Hi,
I've installed oracle 9i release 2 and tried
to compile FR on this machine, but the driver rlm_sql_oracle can not be
compiled. Does FR support Oracle 9i Release 2?
RegardsAlex Zhang
i1, Inc.
Shanghai86-21-50475656-122
Hi,
FR 0.7.1
SuSE linux 7.3
Oracle DB 9i R2
When I use 'radiusd start', it
reports:
radiusd: Unexpected character `:'
(0x3a)radiusd: /etc/raddb/users[154]: Parse error (check) for entry
DEFAULT
Why?
Thanks
RegardsAlex Zhang
i1, Inc.
Shanghai86-21-50475656-122
I need exam 802.1x function on my FreeRadius server, but no
device to support 802.1x now.
Any body know what simulator support 802.1x?
Thanks very much.
lv
xiao-Telindus Ltd.
(China)Chengdu officeSuite A,6/F, Guoxin Mansion
OK, thanks to Chris, I seem to have my users now authenticating into my
server with the realm stripped. But... and there always is a 'but', right?
users# radwho
Login Name What TTY When From Location
mscc@buoy. [EMAIL PROTECTED] PPP S9 Thu 16:27 66.19.47. 66.1
> As the result, packet 5),6)'s EAP-ID are all the value:1 as packet 2),3).
>
> So,when windows XP receive packet 6), it replys packet 3) instend of
packet 7)
> ,then.. an endless loop.
I would like to know,how can I resolve the endless looping problem ???
Should freeradius use different E
I think you can get it from HOWTO!
http://www.missl.cs.umd.edu/wireless/eaptls/
¦b ¶g¤, 2002-11-15 09:10, Ynjiun P. Wang ¼g¹D¡G
> >it's not what i wanted actually... you should take a look at the
> >messages and decide if the ACK IS valid or where it becomes invalid and
> >perhaps why... it's pro
Hi,
Currently my task is to make Quintum Tenor
A400 work with freeradius. But the Quintum is not listed in the support product
list, and I check the dictionary included in the freeradius package, the
attributes is not the same with mine. Thus I'm not sure whether it can
work.
Did anyone e
Thanks for your help!
I have resolved it now!
¦b ¶g¤, 2002-11-15 00:05, Alan DeKok ¼g¹D¡G
> "Ynjiun P. Wang" <[EMAIL PROTECTED]> wrote:
> > I checked rlm_eap_tls-0.8-pre.so using ldd and found that "libssl.so.0.9.8 => not
>found". Is this normal? If not, how to
> > fix it? Thanks.
>
> Fix you
Yes, likely its the "T" version ISO (from what I've been reading off
cisco's site.
but I'll try both
Dan.
On Thu, 14 Nov 2002, Kevin Bonner wrote:
> We use IOS 12.2(4)T3 currently. Use radtest on your radius box to make sure
> all reply items are being sent as expected. That's about all I can
>it's not what i wanted actually... you should take a look at the
>messages and decide if the ACK IS valid or where it becomes invalid and
>perhaps why... it's probably invalid at the server-side, otherwise the
>server wouldn't say it. but why? and where has it been changed? is it
>wrong when comin
it's not what i wanted actually... you should take a look at the
messages and decide if the ACK IS valid or where it becomes invalid and
perhaps why... it's probably invalid at the server-side, otherwise the
server wouldn't say it. but why? and where has it been changed? is it
wrong when coming fro
I seem to be having the same issue.. seems to happen randomly about once a
week on a production server running a simple perl backend for authentication.
snippet of log...
Thu Nov 14 15:26:38 2002 : Error: WARNING: Unresponsive child (id 65559)
for request 13464
Thu Nov 14 15:26:38 2002 : Error:
Hi,
I captured the log file and it shows the message exchanged between Radius
server and XP client. I hope this shed some
light about the "rlm_eap_tls: Invalid ACK received" problem:
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp.
Ready to process request
Thanks for the tip. I grabbed today's 11/14 CVS snapshot. Does anybody know aLinux Radius client that can send EAP messages? If not I'll look at the rlm_eapcode and see what I can do with radclient.c.DaveAlan DeKok <[EMAIL PROTECTED]> wrote:
Dave Mason <[EMAIL PROTECTED]> wrote:
> I have
hi
> "rlm_eap_tls: Received EAP-TLS ACK message
> rlm_eap_tls: Invalid ACK received
>modcall[authenticate]: module "eap" returns invalid"
> I know I am very close. Just don't know where to proceed to fix the problem.
