2008/11/4 Sergio Belkin [EMAIL PROTECTED]:
2008/11/4 Alan DeKok [EMAIL PROTECTED]:
Sergio Belkin wrote:
I think is worthwhile to remark that that problem exists even using
OpewnWRT on Linksys WRT54GL and not using original firmware...
Which may be based on similar code to the original
Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
.
Thanks in advance!
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
2008/10/27 Sergio Belkin [EMAIL PROTECTED]:
2008/10/27 [EMAIL PROTECTED]:
detail auth_log {
detailfile =
${radacctdir}/requests/%{Client-IP-Address}/auth-detail-%Y%m%d_%{EAP-Type}
# detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d
..
But still, it says nothing
But still, it says nothing if supplicant is using TTLS or PAP which is
what I'd like to see as filenames suffixes. Am I missing something?
Thanks in advance!
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http
://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-IP-Address = 111.111.111.111
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
to know if your problems have been fixed with Asus WL-G330ge.
Also, I think that overlapping channels can be causing the error, so
I'll change that...
Greets-
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See
/src'
gmake[1]: *** [common] Error 2
gmake[1]: Leaving directory `/root/freeradius-server-2.1.0'
make: *** [all] Error 2
[snip]
What's wrong?
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http
2008/9/12 Alan DeKok [EMAIL PROTECTED]:
Sergio Belkin wrote:
I have a freeradius 2.0.2 working fine with no problems on Centos 5
x86_64, I had no problem at compiling time. I want to test version
2.1.0 from freeradius. But it failed as follows:
This is a configure script issue that's fixed
is Just Fine.
That's what Sergio seemed to be getting at in changing with the Makefile
to have a CA rather than the server sign the client cert. Is that the
better way?
Is the answer to give the server the right to sign the cert, and if so
how you do it so as to complete the root CA-server-client
Ivan Kalik escribió:
However, there may be multiple servers, each with its own cert. Why
should a client cert be signed by one server when it may be used with
other servers?
(radius) Server certificate doesn't have to be unique. You can copy the
same certificate to all the radius servers
Sergio escribió:
Hi,
also was so many others. At this time i have got one eap module which
authenticates users under a PKI. My client certs are issued by root ca
(ca.pem) and everything works. I can manage the crl, because it is
public, and authenticate any user against any server. So my
Alexandre Chapellon escribió:
ok then I know what to do today to stop feeling stupid on this list :p
Alan DeKok a écrit :
http://deployingradius.com/book/
Only parts of the first chapter are online. It covers the basic
concepts behind RADIUS, and should hopefully address a number of
Hi,
also was so many others. At this time i have got one eap module which
authenticates users under a PKI. My client certs are issued by root ca
(ca.pem) and everything works. I can manage the crl, because it is
public, and authenticate any user against any server. So my question is,
what's
Alan DeKok escribió:
Rafiqul Ahsan wrote:
I am facing some challenges on building Freeradius 2.0.5 (Solaris OS)
with openssl version 0.9.8h. The Solaris 10 come with prebuilt openssl
version, and found at /usr/sfw/bin/openssl, version 0.9.7d. Prior to
building freeradius I built newer
Alan DeKok escribió:
Sergio wrote:
Please developers :) i only have a question:
can freeradius and a client perform a rsa key exchange?
There is no code to do *ephemeral* key exchange. *Normal* key
exchange is part of the SSL protocol.
See the SSL specifications, and the OpenSSL
Anders Holm escribió:
[snip]
rlm_pap: WARNING! No known good password found for the user.
Authentication may fail because of this. //Normal, i am not
willing to do PAP but mschapv2
me If you’re not using a module, disable it. All it’ll do is add
latency, delays and
Hi,
Has anybody ever change the type of key exchange using eap-tls?
eap.conf:
.
rsa_key_exchange = yes
dh_key_exchange = no
rsa_key_length =1024
dh_key_length...
