haries fajar nugroho wrote:
> I wanna migrate my radius server from icradius to freeradius 2.1.5.'
2.1.6.
> In my freeradius debugging mode, the error message was :
> rad_recv: Accounting-Request packet from host x.x.x.x (* encrypted ip)
> port 1646, id=63, length=405
> Received Accounting-Requ
Just E. Mail wrote:
> I have setup a working freeRADIUS server & now want to add PostgreSQL as
> backend for storage of data. I have read the freeRADIUS documentation
> and researched the internet on this subject.
>
> What I am looking for is any kind of Step-by-Step document detailing
> sequentia
Ming-Ching Tiew wrote:
>
> May I ask if I am using sql to store the client list in
> the sql table 'nas', is there a way for me to ask freeradius
> to refresh the list ? Or is it that I must kill and restart
> freeradius ?
You have to re-start the server.
Alan DeKok.
-
List info/subscribe/u
Sam Hooker wrote:
> We're running SQL accounting for the FR servers authenticating our 802.1X
> users, now. I'm seeing some annoying duplicate entries, and am wondering if
> anyone else has had this experience:
...
> | 4a15bfef/00:23:12:07:e9:c4/74507 | [redacted] | 10.246.207.234 |
> 2009-05-
Thanks a lot guys, it's working properly now
Best regards
Anatoli
Arran Cudbard-Bell wrote:
Hi,
No. You should be running through your authorisation policies on
session resumption. All policies should be moved to the post-auth
section of the outer server.
but only the inner ser
I have setup a working freeRADIUS server & now want to add PostgreSQL as
backend for storage of data. I have read the freeRADIUS documentation
and researched the internet on this subject.
What I am looking for is any kind of Step-by-Step document detailing
sequential steps needed to setup a Po
Hi All,
I wanna migrate my radius server from icradius to freeradius 2.1.5. i
have two ras modem for my nas (patton and usr-hiper).
When I do some migration simulation, client that connect from patton
goes normally (authentication,accounting,authorization).
But when they use usr-hiper (system vers
May I ask if I am using sql to store the client list in
the sql table 'nas', is there a way for me to ask freeradius
to refresh the list ? Or is it that I must kill and restart
freeradius ?
Regards.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
John Dennis wrote:
radtest is in the utils subpackage.
Thanks.It works fine.
Jennifer
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Just E. Mail wrote:
> Installed freeradius-2.2.1 (RPM). Installation & configuration went
> well. RADIUS starts with no problem. "radiusd -XC" output shows no errors.
>
> Now I want to do some preliminary testing. In the older versions, I used
> to run the command:
>
> radtest localhost
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi folks,
We're running SQL accounting for the FR servers authenticating our 802.1X
users, now. I'm seeing some annoying duplicate entries, and am wondering if
anyone else has had this experience:
mysql> SELECT acctsessionid, username, nasipaddres
Installed freeradius-2.2.1 (RPM). Installation & configuration went
well. RADIUS starts with no problem. "radiusd -XC" output shows no errors.
Now I want to do some preliminary testing. In the older versions, I used
to run the command:
radtest localhost
and see the output to verify
John Dennis wrote:
Did you read the FAQ listed at the top. The section "Why are there
optional subpackages instead of just one package?" should have explained
it, was it not clear? If so I'll update it to make it clearer if you
explain what was not clear.
Yes I read it and read it again afte
Just E. Mail wrote:
> John Dennis wrote:
>>
>> http://wiki.freeradius.org/Red_Hat_FAQ
>>
> I read response from John Dennis and looked at the web site URL he
> provided. I am ready to install FR and I have one more question!
>
> In my setup, I plan to (1) Install FR and test it and if everythi
Hi,
> freradius-2.2.1.6-1.el5.i386.rpm
> freradius-postgresql-2.2.1.6-1.el5.i386.rpm
>
> I am pretty new to FR so please advice; do I need to install both of
> these RPMs or just the second for my setup to work?
both. the second one adds the postgres support.
alan
-
List info/subscribe/unsubsc
John Dennis wrote:
Just E. Mail wrote:
I am trying to install freeRADIUS on a CentOS 5.3 machine with
PostgreSQL-8.3.7. My plan is to first install freeRADIUS and test it
then setup PostgreSQL as the backend to store data.
Is there any freeRADIUS RPMS V#2.1.4 or newer for CentOS?
No,
On May 18, 2009, at 11:16 AM, William Taylor wrote:
Im currently using freeradius 2.1.4
I need to lookup a username in a dbm and rewrite it before sending
off the proxy request.
I have achieved this by using the below method. But I was wondering
if there was a better way.
It would seem tha
Ivan Kalik wrote:
> That's because that can't work:
>
> # Note: "type = proxy" lets you control the source IP used for
> # proxying packets, with some limitations:
> #
> # * Only ONE proxy listener can be defined.
