Hi,
I am a newbee on Linux and RAdius stuff. I am trying to authenticate WinXP
and Win 7 machines on wireless using Freeradius, LDAP authentication. Please
help.
Module: Instantiating module digest from file /etc/raddb/modules/digest
Module: Linked to module rlm_unix
Module: Instantiating
Hi,
Can somebody tell me, how to include the OID's while generating the client
and root certificates. These instructions are in the xpextensions file, it
says
# Add this to the PKCS#7 keybag attributes holding the client's private key
# for machine authentication.
How does one do this? Please
syharash wrote:
I am a newbee on Linux and RAdius stuff. I am trying to authenticate WinXP
and Win 7 machines on wireless using Freeradius, LDAP authentication. Please
help.
Thanks for posting the debug output, but it would help if you read it.
It's not complicated.
Also post the debug
Jim Rice wrote:
Quick question:
I am looking into adding an ACT! Plugin to populate the Radius MySQL
database through unix ODBC.
Found rlm_sql_unixodbc and wondered if this is already provided for this
purpose, or something else?
It's for that purpose.
Looks like it needs to be run
syharash wrote:
Can somebody tell me, how to include the OID's while generating the client
and root certificates.
$ cd raddb/certs
$ more README
This is documented.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 04/06/2011 10:59 PM, Joren Love wrote:
Hey, thanks for your reply. I did try creating the file module with the
contents from the howto, and it seems to get loaded (Debug: including configuration file
/etc/freeradius/modules/file however, I still get the same error:
Edit: Now I'm noticing
Dear Alan,
I am doing this all for the very first time. Could you please help me out? I
do not understand what seems to be wrong? I have added that user mahendra
in linux, ldap and also in the raddb/users file. The file contents are here;
/etc/passwd
mahendra:x:516:516::/home/mahendra:/bin/bash
Dear Alan,
I am doing this all for the very first time. Could you please help me out? I
do not understand what seems to be wrong? I have added that user mahendra
in linux, ldap and also in the raddb/users file. The file contents are here;
/etc/passwd
mahendra:x:516:516::/home/mahendra:/bin/bash
hello *
i try to transfer a working configuration from an very old (1.x) freeradius
version to a more recent radius version:
FreeRADIUS Version 2.1.10, for host x86_64-pc-linux-gnu, built on Nov 14 2010
at 21:14:10
My problem: after authenticate against ldap and auth-type = ldap is
set, no
Hi All,
I am using Freeradius 2.1.0
PEAP/TTLS is working fine and I am facing problem in TLS
authentication. I am able to generate certificate but while connecting it
throws Authentication error.
Please let me know how to debug it.
rad_recv: Access-Request packet from host
[ldap] looking for check items in directory...
[ldap] userPassword - Password-With-Header ==
{crypt}$1$94hl3NgJ$AuuZleae5i2GkzrT9XIye0
crypt passwords cannot be used to do MS-CHAP. It is impossible.
MS-CHAP requires either the cleartext password or NT/LM hashes.
See:
Great Phil, I've changed my /etc/raddb/users file and it worked, could you
please help me if i can make a particular user login only from a single
machine using the MAC Address of that machine. my existing /etc/raddb/users
file looks like this
DEFAULT Auth-Type = System
Fall-Through = 1
Michael Arndt wrote:
i try to transfer a working configuration from an very old (1.x) freeradius
version to a more recent radius version:
You should transfer it by starting with the default configuration for
2.1.10, and then make gradual changes, with tests, until you have what
you want.
Hi,
comparisons/requirements are ont he first line, replies are on following lines
ie
user Cleartext-Password := testing, NAS-IP-Address = 192.168.0.1
AttributeX = this,
AttributeY = that
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--On Wednesday, April 06, 2011 15:42:11 -0500 john.hayw...@wheaton.edu
wrote:
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
I don't know if this should be sent to the developers list instead.
=== Background ===
When there is a failure of the client to
--On Thursday, April 07, 2011 13:33:33 +0100 James J J Hooper
jjj.hoo...@bristol.ac.uk wrote:
Attached are the two 'git diff' that I ended up with.
gzipped so they don't get messed up.