> I compared with the sample log file:
> "rlm_eap_tls: Received EAP-TLS ACK
On Thu, Nov 14, 2002 at 04:09:34PM -0600, Chris Parker wrote:
> >modcall: entering group authorize^M
> > hints: Matched DEFAULT at 64^M
> > modcall[authorize]: module "preprocess" returns ok^M
>
> What is in your 'hints' file? Let me guess, you have some @buoy.com
> stuff there?
Yup. Good call
At 04:55 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
On Thu, Nov 14, 2002 at 04:37:05PM -0500, [EMAIL PROTECTED] wrote:
> On Thu, Nov 14, 2002 at 03:16:05PM -0600, Chris Parker wrote:
> > At 04:07 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
> > >Folks,
> > > I have just picked up another dial
Hi,
I did follow HOWTO setup and create run-radiusd wrapper to include the lib. I
just try to double check whether I got
everything right. In order to get a clean setup again, I use another machine to
re-install everything again following
HOWTO (3 openssl stuffs and with latest freeradiu
On Thu, Nov 14, 2002 at 04:37:05PM -0500, [EMAIL PROTECTED] wrote:
> On Thu, Nov 14, 2002 at 03:16:05PM -0600, Chris Parker wrote:
> > At 04:07 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
> > >Folks,
> > > I have just picked up another dialup provider, and I'm running into
> > >a problem. My fir
At 04:37 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
On Thu, Nov 14, 2002 at 03:16:05PM -0600, Chris Parker wrote:
> At 04:07 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
> >Folks,
> > I have just picked up another dialup provider, and I'm running into
> >a problem. My first providers proxies
On Thu, Nov 14, 2002 at 03:16:05PM -0600, Chris Parker wrote:
> At 04:07 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
> >Folks,
> > I have just picked up another dialup provider, and I'm running into
> >a problem. My first providers proxies strip the realm before they
> >pass it to me. The new on
At 04:07 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
Folks,
I have just picked up another dialup provider, and I'm running into
a problem. My first providers proxies strip the realm before they
pass it to me. The new one does not, and the users don't get authenticated.
I can't figure out how o
Folks,
I have just picked up another dialup provider, and I'm running into
a problem. My first providers proxies strip the realm before they
pass it to me. The new one does not, and the users don't get authenticated.
I can't figure out how or if freeradius can strip the realm if it's part
of the
It's always the simple things that get me.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
We use IOS 12.2(4)T3 currently. Use radtest on your radius box to make sure
all reply items are being sent as expected. That's about all I can think of
to try since the items are never seen by the cisco.
Kevin
On Thursday 14 November 2002 15:19, Dan wrote:
> I did that. total debugging on rad
14-Nov-02 at 11:46, Alan DeKok ([EMAIL PROTECTED]) wrote :
Adam Moffett <[EMAIL PROTECTED]> wrote:
> At first everything seemed to be working, but then we discovered this
> very strange thing. Authentication requests from our 3Com Total
> Control unit (HiperARC V4.2.32) in which the username
At 03:32 PM 11/14/2002 -0500, maximo wrote:
the outputs are:
# gcc -v
Reading specs from /usr/local/lib/gcc-lib/sparc-sun-solaris2.7/3.0.3/specs
Configured with: ../configure --with-as=/usr/local/bin/as
--with-ld=/usr/local/bin/ld
You've told the compiler to use /usr/local/bin/as|ld, yet in you
,SPARCstation-20
Chris Parker wrote:
At 03:20 PM 11/14/2002 -0500, maximo wrote:
It´s the error with last CSV
Can you send the output of:
'gcc -v'
'uname -a'
-Chris
make[1]: Entering directory `/home/maximo/freeradius-snapshot-20021114'
Making all in src...
ma
At 03:20 PM 11/14/2002 -0500, maximo wrote:
It´s the error with last CSV
Can you send the output of:
'gcc -v'
'uname -a'
-Chris
make[1]: Entering directory `/home/maximo/freeradius-snapshot-20021114'
Making all in src...
make[2]: Entering directory `/home/m
It´s the error with last CSV
make[1]: Entering directory `/home/maximo/freeradius-snapshot-20021114'
Making all in src...
make[2]: Entering directory `/home/maximo/freeradius-snapshot-20021114/src'
make[3]: Entering directory `/home/maximo/freeradius-snapshot-20021114/src'
Ma
I did that. total debugging on radius and looking at the logs,
and even debug on the cisco.
far as I can tell the cisco never sees this.
doesnt show up in the debugs or logs anywhere...
tried += as well, and := and == just to see, none of that worked.
