Re: PEAP problem - HELP PLEASE
Thanks everyone for your help, yes Brian, you are right, i made a mistake when I wrote my users entry in the last mail! I wanted to say: ourson User-password = "testtest" In fact your right for the = which is better to be renplaced by == here. But in reallity, I didn't put any space on my user paswword I tried to put this entry: ourson User-Password == "a" Reply-Message = " YSS, %u" With this, I tought that if authentication were bad, my reply message won't appear, isn't it right? But in fact, I have already the same error, but in response I have my reply message! It's very strange. here are my last logs : rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate for request 0 rlm_eap: Identity does not match User-Name, authentication failed. rlm_eap: Failed in handler modcall[authenticate]: module "eap" returns invalid for request 0 modcall: group authenticate returns invalid for request 0 auth: Failed to validate the user. Login incorrect: [ourson/] (from client AP1 port 37 cli 000af49c507f)Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 113 to 192.168.1.2:3186 Reply-Message = " yeess" Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 113 with timestamp 3fdf0ed2 Nothing to do. Sleeping until we see a request. I really don't understand how radiusd can say : "Identity does not match User-Name, authentication failed" and [ourson/] ... It seems that no password is sent from my supplicant..?? I tried to do radtest from another unix machine and it works : ... rad_recv: Access-Request packet from host 192.168.1.1:32769, id=85, length=58 User-Name = "ourson" User-Password = "a" NAS-IP-Address = 255.255.255.255 NAS-Port = 10 modcall: entering group authorize for request 6 modcall[authorize]: module "preprocess" returns ok for request 6 modcall[authorize]: module "chap" returns noop for request 6 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 6 rlm_realm: No '@' in User-Name = "ourson", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 6 users: Matched ourson at 97 modcall[authorize]: module "files" returns ok for request 6 modcall[authorize]: module "mschap" returns noop for request 6 modcall: group authorize returns ok for request 6 auth: type Local auth: user supplied User-Password matches local User-Password radius_xlat: ' YSS, ourson' Sending Access-Accept of id 85 to 192.168.1.1:32769 Reply-Message = " YSS, ourson" Finished request 6 Going to the next request --- Walking the entire request list --- Cleaning up request 5 ID 170 with timestamp 3fdf22be Waking up in 6 seconds... I think that freeradius is well configured and it must be a windows or Access Point problem, don't you think so? Please if someone knows or just have an idea, tell me !! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PEAP problem - HELP PLEASE
[EMAIL PROTECTED] wrote: Hi Alan! Thanks for your help. I did what you told me, but it seems that it wasn't the only error I made... I put in the users file : ourson User-Password = " testtest" i think i see two potential issues here ... one is noted in the logging: [/usr/local/etc/raddb/users]:156 WARNING! Changing 'User-Password =' to 'User-Password ==' ?for comparing RADIUS attribute in check item list for user ourson the operator that's needed is "==", not just "=" ... but radius sorta fixed that in the request, as the logs note. the other potential issue: the space before the password begins. assuming that the password gets encrypted into the EAP-Message ( something i'm thinking happens ... but i'm not sure of ), that space is getting added to the encypted string and will never match. and my user on the XP supplicant is also the same, but authentication is still impossible! I really don't understand because the same error message appears even if I change the users file like I show you before. I am asking myself about which options must be put on the MS-CHAP module (on radiusd.conf) ? I didn't change any options on the MS-CHAP module ( use_mppe, require_encryption, require_strong with a # before), but is it necessary?? (I tried quickly to put these options = yes ,but I had same results) If you have any idea about what is wrong with my configuration, please tell me! here are my log with the beginning of freeradius when it's launched: + LD_LIBRARY_PATH=/usr/local/ssl-end/lib + LD_PRELOAD=/usr/local/ssl-end/lib/libcrypto.so + export LD_LIBRARY_PATH LD_PRELOAD + /usr/local/sbin/radiusd -X -y -z Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/etc/raddb/clients.conf Config: including file: /usr/local/etc/raddb/snmp.conf Config: including file: /usr/local/etc/raddb/sql.conf main: prefix = "/usr/local" main: localstatedir = "/usr/local/var" main: logdir = "/usr/local/var/log/radius" main: libdir = "/usr/local/lib" main: radacctdir = "/usr/local/var/log/radius/radacct" main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = yes main: log_file = "/usr/local/var/log/radius/radius.log" main: log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass = yes main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid" main: user = "(null)" main: group = "(null)" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: checkrad = "/usr/local/sbin/checkrad" main: proxy_requests = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients Using deprecated clients file. Support for this will go away soon. read_config_files: reading realms Using deprecated realms file. Support for this will go away soon. radiusd: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = "crypt" Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = yes mschap: require_strong = yes mschap: passwd = "(null)" mschap: authtype = "MS-CHAP" Module: Instantiated mschap (mschap) Module: Loaded eap eap: default_eap_type = "peap" eap: timer_expire = 60 eap: ignore_unknown_eap_types = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = "(null)" tls: pem_file_type = yes tls: private_key_file = "/sauv-certif/cert/new/serveur6.pem" tls: certificate_file = "/sauv-certif/cert/new/serveur6.pem" tls: CA_file = "/sauv-certif/cert/new/root.pem" tls: private_key_password = "saucisson" tls: dh_file = "/sauv-certif/cert/new/dh" tls: random_file = "/sauv-certif/cert/new/random" tls: fragment_size = 1024 tls: include_length = yes tls: check_crl = no rlm_eap: Loaded and initialized type tls peap: default_eap_type = "mschapv2" peap: copy_request_to_tunnel = no peap: use_tunneled_reply = no rlm_eap: Loaded and initialized type peap rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups" preprocess: hints = "/usr/local/etc/raddb/hints" preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_j
Re: PEAP problem - HELP PLEASE
Hi Alan!
Thanks for your help.
I did what you told me, but it seems that it wasn't the only error I made...
I put in the users file :
ourson User-Password = " testtest"
and my user on the XP supplicant is also the same, but authentication is
still impossible! I really don't understand because the same error message
appears even if I change the users file like I show you before.
I am asking myself about which options must be put on the MS-CHAP module
(on radiusd.conf) ?
I didn't change any options on the MS-CHAP module ( use_mppe,
require_encryption, require_strong with a # before), but is it necessary??
(I tried quickly to put these options = yes ,but I had same results)
If you have any idea about what is wrong with my configuration, please
tell me! here are my log with the beginning of freeradius when it's
launched:
+ LD_LIBRARY_PATH=/usr/local/ssl-end/lib
+ LD_PRELOAD=/usr/local/ssl-end/lib/libcrypto.so
+ export LD_LIBRARY_PATH LD_PRELOAD
+ /usr/local/sbin/radiusd -X -y -z
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/usr/local/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = yes
main: log_file = "/usr/local/var/log/radius/radius.log"
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = yes
main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
Using deprecated clients file. Support for this will go away soon.
read_config_files: reading realms
Using deprecated realms file. Support for this will go away soon.
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = yes
mschap: require_strong = yes
mschap: passwd = "(null)"
mschap: authtype = "MS-CHAP"
Module: Instantiated mschap (mschap)
Module: Loaded eap
eap: default_eap_type = "peap"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/sauv-certif/cert/new/serveur6.pem"
tls: certificate_file = "/sauv-certif/cert/new/serveur6.pem"
tls: CA_file = "/sauv-certif/cert/new/root.pem"
tls: private_key_password = "saucisson"
tls: dh_file = "/sauv-certif/cert/new/dh"
tls: random_file = "/sauv-certif/cert/new/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
rlm_eap: Loaded and initialized type tls
peap: default_eap_type = "mschapv2"
peap: copy_request_to_tunnel = no
peap: use_tunneled_reply = no
rlm_eap: Loaded and initialized type peap
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded detail
detail: detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (auth_log)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile = "/usr/local/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
files:
Re: PEAP problem - HELP PLEASE
[EMAIL PROTECTED] wrote: > In fact could someone try to look at my log, and tell me where is my > problem? I would be great! The log you posted to the list contains a description of what is wrong. > Another point is the configuration of the users file, for peap. I've read > the list but nobody gave a real answer to this question.. how this file > have to be configured?? I tried : > Auth-type := EAP , User-password == " xxx" > or > Auth-type := Local , User-password == " xxx" You often don't need to do anything to the 'users' file. The simplest change to make (if you're not using LDAP or SQL), is to add the tunneled user name, with a password: tunnel-user User-Password = "password" That's it. > rlm_mschap: No User-Password configured. Cannot create LM-Password. > rlm_mschap: No User-Password configured. Cannot create NT-Password. > rlm_mschap: No LM-Password or NT-Password attribute found. Cannot > perform MS-CHAP authentication. It needs a password. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
PEAP problem - HELP PLEASE
hello everybody!