-James
p1.txt.gz
Description: Binary data
p2.txt.gz
Description: Binary data
-
List
Looking at the output, things become clearer. The conversation ends
when the server tries to send the first Access-Challenge packet to the
client. It seems like that packet never gets there - and so the client
retransmits the same Request over and over again. The server then
repeatedly tries to
hi,
this would be great to get into 2.1.11 release if possible if not 2.1.12 or
2.2.x
as it solves one of our current problems of devices configured for our roaming
SSID continually trying to authenticate to the system even if the user no
longer exists
- currently they just keep on and on
I install freeradius in the server its ip is 192.168.1.1.
In the server I have already do the radtest ,and the result is OK
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=11, length=20
the end of my clients.conf and assign a shared-secret.
client 192.168.1.100 {
Hi Alan,
Thanks, everything is set. works fine just that my client pc is not getting
an IP address leased from that particular vlan's dhcp scope. It just worked
once but after that its baffling that the client's are not getting an IP
address leased from the dhcp scope. my routing is fine, on the
Hi,
maybe somebody can help me in my attempt to authenticate
supplicant
PC (WinXP SP2 with enabled 802.1x authentication using PEAP and
Authentication Mehtod Secured password EAP-MSCHAP v2) using
Free RADIUS Version 2.1.10. RADIUS client is ONT (GPON,
802.1x enabled on it's Ethernet port).
I
Hi,
maybe somebody can help me in my attempt to authenticate
supplicant
PC (WinXP SP2 with enabled 802.1x authentication using PEAP and
Authentication Mehtod Secured password EAP-MSCHAP v2) using
*that* (PEAP) wont work with this:
Added new entry for PC using its MAC address for
Found this in the rlm_sql_unixodbc config.log:
...
/usr/bin/ld: cannot find -lodbc
...
configure:3080: WARNING: silently not building rlm_sql_unixodbc.
configure:3082: WARNING: FAILURE: rlm_sql_unixodbc requires: libodbc sql.h.
Did I miss some dependencies earlier when installing FR 2.1.10?
Can
On 07/04/2011 13:33, James J J Hooper wrote:
--On Wednesday, April 06, 2011 15:42:11 -0500 john.hayw...@wheaton.edu wrote:
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
I don't know if this should be sent to the developers list instead.
=== Background ===
I was wondering if there has been a collective effort to document the
meaning of the NAS-Port by the various Network Vendors?
If there's nothing yet, maybe they can create a wiki page for it? I'd be
willing to edit the entries, either on the wiki if I can get an account,
or offline and batch
Hi,
Found this in the rlm_sql_unixodbc config.log:
...
/usr/bin/ld: cannot find -lodbc
...
configure:3080: WARNING: silently not building rlm_sql_unixodbc.
configure:3082: WARNING: FAILURE: rlm_sql_unixodbc requires: libodbc sql.h.
Did I miss some dependencies earlier when installing FR
2.1.10
Here's a snippet of freeradius -X...
+- entering group post-auth {...}
[ldap] Entering ldap_groupcmp()
[files] expand: ou=Departments,dc=corp,dc=development,dc=com -
ou=Departments,dc=corp,dc=development,dc=com
[files] expand: ((sAMAccountName=%{mschap:User-Name})) -
I thought I had followed the FR installation instructions and was surprised
that something might have been missing.
How can I know which dependencies are missing? (Which packages to install?)
I had already installed mysql-connector-odbc before finding
rlm_sql_unixodbc.
There were several new
On Fri, Apr 8, 2011 at 4:30 AM, Jim Rice jmrice6...@yahoo.com wrote:
I thought I had followed the FR installation instructions and was surprised
that something might have been missing.
How can I know which dependencies are missing? (Which packages to install?)
I had already installed
Jim Rice wrote:
I thought I had followed the FR installation instructions and was
surprised that something might have been missing.
I think you're misunderstanding *optional* modules. The server comes
with plugins for LDAP, SQL (MySQL, PostGreSQL, DB2, Oracle, ...), and
many, many, more.
After installing mysql-connector-odbc,
running ./configure within rlm_sql_unixodbc it was then able to find:
checking for SQLConnect in -lodbc... yes
But not:
checking for sql.h... no
configure: WARNING: silently not building rlm_sql_unixodbc.
configure: WARNING: FAILURE: rlm_sql_unixodbc
On Fri, Apr 8, 2011 at 8:13 AM, Jim Rice jmrice6...@yahoo.com wrote:
After installing mysql-connector-odbc,
running ./configure within rlm_sql_unixodbc it was then able to find:
checking for SQLConnect in -lodbc... yes
But not:
checking for sql.h... no
configure: WARNING: silently not
32 matches
Mail list logo