X debug, the server certificate gets exchanged just fine, but the
device doesn't proceed to the tunnel. It keeps sending EAP-Messages
Stefan Winter wrote:
I'm seeing a strange behaviour for a 802.1X supplicant, and can't really
explain it. The device (Samsung GT-S5560 mobile) claims to do PEAP/MSCHAPv2.
Claims.
In -X debug, the server certificate gets exchanged just fine, but the
device doesn't proceed to the tunnel. It
Appolagies for bumping this post, but i am still unsure on why its not
working.
From the radius debug (all of which can be found at the end of the post), I
noticed that when a request is sent it displays this:
[sql] User james not found
++[sql] returns notfound
But the radtest was accepted:
James2010 wrote:
Appolagies for bumping this post, but i am still unsure on why its not
working.
From the radius debug (all of which can be found at the end of the post), I
noticed that when a request is sent it displays this:
[sql] User james not found
++[sql] returns notfound
But the
Tevfik Ceydeliler wrote:
Hi,
My problem is, If I try to assign a static I address to my user, I got error.
I have Secovid OTP server as realm. And my all users use token to create
password.
In test case, when I try to connect to my radius server via gprs I see some
error:
...
Wed
Thanks Alan,
That did indeed sort out the sql read problem and now works fine. The server
is also sending information to my radpostauth file.
It is however still not writing into radacct, and from what i can see on the
debug there isn't a: +- entering group accounting (like auth and
James2010 wrote:
It is however still not writing into radacct, and from what i can see on the
debug there isn't a: +- entering group accounting (like auth and post-auth).
In the defaults file sql has been enabled.
See the FAQ. Is the NAS sending accounting packets?
Alan DeKok.
-
List
Wed Jan 20 10:01:07 2010 : Error: Warning: Found 2 auth-types on
request for user 'tevfikceydeliler'
...
...
I did not edit DEFAULTS.
My users settings is here:
tevfikceydelilerPacket-Type == Access-Request , Proxy-To-Realm
:= 10.1.1.51, Framed-IP-Address := 172.30.64.120 ,
Hi,
I want to remove an attribute from reply message(account accept), how can I
should do that?
more detail:
I'm using some sqlcounter to count daily, weekly and monthly octets. After
their processing they add Session-Octets-Limit to my reply message.
I want to have a condition that if this value
Hi list,
We are running FreeRADIUS 2.16 (sparc-sun-solaris2.10) and we are are
seing some unexpected results, the following is snippets of
configuration followed by debug output...
# entry in huntgroups
dot1x-allowed NAS-IP-Address == 192.168.0.1
# only entries in users file...
DEFAULT
Hamid Reza Hasani hr.has...@gmail.com wrote:
[snipped]
I add this lines at the end of authorize section:
if(%{reply.Session-Octets-Limit} = 2) {
update reply {
Session-Octets-Limit [I don't know what!and am too lazy
to read the docs or
At 02:50 AM 1/20/2010, Alan DeKok wrote:
freerad...@corwyn.net wrote:
But i see this in the log when running with radiusd -X:
[ldap] looking for reply items in directory...
WARNING: No known good password was found in LDAP. Are you sure that
the user is configured correctly?
It means
hello
is it possible to use samba(+ldap) domain name as realm ?
i want that if on a XP laptop plug on my NAS (switch)
DOMAIN1\username log on , the ldap+radius is authentificate on DOMAIN1
ldap server
DOMAIN2\username log on , the ldap+radius is authentificate on DOMAIN2
ldap server
the
Hi,
I have a Freeradius server v2.1.7 with mysql 5 in CentOs 5.3.
The two situations I need to define reply messages are:
1) Username correct but wrong password;
2) Username and password wrong or just Username wrong;
Thanks to Arran Cudbard-Bell and EasyHorpak.com, I was able to solve the
W dniu 10-01-20 08:52, Alan DeKok pisze:
Maja Wolniewicz wrote:
A few changes in FreeRADIUS are needed to provide some configuration
variables to the hostap EAP library.
