Preethi,
I also encountered the same problem.For this to work i made one change in
the radiusd.conf i.e
encryption-scheme = clear
vamsi
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Preethi
Mohan
Sent: Thursday, 16 December 2004 10:13 AM
To: [EMAIL P
Preethi Mohan <[EMAIL PROTECTED]> wrote:
> I have given the following configuration in users file
> That is:
> user Auth-Type:=EAP,User-Password="hello"
I told you NOT to set "Auth-Type = EAP".
> If AuthType is set to" Local" and not "EAP" ,even the TLS
> authentication fails.Can you please he
I have given the following configuration in users file
That is:
user Auth-Type:=EAP,User-Password="hello"
FallThrough = 1
If AuthType is set to" Local" and not "EAP" ,even the TLS
authentication fails.Can you please help me.
Regards
Preethi
On Wed, 15 Dec 2004 12:26:27 -0500, Alan DeK
"George C. Kaplan" <[EMAIL PROTECTED]> wrote:
> This almost works. User 'fred' can authenticate only from huntgroup
> 'huntA' and 'sam' can authenticate only from 'huntB'. User 'george'
> can authenticate from either huntgroup, but *only* with the "georgeA"
> password, even if he's coming from hu
> L.C. (Laurentiu C. Badea)
> Sent: Wednesday, December 15, 2004 7:27 PM
> > I feel uncomfortable with something happening with logging occured.
First of all, I wanted to write "with NO logging occured" ;)
> > When talking about auth this might be ok, for acct it is
> definitely not.
> > My opin
Joe Raviele <[EMAIL PROTECTED]> wrote:
> I guess what I basically need to know what the users file should
> look like so Freeradius knows what is going on.
As simple as possible, in general.
> I was thinking along these lines:
>
> DEFAULT Auth-Type := EAP, Huntgroup-Name == 1X
Don't set Au
Sorry about that Alan, I knew the post was somewhat cryptic when I
wrote it (too many hours awake). I started off basic two years ago and
I have the set up working doing all of the authentication for the VPN
and Dial accounts since then. I am now doing some testing of adding
.1x into the mix. The u
"L.C. (Laurentiu C. Badea)" <[EMAIL PROTECTED]> wrote:
> Two issues I noticed while looking at the source for my problem: in
> threads.c I believe it would be safer to end the fork_mutex critical
> section after the forkers structure is updated (after line 1069),
> not before (1051).
>
> Also it s
Joe Raviele <[EMAIL PROTECTED]> wrote:
> I have a radius box set up using 1.0.1. Currently it is doing
> authentication and working fine. I am trying to integrate in 802.1x
> auth. I have the EAP-TTLS w/ PAP working fine with a users entry of
> "username" User-Password == "test", but I am confused
Two issues I noticed while looking at the source for my problem: in threads.c
I believe it would be safer to end the fork_mutex critical section after the
forkers structure is updated (after line 1069), not before (1051).
Also it seems like if it ran out of slots it will return without unblockin
hello,
i am trying to setup asterisk with freeradius, but i am totally lost.
at the time i write this mail, i started to read freeradius doc.
If anybody can help me, i will be very thank.
Carlos.-
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I had a similar problem with krb5 on FC2 so I compiled without krb5 which
worked fine.
CP
On Wednesday 15 December 2004 09:28, E. Dean Sahutske wrote:
> Is there no one whose seen this or had this happen to them? Is Fedora
> not an appropriate platform for Freeradius?
>
> dean
>
> [EMAIL PROTE
In my setup, I have
authorize {
...
LDAP
EAP
}
authenticate {
Auth-Type LDAP {
ldap
}
...
EAP
}
I did not have to change anything with PAP in order for it to
authenticate against my LDAP server.
On Wed, 15 Dec 2004 15:14:00 -05
> Hi,
> I had setup RADIUS server for authentication using EAP + PEAP + MSCHAPv2.
>
>In the users file I declared the user as
>
> Phani User-Password == "phani123" Calling-Station-Id == "000d549f5296"
> Reply-Message = " Ur a right user"
Do you have a comma in between that in your actu
I have a radius box set up using 1.0.1. Currently it is doing
authentication and working fine. I am trying to integrate in 802.1x
auth. I have the EAP-TTLS w/ PAP working fine with a users entry of
"username" User-Password == "test", but I am confused how the users
and authorize and authenticate se
Oh for goodness sakes. This is my first Fedora install. I didn't
realize there was a freeradius rpm.
I found where everything is and got it working. Thanks for everyone's help
dean
[EMAIL PROTECTED] wrote:
You may want to look inside the freeradius-1.0.1-1.src.rpm that comes
with FC3 for idea
Just thought I would throw in my 2 cents on this. According to the radius
accounting RFC, you should only send an accounting response when the data
has been received AND successfully recorded.