...
output of radiusd -X
Module: Instantiating eap-tls
tls {
rsa_key_exchange = yes
Reveal MAP escribió:
installing ca.der and putting user pass into client machine, the
authentication doesn't work?
-- no, it doesn't!
you only need ca.der but, if you have an active directory like LDAP,
check if your comunication with AD server also have tls authentication.
Into ldap
: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Envoyé le : Jeudi, 24 Juillet 2008, 19h54mn 32s
Objet : Re: cert bootstrap bug? (was Re: definitively, I have a
problem with eap-tls)
Sergio wrote:
But the debug I posted shows that radius doesn't recognize the issuer of
client cert
open!
- Message d'origine
De : Sergio [EMAIL PROTECTED]
À : FreeRadius users mailing list freeradius-users@lists.freeradius.org
Envoyé le : Vendredi, 25 Juillet 2008, 13h20mn 54s
Objet : Re: Re : cert bootstrap bug? (was Re: definitively, I have a
problem with eap-tls)
Reveal MAP
nf-vale escribió:
Are you using vista supplicant? By reading the last lines of your radius
debug file it seems so...
See earlier posts with subject: PEAP or TTLS and Microsoft Vista.
Sex, 2008-07-25 às 17:10 +, Reveal MAP escreveu:
installing ca.der and putting user pass into
Sorry, I'll do the things right jeje
Log using default configuration except:
-default_eap_type = tls into eap.conf
-client 192.168.0.0/24 {
secret = testing123
shortname = kely
}
into clients.conf, and ap configuration ok (still not in the garbage)
Phil Mayers escribió:
Sergio wrote:
Sorry, I'll do the things right jeje
I haven't been reading all your emails, but what I have read is very
confusing. So I'm sorry if I misunderstand.
The error message seems very very clear.
FreeRadius cannot verify the client certificate.
This means
Phil Mayers escribió:
ok :) I provide certificate files and eap.conf in a tar ball to not
to post a mail too long.
If I print [EMAIL PROTECTED] in text form I see how radius is the
issuer of the certificate. This is the default PKI and I don't know
what I'm doing wrong.
Thanks for your
Alan DeKok escribió:
Phil Mayers wrote:
Alan - it does look to my untrained eye as if the client.crt Makefile
target in /etc/raddb/certs is signing the client key with the server
key. Is this intentional, or a bug?
It's intentional. It's a perfectly valid use of certificate chains.
Alan DeKok escribió:
Phil Mayers wrote:
Alan - it does look to my untrained eye as if the client.crt Makefile
target in /etc/raddb/certs is signing the client key with the server
key. Is this intentional, or a bug?
It's intentional. It's a perfectly valid use of certificate chains.
Sergio escribió:
HI,
continuing with Reveal MAP problem with unknown ca's under eap-tls
using default configuration
private_key_file = ${certdir}/server.pem
certificate_file = ${certdir}/server.pem
CA_file = ${cadir}/ca.pem
freeradius tell me this:
rlm_eap_tls: TLS 1.0 Handshake [length
Sergio escribió:
Sergio escribió:
HI,
continuing with Reveal MAP problem with unknown ca's under eap-tls
using default configuration
private_key_file = ${certdir}/server.pem
certificate_file = ${certdir}/server.pem
CA_file = ${cadir}/ca.pem
freeradius tell me this:
rlm_eap_tls: TLS 1.0
HI,
continuing with Reveal MAP problem with unknown ca's under eap-tls
using default configuration
private_key_file = ${certdir}/server.pem
certificate_file = ${certdir}/server.pem
CA_file = ${cadir}/ca.pem
freeradius tell me this:
rlm_eap_tls: TLS 1.0 Handshake [length 0bdb], Certificate
[EMAIL PROTECTED] escribió:
Hi,
Has anyone ever done the porting of freeradius from Linux to Windows?
I need this as I am not getting the source code for the Windows
version of freeradius. If that can be got from some location or in
case someone has it. Please let me know.