I'm wondering if it needs a special IOS versio
On Wednesday 13 November 2002 14:31, Dan wrote:
> testuser Auth-Type := System
> Framed-Ip-Address =
> Cisco-AVPair = "lcp:interface-config=rate-limit output 128000 32000
>64000
> conform-action transmit exceed-action drop"
This is basically what we use to se
At 02:30 PM 11/14/2002 -0500, maximo wrote:
It´s the error:
make[1]: Entering directory `/home/maximo/freeradius-0.7.1'
Try the latest CVS head.
Problem reports for 0.7.1 are not useful as there have been many
changes since then.
-Chris
--
\\\|||/// \ StarNet Inc. \
It´s the error:
make[1]: Entering directory `/home/maximo/freeradius-0.7.1'
Making all in libltdl...
make[2]: Entering directory `/home/maximo/freeradius-0.7.1/libltdl'
/bin/sh ./libtool --mode=compile gcc -DHAVE_CONFIG_H -I. -I. -I. -g
-O2 -D_
EENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU
Thanks for all the input (and kick in the head, PROXY!! duh).
~jamie
On Thu, 2002-11-14 at 10:17, Alan DeKok wrote:
> "Gene Parks" <[EMAIL PROTECTED]> wrote:
> > What about using the radius server built into the SecurID product and
> > let Freeradius proxy to it for that function?
>
> Sure,
It?s the error:
make[1]: Entering directory `/home/maximo/freeradius-0.7.1'
Making all in libltdl...
make[2]: Entering directory `/home/maximo/freeradius-0.7.1/libltdl'
/bin/sh ./libtool --mode=compile gcc -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -D_R
EENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU
14-Nov-02 at 11:46, Alan DeKok ([EMAIL PROTECTED]) wrote :
> Adam Moffett <[EMAIL PROTECTED]> wrote:
> > At first everything seemed to be working, but then we discovered this
> > very strange thing. Authentication requests from our 3Com Total
> > Control unit (HiperARC V4.2.32) in which the user
What he is saying is that pap should work fine with smb authentication but
you can not do chap because smb uses encrypted passwd and the only way that
chap will work is if the passwd is stored in plain text on the server.
- Original Message -
From: "Miriam Benham" <[EMAIL PROTECTED]>
To:
Dave Mason <[EMAIL PROTECTED]> wrote:
> I have a couple of questions about adding a new EAP module to
> freeRadius. I have version 0.7.1.
*Please* don't add new code to 0.7.1. Use the latest CVS head,
instead.
Why? No one is developing new things for 0.7.1. The latest CVS
head has many b
On Thu, 14 Nov 2002, Alan DeKok wrote:
> "Michael Fuller" <[EMAIL PROTECTED]> wrote:
> > I have implemented freeRadius 0.71 with LDAP authentication and
> > authorization. The system is working fine for the past two months. Now, I
> > want to implement per day time quotas for users. How can I do t
Adam Moffett <[EMAIL PROTECTED]> wrote:
> At first everything seemed to be working, but then we discovered this
> very strange thing. Authentication requests from our 3Com Total
> Control unit (HiperARC V4.2.32) in which the username started with a
> Capitol "S" would get the "S" stripped out w
Hi, I've just started using FreeRADIUS and I've encountered something
that's got me a little baffled.
We've been using MacRADIUS for years, but we needed something that
could support realms in order to add certain new services.
I set up a RADIUS proxy using a minimal installation of Mandrake
L
Brian Pavane <[EMAIL PROTECTED]> wrote:
> My goal is to be able to have users login into the Extreme as either
> normal (non enable/administrative) or with full configuration access.
So the NAS needs to tell the RADIUS server what it wants. See
'Service-Type' in the dictionary, or in:
"Michael Fuller" <[EMAIL PROTECTED]> wrote:
> I have implemented freeRadius 0.71 with LDAP authentication and
> authorization. The system is working fine for the past two months. Now, I
> want to implement per day time quotas for users. How can I do this ? I saw
> some references to
> Max-Daily- se
Remus Anca <[EMAIL PROTECTED]> wrote:
> i'll never ask before -X ...
> and i don't see what's wrong :(
...
> accounting {
> radutmp
> sql
> sradutmp
> }
The accounting messages get logged in radutmp,
The debug output you posted showed that you were only getting log
All,
I am currently trying to get freeradius-0.7.1 to work with an Extreme
Networks Summit 24 switch. The Extreme Switch is running "Extremeware
Version 4.1.19 (Build 2)".