That's actually wrong. It was true a while ago, but it's not true in
2.1
Arran Cudbard-Bell wrote:
> Yes, so have it tell the outer server... Insert the (attached) snippet
> into the authorize section of the inner server.
$ git format-patch
?
> I believe the User-Name attribute in outer.reply is cached, and
> available for use on session resumption.
Yes.
> On
> 3. RE: Freeradius-Users Digest, Vol 49, Issue 93 (Ivan Kalik)
>
>
>
>> Radius Client--> Radius Proxy
>
>> 192.168.1.2 192.168.1.3 192.168.14.3 --> IPS1(192.168.14.4)
>
>> 192.168
Marco De Magistris wrote:
> In my opinion the packet (received from Radius Client) is sent towards
> the default gateway.
Yes. That's how neteworking works.
> The following link describes the same scenario:
>
> http://www.opensubscriber.com/message/freeradius-users@lists.freeradius.org/82575.
Hi,
> How to insert "Session-Timeout" into the reply message?
use what ever method you want to insert it PERL, unlang etc.
a simple 'fix' that would be global in this example:
for 2.1.x in section of sites-enabled/default
post-auth {
Post-Auth-Type REJECT {
Ming-Ching Tiew wrote:
I just checked Coova chilli, it does it for the clients session
based on a configurable interval. But for the administrative
account of the NAS itself, it does not do any interim
accounting.
My coova-chilli DOES send interim accounting
--
Johan Meiring
Cape PC
>Post the output of radiusd -X and your user entry.
The relevant part of the freeradius output is:
---
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
rad_check_password: Found Auth-Type DIGEST
auth: type "digest"
+- entering group authen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arran Cudbard-Bell wrote:
> Hi,
>>> No. You should be running through your authorisation policies
>>> on session resumption. All policies should be moved to the
>>> post-auth section of the outer server.
>>>
>> but only the inner server knows the real
> Version 2.0.4
> We use "digest" authentication. It works properly.
> (with a little problem I will ask in another thread)
>
> The essential part of the debug:
> Thu May 21 09:41:17 2009 : Debug: ++[digest] returns ok
> Thu May 21 09:41:17 2009 : Auth: Login OK: [...@10.14.2.10/ =
> DIGEST>] (
Mauro Iorio - Smart Soft s.r.l. wrote:
> But when I run the same query in both isql and tsql the result is correct.
> So I think that unixodbc and freetds are ok. I'll try to recompile them
> anyway...
>
> Other ideas?
Instrument the FreeRADIUS source code. Follow the data from SQL,
through th
> I have an issue where i'm trying to use realms to determine what LDAP
> server to authenticate a user against. What seems to happen is that the
> realm in my users file is never matched and hence the authentication
> fails. Any help would be greatly appreciated.
>
...
> authorize {
>chap
--- On Thu, 5/21/09, Ivan Kalik wrote:
>
> > I just checked Coova chilli, it does it for the
> clients session
> > based on a configurable interval. But for the
> administrative
> > account of the NAS itself, it does not do any interim
> > accounting.
>
> Why on Earth would it? Are you going
> May I know the common practise of radius accounting, it is
> common to expect the radius client to provide "interim" accounting,
> ie it sends accounting info every so many seconds interval
> before the session is closed ?
Every so many minutes, not seconds. It doesn't make much sense to have
th
Version 2.0.4
We use "digest" authentication. It works properly.
(with a little problem I will ask in another thread)
The essential part of the debug:
Thu May 21 09:41:17 2009 : Debug: ++[digest] returns ok
Thu May 21 09:41:17 2009 : Auth: Login OK: [...@10.14.2.10/] (from client 10.14.1.5 por
Hi,
>> No. You should be running through your authorisation policies on
>> session resumption. All policies should be moved to the post-auth
>> section of the outer server.
>>
>
> but only the inner server knows the real id etc ?
>
Yes, so have it tell the outer server... Insert the (attac
Hi,
> No. You should be running through your authorisation policies on
> session resumption. All policies should be moved to the post-auth
> section of the outer server.
but only the inner server knows the real id etc ?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anatoli Logvinski wrote:
> Hi
>
> We are using dynamic VLAN assignment with freeradius 2.1.6 and
> tried to test session resumption. It looks like that freeradius
> doesn't cache all reply attributes and upon session resumption the
> VLAN assignment at
Hi
We are using dynamic VLAN assignment with freeradius 2.1.6 and tried to
test session resumption. It looks like that freeradius doesn't cache all
reply attributes and upon session resumption the VLAN assignment
attributes don't get send. Is there any way to cache these attributes?
The attrib
>
> Uh... no.
>
> If it works for Ivan, then the problem is most likely in the unixodbc
> drivers.
>
> Alan DeKok.
>
>
But when I run the same query in both isql and tsql the result is correct.
So I think that unixodbc and freetds are ok. I'll try to recompile them
anyway...
Other idea
36 matches
Mail list logo