I am really
Reveal MAP escribió:
hi,
I use freeradius 2.0.5 and openSUSE 10.3
i ran bootstrap script + make client.pem, make.client.p12,
- I imported ca.der on my xp laptop, located at the CA Authorithy
containeer.
I imported server.p12 too (just to verify the signature) and
everything is Ok
- But when
Reveal MAP escribió:
Thank you Sergio for your answer.
- windows says too that one of the certificate authority seems to not
be able to deliver certificate or can't be used as final entity...
so, I tried what you said: install Server.p12 as intermediate CAr,
without resolving the problem
Reveal MAP escribió:
Installing ca.der, server.crt and client.crt, i obtain exactly the
same result!!
- Message d'origine
De : Sergio [EMAIL PROTECTED]
À : FreeRadius users mailing list freeradius-users@lists.freeradius.org
Envoyé le : Dimanche, 13 Juillet 2008, 16h59mn 38s
Objet : Re
Hi,
my users file contains this:
YEBENES MORENO, SERGIO (AUTENTICACIÓN)
NOMBRE YEBENES MORENO SERGIO
my sites-enabled/default contains this
authorize {
..
if (User-Name == YEBENES MORENO, SERGIO (AUTENTICACIÓN)) {
DNIe
}
elsif (User-Name == NOMBRE YEBENES
Reveal MAP escribió:
Thanx for your help Sergio, but it is exactly the same!! it doesn't work.
- Message d'origine
De : Sergio [EMAIL PROTECTED]
À : FreeRadius users mailing list freeradius-users@lists.freeradius.org
Envoyé le : Dimanche, 13 Juillet 2008, 18h51mn 41s
Objet : Re
Fernando escribió:
Sergio wrote:
Fernando escribió:
Sergio Yébenes Moreno wrote:
Ivan Kalik escribió:
Ok. DNIe gives PUBLIC access control, to a public network
(university, madrid Wifi (jeje, gallardón va de rey alcalde)
etc), Dinamic keys, and all in 802.1x and, in consequence,
802.11i
Ivan Kalik escribió:
AUTENTICACIÓN is a suffix of user-name, but only for those
certificates that are subordinated to FNMT ca. NOMBRE is a prefix of
user-name which have DNIe, subordinated to another ca. I want to
configure two virtual servers based on this details, if I can.
OK. I had
Ivan Kalik escribió:
AUTENTICACIÓN is a suffix of user-name, but only for those
certificates that are subordinated to FNMT ca. NOMBRE is a prefix of
user-name which have DNIe, subordinated to another ca. I want to
configure two virtual servers based on this details, if I can.
OK. I had
Ivan Kalik escribió:
file autorizados contains this
user1Cleartext-Password :=
Reply-Message = Autorizando.
Fall-Through = No
That's not going to work. You can't make EAP-TLS use passwords.
That's work
I had to make this because I'm not the signer
Fernando escribió:
I don't understand, what is your goal?
Sergio Yébenes Moreno wrote:
Using eap-tls we can make a filter to users, based on different
attibutes (I think). In my case, the identity field in
wpa_supplicant.conf.
Freeradius config:
file users contains
Fernando escribió:
let me see... at this time... can all client with a valid
certificate gain access to the network?
Sergio Yébenes Moreno wrote:
Fernando escribió:
I don't understand, what is your goal?
Sergio Yébenes Moreno wrote:
Using eap-tls we can make a filter to users, based
Fernando escribió:
let me see... at this time... can all client with a valid
certificate gain access to the network?
Sergio Yébenes Moreno wrote:
Fernando escribió:
I don't understand, what is your goal?
Sergio Yébenes Moreno wrote:
Using eap-tls we can make a filter to users, based
Fernando escribió:
Sergio Yébenes Moreno wrote:
Fernando escribió:
let me see... at this time... can all client with a valid
certificate gain access to the network?
Sergio Yébenes Moreno wrote:
Fernando escribió:
I don't understand, what is your goal?
Sergio Yébenes Moreno wrote
Alan DeKok escribió:
Sergio Yébenes Moreno wrote:
I don't want to use passwords.
