Hi,
Anyone here managed to setup a hotspot service using freeradius and a
captive portal?
I'd like to hire someone to do a setup for me.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/setup-service-needed-tp4315197p4315197.html
Sent from the FreeRadius - User mailing
On Wed, Apr 20, 2011 at 3:16 PM, danieln daniel.n...@gmail.com wrote:
Hi,
Anyone here managed to setup a hotspot service using freeradius and a
captive portal?
Sure. It's a common setup. A simple one would consist something like:
- a captive-portal capable wireless AP, like one running dd-wrt
Hi Fajar,
well my aim is to install hotspots for multiple places like cafes or
condominiums.
I'll need the AP to direct the users to my portal to signup for a new
account or to login before they can use the internet line.
so there will be many APs connecting to the server for authentication.
On Wed, Apr 20, 2011 at 3:38 PM, danieln daniel.n...@gmail.com wrote:
Hi Fajar,
well my aim is to install hotspots for multiple places like cafes or
condominiums.
I'll need the AP to direct the users to my portal to signup for a new
account or to login before they can use the internet line.
Hi All,
Please help me to fix the below isse.
The problem is related to the scenario, where a network server
triggers first authentication over Radius and then a freeRadius server
makes a LDAP query towards an openLDAP server
containing the user password. After the successful authentication
Hi Folks,
the question makes sense, I think I wrote it not understandible enough.
1. What I already do is:
1.1. Authenticating via EAP-TLS Computers/Workstations against my Switches
1.2. Users are authenticated with PEAP and Cleartext-Passwords in
$RADDB/users
2. What I want to do is:
2.1.
Gregoire leroy wrote:
I want to setup a PPTP server with EAP TLS and authentication by FreeRadius.
I've
seen in a documentation that we must set Auth-type, but the documentation is
out-dated and on freeradius.org, it's specified that Auth-type shouldn't be
set
manually.
So, I don't know
On 04/20/2011 10:23 AM, Alexandros Gougousoudis wrote:
3.1. Certs on all Computer/Workstations and an entry in $RADDB/users of
the Computername wirh Authentification-Type = EAP
3.2. Users in my LDAP with crypted Passwords (MD5/crypt) AND Passwords
for Samba (NT-Passwords).
Ah, good. If you
pradyumna dash wrote:
Please help me to fix the below isse.
Please follow the documentation and post the debug output.
It doesn't help to post vague desscriptions of what you *think* mught
be happening. It *does* help to post the debug output.
Alan DeKok.
-
List
On 04/19/2011 04:41 PM, East, Bill wrote:
-Original Message- From:
freeradius-users-bounces+eastb=pffcu@lists.freeradius.org
[mailto:freeradius-users-
bounces+eastb=pffcu@lists.freeradius.org] On Behalf Of Phil
Mayers Sent: Tuesday, April 19, 2011 11:15 AM To:
Hi Phil,
Phil Mayers schrieb:
Ah, good. If you have NT-Password, PEAP/MS-CHAP should work.
Great!
Yes. There are lots of ways to do this, depending on what key you want
to use for the lookup (machine account name, mac address, TLS cert
subject)
Thanks, I'll start to do this. Machine
Hi,
Thanks, I'll start to do this. Machine account name should work for me.
Any hints, or how to do this? Is there somewhere an example availlable
to start with?
I'am new to FR 2.1 and it's hard to make even my old config work on the
test-maschine.
after altering ntlm_auth command
On 04/20/2011 11:37 AM, Alexandros Gougousoudis wrote:
Hi Phil,
Phil Mayers schrieb:
Ah, good. If you have NT-Password, PEAP/MS-CHAP should work.
Great!
Yes. There are lots of ways to do this, depending on what key you want
to use for the lookup (machine account name, mac address, TLS cert
It works fine, but when one of the server goes down of a long period,
It sends a lot of proxy state attributes.
Then you didn't follow the example. You configured it so that the
detail file reader would write packets *back* to the detail file in the
Post-Proxy-Type Fail section.
Don't
Waqas Toor wrote:
OK thanks Alan, but please clear one confusion. Now if one of the
server goes down then this part
...
will it update the detail file ?
I have no idea.
Follow the example. It works. It's documented. It Does the Right
Thing. If one of the home servers goes down, it
Is my question about sending ascii nul in string attribute is wrong or
nobody run into this situation ?
Hi All
My nas box can use attribute NAS-Filter-Rule from radius server to
construct filter rules per subscriber on the fly.
Accodingly to rfc 4849 this attribute should contain ascii NUL
Just a guess, but is sounds like a string array to me.
char **string_array ;
Look up malloc and related functions to designate space for additions
to the array.
This is NOT how you do it but this is the general idea :
$string_array[0] = filter entry 1 ;
$string_array[1] = filter entry 2 ;
On 04/15/2011 09:05 AM, Ruslan Pustovoytov wrote:
Hi All
My nas box can use attribute NAS-Filter-Rule from radius server to
construct filter rules per subscriber on the fly.
Accodingly to rfc 4849 this attribute should contain ascii NUL (0x00) as
a delimiter between individual filter rules and
I am apparently using the Caching improperly in regards to configuration
in eap.conf. The first authentication works great (EAP-PEAP-MSChapv2)
and DB lookups. The second time (with caching enabled) it appears to
only be adding the User-Name attribute to the reply. I see the comments
in the
I have been able to do some testing with the adjustments for MS-CHAP-V2
related to error and retires.
There are two items I observed with testing:
1) If I sent a HUP signal to the server it appears to re-read the
configuration files but for some reason does not re-read the mschap module
- so
On 04/20/2011 11:14 PM, john.hayw...@wheaton.edu wrote:
I have been able to do some testing with the adjustments for MS-CHAP-V2
related to error and retires.
There are two items I observed with testing:
1) If I sent a HUP signal to the server it appears to re-read the
configuration files but
Hello,
Using the above script I was able to get a clean install to contact my
kerberos server via 'inner-tunnel' and 802.1x. Unfortunately, Kerberos is
reporting that it needs the User-Password attribute. I've modified the
script to show that the User-Password is empty in 'inner-tunnel'. As
On 04/20/2011 10:13 PM, John Douglass wrote:
What exactly am I supposed to store into the attribute
Cached-Session-Policy? Is this referring to a policy within the file
policy.conf that will run and extract attributes according to the
function there or is it something else?
Based on a quick
On 04/20/2011 11:56 PM, tod wrote:
Wed Apr 20 14:19:28 2011 : Debug: PEAP: Setting User-Name to joe
Sending tunneled request
EAP-Message = 0x0207000a01746f747465
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = joe
server inner-tunnel {
Wed Apr 20 14:19:28 2011 : Info: +-
Thanks for the patches - I've built a new server and hopefully will test
tomorrow.
On the re-reading of config I can live without the HUP not causing mschap
to re-read it's config - just assumed that it would.
johnh...
On Wed, 20 Apr 2011, Phil Mayers wrote:
Date: Wed, 20 Apr 2011 17:53:42
25 matches
Mail list logo