My goal is to be able to have users login into the Extreme as either
normal (non enable/administrative) or with full conf
"Gene Parks" <[EMAIL PROTECTED]> wrote:
> What about using the radius server built into the SecurID product and
> let Freeradius proxy to it for that function?
Sure, that would work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Jeremy Salch <[EMAIL PROTECTED]> wrote:
> > Does anyone know how to get Freeradius working with CISCO LEAP?
>
> It can't. . LEAP is a Cisco Proprietary EAP type to cisco.. you'll have to
>shell
> out the cash for this one.
Either to buy Cisco's RADIUS server, or to pay someone to impl
"Ynjiun P. Wang" <[EMAIL PROTECTED]> wrote:
> I checked rlm_eap_tls-0.8-pre.so using ldd and found that "libssl.so.0.9.8 => not
>found". Is this normal? If not, how to
> fix it? Thanks.
Fix your system, as suggested in the FAQ, the README's, and in
radiusd.conf?
Honestly, I don't understand
Hi,
I have a couple of questions about adding a new EAP module to
freeRadius. I have version 0.7.1.
1. Easy one first: Does anybody know how to send the EAP-Message
attribute with radclient? That attribute needs to contain a list of EAP
attributes and I dont know the syntax. I tried putting
In my users file I'm trying to define Simultaneous-Use for group:
==
DEFAULT Group == "ppp-simul", Simultaneous-Use := 10
Fall-Through = Yes
DEFAULT Simultaneous-Use := 1
Fall-Through = Ye
Dear Simon White,
Your answer solve my problem. 10x very very much.
Best regards,
Simon White wrote:
14-Nov-02 at 14:41, Hilmi Hilmiev ([EMAIL PROTECTED]) wrote :
Basically my question is: Which way is simple way to get any record in
RADIUS logs without dial-up access?
14-Nov-02 at 14:41, Hilmi Hilmiev ([EMAIL PROTECTED]) wrote :
> Basically my question is: Which way is simple way to get any record in
> RADIUS logs without dial-up access?
radclient is probably what you need. You have to construct a file with a
"packet" to send, e.g.:
===authcheck=== (filename)
Basically my question is: Which way is simple way to get any record in
RADIUS logs without dial-up access?
Hilmi Hilmiev wrote:
Hi all,
I have FreeBSD + OpenLDAP + FreeRADIUS + MySQL. My target: RADIUS with
LDAP authentication and logs in MySQL. But I have problem, with
testing that work or
On Thu, 2002-11-14 at 13:22, BUTTI Laurent FTRD/DTL/ISS wrote:
> My Orinoco AP-2000 seems to send 2 broadcast and 1 unicast WEP keys.
ok. I don't really see the point in distributing more than one
broadcast key, but of course it nothing wrong with doing it.
> > Not quite. It will send (at least)
Olá, sou novo na lista,
teste
freeradius-users
I am using DIGI'S PortServer as NAS, freeradius as radius
server,authentication is ok,but accounting is wrong,radius server complain "Invalid
signature ".Is radius server misconfiguration or other reason?
thanks
Title: Re: EAP-TLS re-keying
Lars Viklund wrote:
> > From: BUTTI Laurent FTRD/DTL/ISS [mailto:[EMAIL PROTECTED]]
> > Sent: den 13 november 2002 18:43
> > To: [EMAIL PROTECTED]
> > Subject: EAP-TLS re-keying
>
> > I have an Orinoco AP-2000 (2.0.2) and a windows XP client SP1.
> > MPPE-
Hello all,
I have implemented freeRadius 0.71 with LDAP authentication and
authorization. The system is working fine for the past two months. Now, I
want to implement per day time quotas for users. How can I do this ? I saw
some references to
Max-Daily- session in Radiusd.conf, but how can I imple
Hi all,
I have FreeBSD + OpenLDAP + FreeRADIUS + MySQL. My target: RADIUS with
LDAP authentication and logs in MySQL. But I have problem, with testing
that work or not. When I start RADIUS server in debug mod option -X,
everything is OK:
rlm_sql: Driver rlm_sql_mysql loaded and linked
rlm_sql
l)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
radutmp: filename = "/usr/local/var/log/radius/sradutmp"
rad
the radutmp is updated with an accounting packet, so you must put 'radutmp'
in the accounting section of radiusd.conf and configure the NAS to send
accounting packets.
At 16.54 13/11/02, you wrote:
I've read all about this subject from archives.
My radutmp file is created, (and writed) wh
62 matches
Mail list logo