Then why did the configurations you posted use passwords?
Now I want to put 3 virtual server, one for DNIe and one for another
public CA (FNMT) that have less range than DNIe. I'd like to ask you
Ivan Kalik escribió:
first, freeradius looks in users file, and only if client is authorized,
checks DNIe. There aren't any problem, only want to show, maybe help
somebody, and to show Ivan Kalik how clients and servers can trust in
different ca's.
Oh, but I know exactly what you have
Fernando escribió:
Sergio Yébenes Moreno wrote:
Ivan Kalik escribió:
Ok. DNIe gives PUBLIC access control, to a public network
(university, madrid Wifi (jeje, gallardón va de rey alcalde) etc),
Dinamic keys, and all in 802.1x and, in consequence, 802.11i. But
probably we don't want everybody
Alan DeKok escribió:
Sergio Yébenes Moreno wrote:
Oh, I'll try this. Really empty password is shit. Thanks
I think it's time for you to be polite.
Cursing at people who are trying to help you is inappropriate.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http
Fernando escribió:
Sergio Yébenes Moreno wrote:
Ivan Kalik escribió:
Ok. DNIe gives PUBLIC access control, to a public network
(university, madrid Wifi (jeje, gallardón va de rey alcalde) etc),
Dinamic keys, and all in 802.1x and, in consequence, 802.11i. But
probably we don't want everybody
Ivan Kalik escribió:
If I don't put Cleartext-Password := field (!!!), the user always be
rejected. Can anybody to explain this?I haven't tried with some password, because
results me ridiculous, I haven't configure any password for clients...
Let's put that to the test. Put
Ivan Kalik escribió:
The situation that you exposed logically works. But I can't authorize
all users in spite of having a valid certificate, because the public
PKI.
.. what? You can authenticate some users (which) - what's the problem
with the others?
Any problem now
Then,
Kwok Sianbin escribió:
Thanks for the tips.
If the certificates are fine then
the only problem here is the radius server.
XP can not authenticate the client can't get connected.
here the output
Ready to process requests.
User-Name = MarsNet_Client
NAS-IP-Address = 0.0.0.0
Gaurav Kansal escribió:
Hi
I am trying to use EAP-TLS between wpa_supplicant and freeradius. I
created the certificates (ca/server/client) as mentioned in
freeradius-server-2.0.5/raddb/certs/README. In
freeradius-server-2.0.5/raddb/users, following line is added at end:
testuser
://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I've posted a problem verifying client certicicate, because this is
signed by an intermediate ca, this signed by root ca. Both intermediate
and root are public authorities and I don't have any of two private
keys, only my client provate key. Te point is very simple, having
intermediate.pem and
Hi
I'm using freeradius-server-2.0.4 with eap-tls. I have a client cert
signed by an intermediate authority B.pem . If I put CA_file = B.pem
in eap.conf, I have this log:
.
rlm_eap_tls: Done initial handshake
rlm_eap_tls: TLS 1.0 Handshake [length 05f2], Certificate
-- verify
= 0x9919cd335c2d96b125469208dd722a9d
Thanks in advance
2008/6/26 Sergio Belkin [EMAIL PROTECTED]:
2008/6/26 Alan DeKok [EMAIL PROTECTED]:
Sergio Belkin wrote:
What am I doing wrong?
You are running auth_log BEFORE eap?
Alan DeKok.
I have the following in sites-enabled/default :
Which has auth_log BEFORE eap, which
Hi,
using freeradius with EAP-TLS, the CommonName field of client
certificate contains this: pepe
If my file raddb/users constains this: pepe123 Auth-Type := EAP
Radius sends an Access-Acept and they shouldn't.
Can anybody help me?
Thanks a lot
-
List info/subscribe/unsubscribe? See
Alan DeKok escribió:
Sergio Yébenes Moreno wrote:
using freeradius with EAP-TLS, the CommonName field of client
certificate contains this: pepe
If my file raddb/users constains this: pepe123 Auth-Type := EAP
Radius sends an Access-Acept and they shouldn't.