I am tryong to make a secure wireless access using PEAP, but I have a
problem during authentication.
I had successfully configured TLS module, and all work fine.
But when I want to have a peap authentication, there is a problem.
In fact could someone try to look at my log, and tell me where is my
problem? I would be great!
Another point is the configuration of the users file, for peap. I've read
the list but nobody gave a real answer to this question.. how this file
have to be configured?? I tried :
Auth-type := EAP , User-password == " xxx"
or
Auth-type := Local , User-password == " xxx"
or ...
I don't really know which syntax is good according to peap
authentication..maybe my problem is here?
Thank you for your help!
there are my logs :
...
auth: type "EAP"
modcall: entering group authenticate for request 15
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Proceeding to decode tunneled
attributes.
rlm_eap_peap: Identity - NOMADE\ourson
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message = 0x02810012014e4f4d4144455c6f7572736f6e
PEAP: Got tunneled identity of NOMADE\ourson
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Sending tunneled request
EAP-Message = 0x02810012014e4f4d4144455c6f7572736f6e
Freeradius-Proxied-To = 127.0.0.1
User-Name = "NOMADE\\ourson"
modcall: entering group authorize for request 15
modcall[authorize]: module "preprocess" returns ok for request 15
radius_xlat:
'/usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20031215'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20031215
modcall[authorize]: module "auth_log" returns ok for request 15
rlm_eap: EAP packet type response id 129 length 18
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 15
rlm_realm: No '@' in User-Name = "NOMADE\ourson", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 15
modcall[authorize]: module "files" returns notfound for request 15
modcall: group authorize returns updated for request 15
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 15
rlm_eap: EAP Identity
rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
modcall[authenticate]: module "eap" returns handled for request 15
modcall: group authenticate returns handled for request 15
PEAP: Got tunneled reply RADIUS code 11
EAP-Message =
0x018200271a01820022104c50168820c00ade9de928725f57b2964e4f4d4144455c6f7572736f6e
Message-Authenticator = 0x
State = 0xc2efbd051aa877ec625ee103a4a76b76
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 15
modcall: group authenticate returns handled for request 15
Sending Access-Challenge of id 158 to 192.168.1.2:2462
EAP-Message =
0x0182003e19001703010033d078dd9a67221656dce0acbb5519d8b9af452bb0eaf5f600fcabafd63a385dfe8b1d076837f1798de3ca6d5b2a0d7269ad9f2f
Message-Authenticator = 0x
State = 0x55cbafd5eafc1a8c249ad219c5d26a3b
Finished request 15
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.1.2:2463, id=159,
length=250
User-Name = "NOMADE\\ourson"
Cisco-AVPair = "ssid=bebe"
NAS-IP-Address = 192.168.1.2
Called-Station-Id = "00409656deff"
Calling-Station-Id = "000af49c507f"
NAS-Identifier = "AP350-56deff"
NAS-Port = 37
Framed-MTU = 1400
State = 0x55cbafd5eafc1a8c249ad219c5d26a3b
NAS-Port-Type = Wireless-802.11
Service-Type = Login-User
EAP-Message =
0x028200581900170301004d7375a04660bd286865a528793617699cb52551682fc670d49518765d8d8c78754448d9e3eea2d3d4c05fe1367daa485f6e915eebd1fa6d301bb4996dac7906667fa1013b41e11f29e367
Message-Authenticator = 0x63157043cdd0b024b172ecaf24dfb290
modcall: entering group authorize for request 16
modcall[authorize]: module "preprocess" returns ok for request 16
radius_xlat:
'/usr/local/var/log/radius/radacct/192.168.1.2/auth-detail-20031215'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/192.168.1.2/auth-detail-20031215
modcall[authorize]: module "auth_log" returns ok for request 16
rlm_eap: EAP packet type response id 130 length 88
rlm_eap: No EAP Start, assuming it's an
Help Please
