Hi
I need some opinions.
Condition:
1. I have a local realm (suffix), xyz.com. I'm using freeradius 2.1.3+mysql.
2. My own user's username in mysql radcheck table is store in usern...@xyz.com
format
3. A person want me to proxy his prefix ABC/his-customer-usern...@myrealm to
his radius serv
>If you mean when I type a some command on cisco shell, in the cisco
>console already I show you (much more), else you mean a radius server
>then I must disappoint you there is a silent, nothing to do!
>
>If you consider for important all debug information on radius when user
>login-run some comma
If you mean when I type a some command on cisco shell, in the cisco
console already I show you (much more), else you mean a radius server
then I must disappoint you there is a silent, nothing to do!
If you consider for important all debug information on radius when user
login-run some command
Hello,
How i can solve this problem:
sometimes, some users connections stay "locked" on radius.. and with,
Simutaneous-Use resulting = 1 ...
Fri Mar 6 20:29:11 2009 : Auth: Multiple logins (max 1) [MPP attempt]:
[alines] (from client Orbit port 256018 cli xxx)
Fri Mar 6 20:29:1
>OK, I comment all unix section in site-enable/default, but result is the
>same!
>
>In pucture below I thurned on debug on cisco about accounting, therefore
>cisco work correctly, but radius server not recieve Accounting-Request? Why?
>
>001534: Mar 6 22:38:57: tty2 AAA/AUTHOR/EXEC (3942780195): P
Alan DeKok wrote:
>> "00093701a89d" Cleartext-Password == "66e3c1cd773f487d"
>
> Use:
> 00093701a89d" Cleartext-Password := "66e3c1cd773f487d
Holy cow! That was it!! And to think that I spent days
looking at config files and log files before I thought
of posting to this list.
Thank yo
OK, I comment all unix section in site-enable/default, but result is the
same!
In pucture below I thurned on debug on cisco about accounting, therefore
cisco work correctly, but radius server not recieve Accounting-Request? Why?
001534: Mar 6 22:38:57: tty2 AAA/AUTHOR/EXEC (3942780195): Port
>++[detail] returns ok
>rlm_counter: We only run on Accounting-Stop packets.
>++[daily] returns noop
>++[unix] returns fail
>Finished request 5.
unix module is failing. If you are not using it comment it out from the
accounting section.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsu
8919b0".
++[acct_unique] returns ok
[suffix] No '@' in User-Name = "userA", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[files] returns noop
+- entering group accounting {...}
[detail] expand: /var/log/radacct/%{Client-IP-Address}/
On Thu, Mar 05, 2009 at 09:19:19AM -0600, Ben Wiechman wrote:
> We set num_sql_socks to 25. We had them set to 10 but ran into issues when
> massive numbers of subscribers were attempting to enter the network at once
> - for example when we would power cycle a base station with 400 subscribers
> on
TR Missner wrote:
> Accounting packets are being written to disk using the detail function.
> Then I am shipping them off to the other radius by setting the listen
> object on the detail file.
That should be fine.
> Even with load_factor set to 100 the speed at which the detail is read
> is ver
Hmm... would it be possible to have to give *more* output? i.e. start from a
fresh directory:
$ tar -zxf freeradius-server-2.1.3.tar.gz $ cd freeradius-server 2.1.3 $
./configure $ gmake
And show the errors (not the dozens of lines saying "building foo", or the
last dozen lines saying "er
>
>Is there any way to do what I want without upgrading?
>
You can try users file:
DEFAULT Ldap-Group == staff
some reply
DEFAULT Ldap-Group == student
some other reply
DEFAULT Auth-Type := Reject
That should be at the end of the users file (ie. anything
>Now, this is still not working:
>
>having it as User-Name := '%{reply:User-Name}' still gives me an
>Access-Accept with text instead of variable value.
>Also, using double quotes yields the exact same result.