(1) EAP-TLS authenticates
I'm configuring freeradius server with opensc client-side. I'd like to say if
freeradius has support for PKCS#11.
In wpa_supplicant log I see how client writes TLS-ChangeCipherSpec and
TLS-Finished. This means that the server has authenticated but freeradius show
TLS error because client do not
David Wood escribió:
Hi Sergio,
In message [EMAIL PROTECTED], Sergio Yébenes Moreno
[EMAIL PROTECTED] writes
I'm configuring freeradius server with opensc client-side. I'd like
to say if freeradius has support for PKCS#11.
In wpa_supplicant log I see how client writes TLS-ChangeCipherSpec
2008/6/25 Alan DeKok [EMAIL PROTECTED]:
Sergio Belkin wrote:
I use freeradius 2.0.2, and people can use either ttls or peap as they
want (or can). I'd want to know if it's possible to see what EAP
methodare using users through radius logs...
The EAP type is available in the EAP-Type
2008/6/26 Alan DeKok [EMAIL PROTECTED]:
Sergio Belkin wrote:
Alan, Do I need to use rlm_perl anyway?
No. The EAP-Type attribute is added by the EAP module. Once the
attribute is there, it can be used, edited, updated, etc. just like
User-Name, or NAS-IP-Address.
Alan DeKok.
I edited
2008/6/26 Alan DeKok [EMAIL PROTECTED]:
Sergio Belkin wrote:
I edited so radiusd.conf:
detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d%{EAP-Type}
and added EAP-Message =* ANY to attrs file, but I see no difference
(any file witt a new name wasn't created)
What am I
2008/6/26 Alan DeKok [EMAIL PROTECTED]:
Sergio Belkin wrote:
What am I doing wrong?
You are running auth_log BEFORE eap?
Alan DeKok.
I have the following in sites-enabled/default :
Which has auth_log BEFORE eap, which is WRONG.
How do you expect to log the EAP type when the EAP
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I have no idea about how to use rlm_perl, would you recommend me some
documentation or usage example?
Thanks in advance!
2008/6/24 Ivan Kalik [EMAIL PROTECTED]:
You can log EAP-Type attribute with rlm_perl.
Ivan Kalik
Kalik Informatika ISP
Dana 24/6/2008, Sergio Belkin [EMAIL PROTECTED
2008/6/24 Sergio Belkin [EMAIL PROTECTED]:
I have no idea about how to use rlm_perl, would you recommend me some
documentation or usage example?
Thanks in advance!
2008/6/24 Ivan Kalik [EMAIL PROTECTED]:
You can log EAP-Type attribute with rlm_perl.
Ivan Kalik
Kalik Informatika ISP
and not depend of telepathy. Because of this, I like so much Linux.
Linux it's not a perfect OS, but it tell you when you must run either
root or take more privileges.
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe
.
}
}
Errors initializing modules
Thanks in advance!
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radiusPassword attribute at all.
Ivan Kalik
Kalik Informatika ISP
Dana 30/4/2008, Sergio Belkin [EMAIL PROTECTED] piše:
Hi,
I've added an new attribute called radiusPassword this a clear-text
password exclusively for radius usage. I want that:
1) All Linux, MAC OS X, and all Windows
:= whatever
You don't need radiusPassword attribute at all.
Ivan Kalik
Kalik Informatika ISP
Dana 30/4/2008, Sergio Belkin [EMAIL PROTECTED] piše:
Hi,
I've added an new attribute called radiusPassword this a clear-text
password exclusively for radius usage. I want that:
1
? See
http://www.freeradius.org/list/users.html
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
checkItem Cleartext-Password clrtxtPassword
checkItem User-Password userPassword
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio
{
}
}
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
2008/4/29 Arran Cudbard-Bell [EMAIL PROTECTED]:
Sergio Belkin wrote:
Hi,
I had been using EAP-TTLS, but I've commented in an earlier post, I
have no luck with securew2 and Vista. So I am planning use a
secondary password for radius in clear-text. But I'd want to know if
TTLS
radiusLoginLATPort
replyItem Reply-MessageradiusReplyMessage
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
2008/4/29 Ivan Kalik [EMAIL PROTECTED]:
That probably won't work in 2.0. Mapping to Cleartext-Password will.
