Hi Adrian, I change the operator for Framed IP Address and Netmask. But nothing changed. Client get Access-Accept but no IP address assigned. I check it with "ipconfig" Regards...
Tevfik Ceydeliler -----Original Message----- From: freeradius-users-bounces+tevfik.ceydeliler=astron.yasar.com...@lists.freeradius.org [mailto:freeradius-users-bounces+tevfik.ceydeliler=astron.yasar.com...@lists.freeradius.org] On Behalf Of freeradius-users-requ...@lists.freeradius.org Sent: Monday, January 11, 2010 6:59 PM To: freeradius-users@lists.freeradius.org Subject: Freeradius-Users Digest, Vol 57, Issue 31 Send Freeradius-Users mailing list submissions to freeradius-users@lists.freeradius.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-users or, via email, send a message with subject or body 'help' to freeradius-users-requ...@lists.freeradius.org You can reach the person managing the list at freeradius-users-ow...@lists.freeradius.org When replying, please edit your Subject line so it is more specific than "Re: Contents of Freeradius-Users digest..." Today's Topics: 1. RE: My Static IP Client conf. not work (Adrian Boros) 2. Re: rlm_sqlippool required? (John Dennis) 3. NT/LM password from LDAP (PAP works, MSCHAP doesn't). (Lech Karol Paw?aszek) ---------------------------------------------------------------------- Message: 1 Date: Mon, 11 Jan 2010 09:38:18 -0500 From: "Adrian Boros" <adr...@dsl4u.ca> Subject: RE: My Static IP Client conf. not work To: "'FreeRadius users mailing list'" <freeradius-users@lists.freeradius.org> Message-ID: <0fc901ca92cb$b789fad0$269df0...@ca> Content-Type: text/plain; charset="us-ascii" Hello Tevfik, Try changing the operator from == to := when assigning the Framed IP and Framed Netmask. I would also recommend it for others but you're better off reading the following link which should give you an understanding of the operators in use: http://wiki.freeradius.org/Operators Best regards, Adrian Boros -----Original Message----- From: freeradius-users-bounces+adrian=dsl4u...@lists.freeradius.org [mailto:freeradius-users-bounces+adrian=dsl4u...@lists.freeradius.org] On Behalf Of Tevfik Ceydeliler Sent: Monday, January 11, 2010 4:55 AM To: freeradius-users@lists.freeradius.org Subject: My Static IP Client conf. not work Hi, I have a client, when I put this client into an IP pool everything is ok. But when I move him for framed-Ip (static IP),he can't get that IP address. Note: I use a secovid as realm and NAS is Telecom Operator (For APN) I dont know what i should check. Can you help me to start? ################################################################# Here is the user configuration: FOR POOL --> tevfikceydeliler Service-Type == Framed-User,Packet-Type==Access-Request, Proxy-To-Realm := 10.1.1.51, Pool-Name := BirmasGPRS For Static IP --> tevfikceydeliler Packet-Type==Access-Request, Proxy-To-Realm := 10.1.1.51, Framed-IP-Address == 172.30.65.90, Framed-IP-Netmask == 255.255.255, Framed-MTU = 1500, Framed-Routing = None, Framed-Protocol = PPP, Service-Type = Framed, Fall-Through = Yes AND DEFAULTS --> DEFAULT Framed-Protocol == PPP Framed-Protocol = PPP, Framed-Compression = Van-Jacobson-TCP-IP DEFAULT Hint == "CSLIP" Framed-Protocol = SLIP, Framed-Compression = Van-Jacobson-TCP-IP DEFAULT Hint == "SLIP" Framed-Protocol = SLIP DEFAULT Auth-Type := Accept ################################################### Bu elektronik postada bulunan tum fikir ve gorusler ve ekindeki dosyalar sadece adres sahip/sahiplerine ait olup, Yasar Toplulugu Sirketleri bu mesajin icerigi ile ilgili olarak hic bir hukuksal sorumlulugu kabul etmez. Eger gonderilmesi dusunulen kisi veya kurulus degilseniz, lutfen gonderen kisiyi derhal haberdar ediniz ve mesaji sisteminizden siliniz.The information contained in this e-mail and any files transmitted with it are intended solely for the use of the individual or entity to whom they are addressed and Yasar Group Companies do not accept legal responsibility for the contents. If you are not the intended recipient, please immediately notify the sender and delete it from your system. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ------------------------------ Message: 2 Date: Mon, 11 Jan 2010 11:38:31 -0500 From: John Dennis <jden...@redhat.com> Subject: Re: rlm_sqlippool required? To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <4b4b5407.8060...@redhat.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 01/09/2010 04:33 PM, John Kane wrote: >> John Kane wrote: >>> Is the rlm_sqlippool required when allocating IPs from an SQL DB? >> >> Yes. >> >>> I am >>> trying to set this up on a 1.1.3 install, and don't see that module. >> >> Install 2.1.8. >> >> Alan DeKok. >> - > > Thanks Alan, unfortunately I am chained to Red Hat RPMs on this project, > and their latest is 1.1.3 without the rlm_sqlippool module. I pulled > the 1.1.3 down from the FreeRADIUS site, and it has that module (maybe > our RH friend John Dennis can explain to me why it is on the FR site but > not the RH RPM, and if I should open a ticket to RH to get it added). More current versions of FreeRADIUS than 1.1.3. are available for RHEL 5 and CentOS5, see: http://wiki.freeradius.org/Red_Hat_FAQ The latest build for RHEL5 is 2.1.7, I'll be adding 2.1.8 shortly. Note these are not official builds. We anticipate 2.1.7 will show up as an official build in the RHEL 5.5 update under the package name freeradius2. 2.1.8 was released after the cut off date, thus RHEL 5 will only have 2.1.7 and 1.1.3. As for why 1.1.3 didn't ship with rlm_sqlippo0l (it does ship with rlm_ippool) I can't tell you, it was before my time. If you would like to open a bug against the 1.1.3 RHEL 5.5 version please contact your support TAM. -- John Dennis <jden...@redhat.com> Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ------------------------------ Message: 3 Date: Mon, 11 Jan 2010 17:58:50 +0100 From: Lech Karol Paw?aszek <i...@szluug.org> Subject: NT/LM password from LDAP (PAP works, MSCHAP doesn't). To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <4b4b58ca.8070...@szluug.org> Content-Type: text/plain; charset="utf-8" Hello. I've working FreeRADIUS installation for 802.1x authentication and authorization using EAP-TLS with passwords - NT/LM hashes - stored in LDAP. And it works nice. Right now I'm deploying (yes. at this particular moment!) IPsec/L2TP VPN which will be utilizing RADIUS via ppp connection. And for PAP it works nice. However MSCHAP doesn't want to work. I'm kinda lost because EAP connection uses MSCHAP(v2) as well and this one works flawlessly. ;-) Am I missing something? I believe it should work. Or it cannot? I've attached FreeRADIUS' logfile. Any pointers/hints much appreciated. Kind regards, -- Lech Karol Paw?aszek <ike> "You will never see me fall from grace" [KoRn] -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: freeradius.txt Url: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20100111/b23cbdf2/attachment.txt> ------------------------------ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html End of Freeradius-Users Digest, Vol 57, Issue 31 ************************************************ Bu elektronik postada bulunan tum fikir ve gorusler ve ekindeki dosyalar sadece adres sahip/sahiplerine ait olup, Yasar Toplulugu Sirketleri bu mesajin icerigi ile ilgili olarak hic bir hukuksal sorumlulugu kabul etmez. Eger gonderilmesi dusunulen kisi veya kurulus degilseniz, lutfen gonderen kisiyi derhal haberdar ediniz ve mesaji sisteminizden siliniz.The information contained in this e-mail and any files transmitted with it are intended solely for the use of the individual or entity to whom they are addressed and Yasar Group Companies do not accept legal responsibility for the contents. If you are not the intended recipient, please immediately notify the sender and delete it from your system. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html