Could you send the changes as a patch? That way we can apply them to
the server, and make it easier for
Hi
If program runned from cron run another process like:
curl or wget or anithign else located at PATH
it says: can not find curl etc.
NOTICE: when programm is runned from cron there is no PATH environment
variable
Does any know how to pass environment for programs runned from cron?
--
On 20/01/2010 21:08, Коньков Евгений wrote:
Hi
If program runned from cron run another process like:
curl or wget or anithign else located at PATH
it says: can not find curl etc.
NOTICE: when programm is runned from cron there is no PATH environment
variable
Does any know how to pass
On 1/17/2010 8:37 AM, Alexander Clouter wrote:
James J J Hooperjjj.hoo...@bristol.ac.uk wrote:
In order to also return e.g. VLAN IDs (that could be computed from the
inner User-Name in a non-session-resumption enabled config), I can move
the config that sets the VLAN to the outer tunnel
Arran Cudbard-Bell arran.cudbard-b...@hp.com wrote:
On 1/17/2010 8:37 AM, Alexander Clouter wrote:
James J J Hooperjjj.hoo...@bristol.ac.uk wrote:
In order to also return e.g. VLAN IDs (that could be computed from the
inner User-Name in a non-session-resumption enabled config), I can
OK so the message was blocked for length, here is ~ 450 lines, after this it
basically repeats with new ID's several (hundred) times.
FreeRADIUS Version 2.0.4, for host i486-pc-linux-gnu, built on Jan 19 2010
at 01:20:58
Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.
Hello
I have followed the procedures to create EAP certificates in etc/raddb/certs
but when i copy the ca.der and client.P12 my windows XP cannot seem to
authenticate to the radisu Server.
I can se a small baloon appearing on xp stating failed to authenticate on
palstaff.
My Proxim AP reports
Luiz Gustavo de Villa Scandelari wrote:
Hi,
I have a Freeradius server v2.1.7 with mysql 5 in CentOs 5.3.
The two situations I need to define reply messages are:
1) Username correct but wrong password;
2) Username and password wrong or just Username wrong;
Thanks to Arran Cudbard-Bell
Hi
I had just checked my Proxim AP 700 and it seems to report that
Radius Server not responding but i have already configured teh Radius Server
Profiles and IP address in the AP
What shoud i do
Devinder
2010/1/20 Devinder Singh devinbhul...@gmail.com
Hi Ivan,
I created the certificates
Hi Michael,
All I want is that to give correct IP address to user.
I have to use Proxy-To-Realm because my user dont use static password. They
use token. And My realm is a OTP server.
I care those two things. IP address and realm.
What should I do?
I really cant undertstand while user who use
attribute.
Wed Jan 20 10:01:07 2010 : Info: ++[birmas] returns noop
Wed Jan 20 10:01:07 2010 : Debug: expand:
/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d -
/var/log/freeradius/radacct/172.30.80.1/detail-20100120
Wed Jan 20 10:01:07 2010 : Info: [detail]
/var/log/freeradius
Huckle Berry wrote:
OK so the message was blocked for length, here is ~ 450 lines, after
this it basically repeats with new ID's several (hundred) times.
If you're not going to bother reading the messages here, I don't see
why you're asking questions.
I said:
Try using a user from
Tevfik Ceydeliler wrote:
Hi Alain,
According your suggestion I delete Packet-Type == Access-Request -I wrote
down to config according to SecOvid manual-,
shrug The manual is wrong.
and,I dont think that problem is home server because home server accept
requests when user IP comes
Hi,
Thanks for your answer, but there is a bit problem. I'm using 2.1.6 and so I
did your first solution, but radiusd can't run and reports this error:
/etc/raddb/sites-enabled/default[219]: Parse error after
Session-Octets-Limit
Error reading /etc/raddb/radius.conf
I wrote this code in authorize
32 matches
Mail list logo