I am using 2.0.2 :)
Ivan Kalik
Kalik Informatika ISP
Dana 29/4/2008, Sergio Belkin [EMAIL PROTECTED] piše:
2008/4/29 Ivan Kalik [EMAIL PROTECTED]:
You need to add
2008/4/27 Tural Kaptan [EMAIL PROTECTED]:
Dear Sergio,
Sorry for the delay in the reply, I just wanted to drop you a note related
to the problem that you have mention in your e-mail to freeradius-users
lists on 18th of April ..
We had experienced the same problem with some Vista
}
}
pre-proxy {
}
post-proxy {
eap
}
EOF
thanks in advance!
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Good Point :D
Port 1813 is filtered, thanks Ivan I'll see if modifying that it works.
2008/4/25, Ivan Kalik [EMAIL PROTECTED]:
Is your NAS sending accounting packets?
Ivan Kalik
Kalik Informatika ISP
Dana 25/4/2008, Sergio Belkin [EMAIL PROTECTED] piše:
I see any detail-%Y%m%d log
Hi, how can I get the NAS-IP-Address in radius.log?
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
.
#
shortname = localhost
shortname is printed in the log. Put NAS IP there if you want it in
radius.log.
Ivan Kalik
Kalik Informatika ISP
Dana 23/4/2008, Sergio Belkin [EMAIL PROTECTED] piše:
Hi, how can I get the NAS-IP-Address in radius.log?
--
--
Open
Message-Authenticator = 0x955e4a648595f3ae5dd7f3486dea99f4
Great!
2008/4/23, Ivan Kalik [EMAIL PROTECTED]:
That will be logged in your accounting log.
Ivan Kalik
Kalik Informatika ISP
Dana 23/4/2008, Sergio Belkin [EMAIL PROTECTED] piše:
Thanks Ivan,
I know that :) But I want get IP
tool...
I am using encrypted password in LDAP and it seems that have no chance
to use someting different as EAP-TTLS with PAP.
I'd thank your help.
Thanks in advance.
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe
Only a clarification:
It happens that many laptops with Vista due a unknown reason
(at least for me) prevents that securew2 appears
I mean: It happens that many laptops with Vista due a unknown reason
(at least for me) prevents that securew2 dialog box appears
2008/4/18, Sergio Belkin [EMAIL
2008/4/18, Charlie B [EMAIL PROTECTED]:
Hello Sergio,
We find (depending on the version of vista) that the bubble doesn't appear
however you can have the user enter there information within the profile
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
OK: [anonymous] (from client
wireless-jj port 29 cli 0016347e5a76)
Greets.
2008/3/13, Sergio Belkin [EMAIL PROTECTED]:
Hi,
I am radius 2.0.2 that is working fine, I am using EAP with TTLS. I
found a line that it worried a bit in the logs:
Auth: Login OK: [whateveruser-1]
Auth: Login OK
is using this software and could get working Vista,
tell me how you did it.
Thanks in advance!
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
against a LDAP server)
That use_tunneled_reply=no has to do with it? Should I turn on yes? Is
it a security risk?
Thanks in advance!
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http
://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
2008/3/5, Matt Garretson [EMAIL PROTECTED]:
Sergio Belkin wrote:
I can't compile freeradius-2.0.2 on Centos 5.1 x86_64. It outputs:
/usr/lib/libltdl.so: could not read symbols: File in wrong format
collect2: ld returned 1 exit status
You might try using your system's own libtool. Try
://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Sorry for insist on, but is right that in debug mode show the user
password, even using tunnel?
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
that
password could be sniffed when radius is not running in debug mode??
Thanks in advance...
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
101 - 200 of 257 matches
Mail list logo