>
>
>> Sending Access-Accept of id 127 to xx.xx.xx.xx port 32785
>> User-Name = "
Leighton Man wrote:
> Tried "gmake" from the top directory and "gcc -g -O2 -D_REENTRANT
> -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG -D_LIBRADIUS
> -I/export/home/cmsxljm/freeradius-server-2.1.3/src -c dict.c -fPIC -DPIC -o
> .libs/dict.o" (copy and paste from the gmake output) fro
Huh? It compiles on 3-4 different Solaris boxes that I have access to.
Did you run "make" from the TOP directory, or by cd'ing to src/lib?
Alan DeKok.
Tried "gmake" from the top directory and "gcc -g -O2 -D_REENTRANT
-D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG -D_LIBRADIUS
Leighton Man wrote:
> Many thanks for this. I'm using 1.1.7 because it's available as a pre-built
> package on solaris for both sparc and x86 architectures. The idea is to get
> freeradius configured and working as fast as possible so it can be demo'd to
> management (I'm trying to retire Cisco
>I'm new to freeradius (3 weeks experience) and mailing lists (second attempt)
>so please have patience.
>I have freeradius 1.1.7 (prebuilt package) on Solaris 10 configured to
>authenticate against Active Directory using ntlm-auth.
>All working OK.
>Now I'm trying to return different reply att
Sorry I wasn't more clear.I am not using 1.x but most of the documentation
refers to how things were done in 1.x and because of this means nothing to
me.
I am not using syslog.
Accounting packets are being written to disk using the detail function.
Then I am shipping them off to the other radius by
> Where does the cookbook say that you should put that in ldap.attrmap?
> Where are those radius attributes defined? Some additional dictionary?
This part is not from the cookbook, it's something we intend to use
internally here at the university. The setup is based on the eduroam
guide, though, ex
M K wrote:
> Thank you for your answers. I've solved my problem, but now i have
> another one. Does anybody know, can freeradius server recieve CoA
> requests (using port 3799 or 1700) according to the rfc 3576? And how
> can i configure it if it does?
It does not receive CoA requests. If it di
Thank you for your answers. I've solved my problem, but now i have another
one. Does anybody know, can freeradius server recieve CoA requests (using
port 3799 or 1700) according to the rfc 3576? And how can i configure it if
it does?
2009/3/4 Evgeniy Kozhuhovskiy
> M K wrote:
>
>> Hello all!
>>
>I'm new to freeradius (3 weeks experience) and mailing lists (second attempt)
>so please have patience.
>I have freeradius 1.1.7 (prebuilt package) on Solaris 10 configured to
>authenticate against Active Directory using ntlm-auth.
>All working OK.
>Now I'm trying to return different reply attri
Am 06.03.2009 um 12:20 schrieb Leighton Man:
Hi,
I'm new to freeradius (3 weeks experience) and mailing lists
(second attempt) so please have patience.
I have freeradius 1.1.7 (prebuilt package) on Solaris 10 configured
to authenticate against Active Directory using ntlm-auth.
All working
Hi,
I'm new to freeradius (3 weeks experience) and mailing lists (second attempt)
so please have patience.
I have freeradius 1.1.7 (prebuilt package) on Solaris 10 configured to
authenticate against Active Directory using ntlm-auth.
All working OK.
Now I'm trying to return different reply attribu
>but cisco log about accounting evrytime send message like this
>
>Mar 6 08:57:48 192.168.255.10 210: 000207: Mar 6 08:57:48 MSK:
> %RADIUS-3-NOACCOUNTINGRESPONS
>Stop for session 0074 failed to receive Accounting Response.
>
You are wondering about accounting on your radius server
hi,
sorry for my late answer: in short:
Am Donnerstag, den 05.03.2009, 10:05 +0100 schrieb t...@kalik.net:
> Queries are in raddb/sql/mysql/dialup.conf. Have you made changes to that
> file?
no, it was commented out from myself ..., bad idea. Undo it, was the
trick. :-)
My long answer follows
Hegedus Gabor wrote:
Hi I have a question.
How can I send attributes(for example reply-message, cvpn3000, ...) in
access-reject packet.
I tried to put my exec to the post-auth section Post-Auth-Type
REJECT{}, but in this
section radius dosen't send the attribs in the reject packet.
Radius se
28 matches
Mail list logo
