something else i just found radtest only seems to work from localhost..
[root@ops2 raddb]# radtest marguin2 r0adkill localhost 0
i6Lw7uNsG7pZDUGgxirg
Sending Access-Request of id 235 to 127.0.0.1 port 1812
User-Name = "marguin2"
User-Password = "r0adkill"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=235,
length=30
Filter-Id = "wireless"
[root@ops2 raddb]# radtest marguin2 r0adkill 192.168.10.31 0
i6Lw7uNsG7pZDUGgxirg
Sending Access-Request of id 96 to 192.168.10.31 port 1812
User-Name = "marguin2"
User-Password = "r0adkill"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
Sending Access-Request of id 96 to 192.168.10.31 port 1812
User-Name = "marguin2"
User-Password = "r0adkill"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
Sending Access-Request of id 96 to 192.168.10.31 port 1812
User-Name = "marguin2"
User-Password = "r0adkill"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
radclient: no response from server for ID 96 socket 3
On 11/2/2011 10:53 AM, freeradius-users-requ...@lists.freeradius.org wrote:
Send Freeradius-Users mailing list submissions to
freeradius-users@lists.freeradius.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freeradius.org/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
freeradius-users-requ...@lists.freeradius.org
You can reach the person managing the list at
freeradius-users-ow...@lists.freeradius.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."
Today's Topics:
1. Re: Huntgroup Checking (simonm123)
2. Re: Need help with Freeradius and 802.1X (johnboy68)
3. Re: Huntgroup Checking (Ben West)
4. Re: cisco WAP/FreeRadius/OpenLDAP (Matthew Arguin)
5. Re: Need help with Freeradius and 802.1X (Alan Buxey)
6. Re: Need help with Freeradius and 802.1X (Alan DeKok)
----------------------------------------------------------------------
Message: 1
Date: Wed, 2 Nov 2011 07:07:34 -0700 (PDT)
From: simonm123<simon.mor...@me.com>
Subject: Re: Huntgroup Checking
To: freeradius-users@lists.freeradius.org
Message-ID:<1320242854156-4958155.p...@n5.nabble.com>
Content-Type: text/plain; charset=us-ascii
Can anyone tell me if hungroup checking can be made to work on the group
level, not just the user level?
Thanks
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Huntgroup-Checking-tp4950385p4958155.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
------------------------------
Message: 2
Date: Wed, 2 Nov 2011 07:08:58 -0700 (PDT)
From: johnboy68<tripleada...@yahoo.com>
Subject: Re: Need help with Freeradius and 802.1X
To: freeradius-users@lists.freeradius.org
Message-ID:<1320242938352-4958157.p...@n5.nabble.com>
Content-Type: text/plain; charset=us-ascii
I have ntlm_auth working. I can auth my AD users with this command:
radtest -t mschap aduser aspassword localhost 0 testing123
And it works.
My problem is when I configure one of my Cisco switches to do 802.1x and
authenticate with Freeradius my Windows (Windows 7 and Vista) machines fail
to get authorized with the Windows supplicant. I am running Freeradius in
debug mode and have tried to trace down where it is failing on my own but
since I have no experience in this area I am just chasing my tail. Is it a
problem with PEAP, EAP, TLS? Do I need a certificate? I just don't know
and if I did I wouldn't know how to configure it. I have not been able to
find any conclusive documentation in this area.
I could put the output here of what Freeradius outputs during a connection
attempt but I since I am testing this in our production environment, I don't
want to put that kind of information out in a public forum.
Any thoughts?
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Need-help-with-Freeradius-and-802-1X-tp4865617p4958157.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
------------------------------
Message: 3
Date: Wed, 2 Nov 2011 09:22:25 -0500
From: Ben West<westbyw...@gmail.com>
Subject: Re: Huntgroup Checking
To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Message-ID:
<CADSh-SNFZJ1dOx3S1D_sVKPHxxP7GfDq-4+=2rsrltuwbs+...@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
You may need to inspect whether the groupcheck query in
mysql/dailup.conf (if you are using MySQL) looks in the huntgroup
table.
For example, this is the default query in my copy of freeRADIUS
provided by Debian:
authorize_group_check_query = "SELECT id, groupname, attribute, \
Value, op \
FROM ${groupcheck_table} \
WHERE groupname = '%{Sql-Group}' \
ORDER BY id"
Try modifying it as such:
authorize_group_check_query = "SELECT id, groupname, attribute, \
value, op \
FROM ${groupcheck_table} \
WHERE ( groupname = '%{Sql-Group}' \
OR groupname = '%{Huntgroup-Name}' ) \
ORDER BY id"
On Wed, Nov 2, 2011 at 9:07 AM, simonm123<simon.mor...@me.com> wrote:
Can anyone tell me if hungroup checking can be made to work on the group
level, not just the user level?
Thanks
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Huntgroup-Checking-tp4950385p4958155.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Matthew Arguin
Currensee, Inc.
54 Canal St, 4th Floor
Boston, MA 02114
(617) 986-4758 (Office)
_________________________________________________________________________
This email and any files transmitted with it are confidential and intended
solely for the addressee. If you received this email in error, please do not
disclose the contents to anyone; kindly notify the sender by return email and
delete this email and any attachments from your system.
© 2011 Currensee Inc. is a member of the National Futures Association (NFA)
Member ID 0403251 | Over the counter retail foreign currency (Forex) trading
may involve significant risk of loss. It is not suitable for all investors and
you should make sure you understand the risks involved before trading and seek
independent advice if necessary. Performance, strategies and charts shown are
not necessarily predictive of any particular result and past performance is no
indication of future results. Investor returns may vary from Trade Leader
returns based on slippage, fees, broker spreads, volatility or other market
conditions.
Currensee Inc | 54 Canal St 4th Floor | Boston, MA 02114 | +1.617.624.3824
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
