I am using the following command to my authorize function (rlm_perl) :
$RAD_REPLY{'Cisco-Command-Code'} = [EMAIL PROTECTED];
because I want to add more than one pair in the reply packet.
(final_routing is a perl array containing the desired values)
These pairs are successfully added to the
On Sun, Apr 20, 2008 at 8:45 PM, Alan DeKok [EMAIL PROTECTED] wrote:
sub wrote:
what I was expecting (but I'm not an expert, it's possible that it's
not a radius feature and I misunderstood it) is that the client
periodically sends accounting-request packets (I'm alive!) to the
server
Hi Alan,
Thanks for the update. I have read through man unlang as well.
Overlooked on the part on the additional Cisco-AVPair attribute as
it was only available after authentication is done.
I have worked around it using the proxy-inner-tunnel method to
terminal the EAP on the front radius and
++--+-+--+-+--+-+--+--+
| id | pool_name| framedipaddress | nasipaddress | calledstationid |
callingstationid | expiry_time | username | pool_key |
I found that any pair that is being inserted in the authorize section is
again inserted in
the authentication section. Is this the desired behavior?
I managed to overcome this by emptying the %RAD_REPLY hash at the
beginning of the
authenticate method :
%RAD_REPLY = {};
Thought I should
Hi,
Is free radius compliant to RFC 4186? In particular, with respect to section
10.9 which says,
The EAP server MUST obtain fresh RANDs for each EAP-SIM full
authentication exchange. More specifically, the server MUST consider
RANDs it included in AT_RAND to be consumed if the server
Alan DeKok wrote:
Walter Gould wrote:
Here's where my concerns lie - I am concerned about how many
simultaneous authentication requests that a single Freeradius server can
handle. I have read the Testimonials and the Why we're #1 pages on
the freeradius site - which says there are numerous
Phil,
on 4/21/08 3:00 AM, [EMAIL PROTECTED] at
[EMAIL PROTECTED] wrote:
Date: Mon, 21 Apr 2008 10:38:24 +0100
From: Phil Mayers [EMAIL PROTECTED]
Subject: Re: NAS with dynamic IP
To: FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Message-ID: [EMAIL PROTECTED]
We need to use a dictionary for JunOS 8.2, but the syntax seems to be
non-standard and FreeRADIUS can't recognize it:
http://pastebin.com/m6916d351
How can I translate that dictionary or make FreeRADIUS recognize it?
Thank you,
G.L.
smime.p7s
Description: S/MIME Cryptographic Signature
-
List
Hi,
We formulate our reply inside of the virtual server dealing with EAP and
send it back to the outer server. This is the only way I could think of
to insert the Inner identity into the Access-Accept. It all works
fine... however it seems there's a bug when dealing with multiple
instances
Giovanni Lovato [EMAIL PROTECTED] writes:
We need to use a dictionary for JunOS 8.2,
JUNOS and JUNOSe are two very different things. Both can use radius
however. Based on the subject and link you posted, I assume you're
talking about JUNOSe 8.2.
but the syntax seems to be
non-standard and
What freeradius version is this? Why don't you upgrade to current
version where PEAP works with default configuration with test
certifictes that are made during install? Once you check that's
working, replace them with your certificates and you will know if
certificates are the problem.
Ivan
Ivan simple becouse i have running freeradius as authorization server for
VPN (poptop) on our company infrastructure server based on CentOS5.1 . I
just want to add to that radius PEAP functionality for wirelles AP's (4 of
them currently),
i did a lot of reading about certificate generation, and i
Bjørn Mork wrote:
Giovanni Lovato [EMAIL PROTECTED] writes:
We need to use a dictionary for JunOS 8.2,
JUNOS and JUNOSe are two very different things. Both can use radius
however. Based on the subject and link you posted, I assume you're
talking about JUNOSe 8.2.
but the syntax seems
Version? If it is before 1.1.4 it will not work with Vista.
Ivan Kalik
Kalik informatika ISP
Dana 21/4/2008, David Hláčik [EMAIL PROTECTED] piše:
Ivan simple becouse i have running freeradius as authorization server for
VPN (poptop) on our company infrastructure server based on CentOS5.1 . I
Greetings folks!
I'm wondering if there is something else that other folks are using to allow
GUI administrative access to FreeRadius w/MySQL-stored user databases.
I'm noticing that the Dialup-Admin web interface is leaving a LOT to be
desired, and doesn't appear to be keeping up with the
16 matches
Mail list logo