Yep that's correct, and as a matter of fact, accounting performance is quite
invisible to customers so I
I'm trying to set up a radius server (freeradius 1.0.1 on FreeBSD 5.3)
to handle two distinct sets of users, who will be using different sets
of NASes. I'd like to use rlm_passwd (because it's hashed) rather than
putting everyone in the 'users' file. But I'm having trouble handling
username colli
> Michael Markstaller wrote:
> >
> > I feel uncomfortable with something happening with logging occured.
> > When talking about auth this might be ok, for acct it is definitely not.
> > My opinion is: waht couldn't get logged shouldn't happen and when
> > replying before *trying* to log this cannot
You may want to look inside the freeradius-1.0.1-1.src.rpm that comes with FC3
for ideas on how to get yours compiled. It applies about nine patches which
you might or might not need, and the configure command looks like this:
configure \
--disable-static \
--with-gnu-ld \
Michael Markstaller wrote:
I feel uncomfortable with something happening with logging occured.
When talking about auth this might be ok, for acct it is definitely not.
My opinion is: waht couldn't get logged shouldn't happen and when
replying before *trying* to log this cannot be garuateed. perfo
"L.C. (Laurentiu C. Badea)" <[EMAIL PROTECTED]> wrote:
> With Red Hat 9 and the 2.4.20-8 kernel it does the same thing (same
> freeradius as before but rebuilt for RH 9 from the src.rpm). So it
> seems that a wider range of kernels is affected. Tried on a dual cpu
> machine with both smp and up ker
"L.C. (Laurentiu C. Badea)" <[EMAIL PROTECTED]> wrote:
> > You still haven't given reasons why they need to be *separate*
> > sections.
>
> They don't need to, from the server's point of view. They should be, to help
> the user better classify the operations the server is doing.
You haven't
Alan DeKok wrote:
"L.C. (Laurentiu C. Badea)" <[EMAIL PROTECTED]> wrote:
There's no reason to separate those two sections. They're exactly
the same thing.
I believe they are functionally different
I still don't see why. Processing of the two sections would happen
after authentication, and you
Alan DeKok wrote:
Ah. From what I recall, it's a Linux kernel bug when threads &
semaphores are used together. Using a 2.4.x kernel solves the problem.
With Red Hat 9 and the 2.4.20-8 kernel it does the same thing (same freeradius
as before but rebuilt for RH 9 from the src.rpm). So it seems t
Preethi Mohan <[EMAIL PROTECTED]> wrote:
> I have given the following configuraion in users file
>
> DEFAULT Auth Type = EAP
Don't do that. Ever.
Simply tell the server a username && password, and the server will
figure it out.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http:/
"E. Dean Sahutske" <[EMAIL PROTECTED]> wrote:
> I was able to compilethe source. I ran ./configure --without-rlm_krb5
> --without-rlm_x99_token (there was a problem with that too). What ist
> lost by not having these features enabled? When does freeradius require
> kerberos?
When you want
Preethi Mohan <[EMAIL PROTECTED]> wrote:
> Can anyone please tell me what all configuration files I
> have to modify to enable PAP tunneling in free radius.I'm always
> getting failure.I could successfully do the TTLS/MSCHAPv2
> tunneling.
If TTLS/MSCHAPv2 works, then so should PAP.
Since it
I was able to compilethe source. I ran ./configure --without-rlm_krb5
--without-rlm_x99_token (there was a problem with that too). What ist
lost by not having these features enabled? When does freeradius require
kerberos?
dean
[EMAIL PROTECTED] wrote:
Is there no one whose seen this or had t
Turns out my path was selecting the old version, installed to a slightly
different location then my newest build.
All the previous messages actually apply to 1.0.0 not 1.0.1.
Thanks.
Scott.
And btw, it appears to be working =-)
-
List info/subscribe/unsubscribe? See http://www.freeradius.or
Hi,
I had setup RADIUS server for authentication using EAP + PEAP + MSCHAPv2.
In the users file I declared the user as
Phani User-Password == "phani123" Calling-Station-Id == "000d549f5296"
Reply-Message = " Ur a right user"
Whenever the user phani wants to logon to network then he mu
/rlm_unix/.libs/rlm_unix.a
../modules/rlm_eap/types/rlm_eap_md5/.libs/rlm_eap_md5.a
../modules/rlm_eap/types/rlm_eap_leap/.libs/rlm_eap_leap.a
../modules/rlm_eap/types/rlm_eap_tls/.libs/rlm_eap_tls.a
-L/usr/local/ssl/lib
../modules/rlm_eap/types/rlm_eap_ttls/.libs/rlm_eap_ttls.a
-L/usr/local/src/free
This is from CVS HEAD as of 2004-12-15 at 6am MDT.
Any suggestions for addressing this issue?
Thanks.
Listening on authentication 10.0.0.116:1812
Listening on accounting 10.0.0.116:1813
Ready to process requests.
rad_recv: Access-Request packet from host 10.0.0.116:3848, id=164, length=74
unsubscribe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Is there no one whose seen this or had this happen to them? Is Fedora
not an appropriate platform for Freeradius?
dean
[EMAIL PROTECTED] wrote:
Has anyone seen this when trying to compile on Fedora Core 3?
Thanks,
dean
rlm_krb5.c:40:21: com_err.h: No such file or directory
rlm_krb5.c: In functi
Grab it for what? You can use the exec module to run a script on those
variables. Is that what you're looking for? Maybe if you explain what
you are trying to do, I can be more helpful.
On Wed, 15 Dec 2004 [EMAIL PROTECTED] wrote:
> Hi all,
> Can anyone please suggest me how to grab th
On Wed, 15 Dec 2004, Graeme Lee wrote:
I'm trying to implement simultaneous session usage within a PostgreSQL
database. The debug of radiusd shows the following on load:
sql: simul_count_query = "SELECT get_simul_sessions FROM
get_simul_sessions('%{SQL-User-Name}')"
sql: simul_verify_query = ""
Hi all,
Can anyone please suggest me how to grab the username , mac
address (calling-station-id) from the Access request packet.
Thanks in advance
Phani
Project Assitant
IIIT-Hyd
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, 14 Dec 2004, Paul Dlug wrote:
Excuse me if this is a simple question but I'm relatively new to RADIUS. I'm
running FreeRADIUS 1.0.0 with LDAP authentication to provide AAA for our
wireless network and cisco dial in server. I would like to restrict access by
the device so that users are
I just tested from CVS HEAD, and it's working. (after disabling some,
apparently to be new features in radiusd.conf relating to login times and
expired accounts)
I'll ride this bandwagon for now, but if you do have comments, let me know.
Thanks.
Scott.
On Wednesday 15 December 2004 05:34 am,
Hi,
I have a separate file for my users called users.individuals that is
referenced from within the main users file. The users file is straight
from the distribution.
My users.individuals file has
username Auth-Type := Local, Username == username, Password == password
Reply-Attributes..
I'm doing radtest on 10.0.0.116 to 10.0.0.116. I'm getting segfaults while
testing. I'm thinking of recompling from cvs head. Any ideas why this is
crashing?
Thanks.
Scott.
(ipaddresses, usernames and passwords are munged)
[radius]# gdb radiusd
(gdb) set args -X
(gdb) run
# radtesting on a
Hi Guy,
Thank you for your reply.I'm using XSupplicant.Also I'm using local
passwords in users.I think I have made some mistake in users file.Cau
you please tell me what all configuration I have to give in users
file.I have given the following configuraion in users file
DEFAULT Auth Type = EAP
Hi,
> Somebody tried to help me out but I am still having this problem.
> Can anybody have a solution or suggestion?
(snipp)
> >uname -m = sun4u
> >uname -r = 5.8
> >uname -s = SunOS
So we have an ordering sensitive linker. Looks like it might be my
favourite bug in the configure script:
I have seen this question before (Removing VSAs from proxied requests), but
no answers.
I have just done some detective work to find which attributes to put into
the attrs file to make EAP/TTLS work through a proxy. My only reason to
switch the attr_filter on, is to control the VLAN assgnement.
Hi Preethi,
If you use a standard radius client to send a PAP request, does it work?
Get that working and PAP as the inner authentication should work fine.
Are you using local passwords (configured in the users file) or are you
referencing another data store (/etc/passwd, ldap, sql, etc)? I've us
Hi,
I am intrested to receive the status of a user from
other domain.
I have radius proxy setup and I want to provide QoS to
foreign users in my domain based on the information I
recieve from their home domain. So, when I proxy the
authentication request to a users domain, is it
possible to re
Dear all,
I'm trying to configure the freeradius server (Version 1.0.1)for
EAP-TTLS with PAP tunneling.I'm using xsupplicant and hostapd
authenticator running on a
linux machine.Can anyone please tell me what all configuration files I
have to modify to enable PAP tunneling in free radius.I'm alw
Hello people !
Hopefully somebody is able to help me. I am playing around with FreeRADIUS
since quite some time and I wasn´t able to locate the config failure.
The FreeRADIUS server comes up with no error messages, and of course I am
running it in debug mode. Everything seems to work so far, got
freeradius-0.8.1, Linux 7.3 -
I am trying to build freeradius but I am getting the following error :
src/modules/rlm+perl/rlm_perl.c:113: undefined reference to
'boot_DyanLoader'
Can anyone point me in the right direction please.
Regards
Adrian
-
List info/subscribe/unsubscribe? See http:/
Please could anyone point me to where I can get
materials to run FR and
MySQL to AAA my hotspot clients on rh9 ground up? I am
a member of this
list and read a lot of the postings, but unfortunately
could not make much
out of it! I have also googled the internet a lot to
put me in the start, I
real
Suresh <[EMAIL PROTECTED]> wrote:
> That works.
Thanks. It will go into 1.0.2 and later versions.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
52 matches
Mail list logo