Running freeradius-0.8.1/Mysql-3.23.56 and authenticating dialup user's with radcheck we cannot log sessions in the radacct database.Did we miss a radius/sql config file entry somewhere or file permission, IP table rule?My errors are: Thu Jul 3 08:46:06 2003 : Error: Invalid operator for item Password: reverting to '=='Thu Jul 3 08:46:06 2003 : Auth: Login OK: [/x] (from client private port 1 cli unknown)Thu Jul 3 08:46:08 2003 : Error: Dropping packet from client private:513 - ID: 243 due to dead request 2874 My IP rules: ACCEPT udp -- 192.168.0.251192.168.0.136 state NEW,RELATED,ESTABLISHED udp dpt:radiusACCEPT udp -- 192.168.0.251 192.168.0.136 state NEW,RELATED,ESTABLISHED udp dpt:radius-acct Should my sql operator be just equal or colon equal? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Help Please - Monthly Time Limit
Microsoft left out that part of the protocol... users on a Mac will see it, however you're pretty much out of luck with windows. Adam Bill Anderson said: > Thanks a bunch. That did it. A second question. Now that it works, > it is supposed to send a reply message back to the user, however, the > end user gets a 691 error, username and password invalid. Any way to > change this behavior. I tried it on both XP and NT. Thanks. > >> -Original Message- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] Behalf Of Kostas >> Kalevras >> Sent: Wednesday, March 05, 2003 2:23 PM >> To: [EMAIL PROTECTED] >> Subject: Re: Help Please - Monthly Time Limit >> >> >> On Wed, 5 Mar 2003, Bill Anderson wrote: >> >> > I am so close to getting the monthly time limit working and I >> just need a >> > little help. I have looked through the archives and have found >> things that >> > have brought me this far, however, I believe I am close. Does >> anyone have >> > any idea what I am doing wrong? Basically what I would like to >> do is have a >> > user to be rejected if they reach their monthly time limit. I >> am not using >> > SQL. I have attached the following information: >> > >> > /etc/raddb/users >> > radiusd debug session (radiusd -X) >> > /etc/raddb/radiusd.conf >> > >> > users file: >> > >> > mytestuser Max-Monthly-Session := 30, Auth-Type := Local, >> User-Password == >> > "somepass" >> > Service-Type = Framed-User, >> > Framed-Protocol = PPP, >> > Framed-IP-Address = 255.255.255.254, >> > Framed-IP-Netmask = 255.255.255.255, >> > Framed-Routing = None, >> > Framed-MTU = 1500, >> > Framed-Compression = Van-Jacobson-TCP-IP, >> > Idle-Timeout = 900, >> > Session-Timeout = 21600, >> > Port-Limit = 1, >> >> > DEFAULT Max-Monthly-Session > 30, Auth-Type = Reject >> > Reply-Message = "Max monthly hours achieved" >> >> You don't need this check if you set Max-Monthly-Session >> >> > >> > Debug Session: >> > >> > [EMAIL PROTECTED] raddb]# radiusd -X >> > Starting - reading configuration files ... >> > Config: including file: /etc/raddb/proxy.conf >> > Config: including file: /etc/raddb/clients.conf >> > rad_recv: Access-Request packet from host 209.95.37.8:1647, id=149, >> length=182 >> > User-Name = "mytestuser" >> > User-Password = "backd00r" >> > NAS-IP-Address = 209.247.5.114 >> > NAS-Port = 136 >> > Service-Type = Framed-User >> > Framed-Protocol = PPP >> > Ascend-Data-Rate = 21600 >> > Ascend-Calling-Id-Type-Of-Num = Unknown >> > Ascend-Calling-Id-Number-Plan = Unknown >> > Ascend-Xmit-Rate = 49333 >> > Called-Station-Id = "5032134042" >> > Calling-Station-Id = "5038850150" >> > Acct-Session-Id = "386694565" >> > NAS-Port-Type = Async >> > Ascend-NAS-Port-Format = 2_4_5_5 >> > Proxy-State = 0x3533 >> > modcall: entering group authorize >> > modcall[authorize]: module "preprocess" returns ok >> > rlm_chap: Could not find proper Chap-Password attribute in request >> > modcall[authorize]: module "chap" returns noop >> > modcall[authorize]: module "mschap" returns notfound >> > rlm_counter: Entering module authorize code >> > rlm_counter: Could not find Check item value pair >> > modcall[authorize]: module "counter" returns noop >> > rlm_realm: No '@' in User-Name = "mytestuser", looking up realm >> NULL rlm_realm: No such realm NULL >> > modcall[authorize]: module "suffix" returns noop >> > users: Matched mytestuser at 1 >> > modcall[authorize]: module "files" returns ok >> >> You have files after counter in your authorize section. Try >> puting the counter >> module after the files module >> >> >> >> ># encryption moderate >> ># require_encryption = yes >> > >> ># require_strong alwa
RE: Help Please - Monthly Time Limit
Thanks a bunch. That did it. A second question. Now that it works, it is
supposed to send a reply message back to the user, however, the end user
gets a 691 error, username and password invalid. Any way to change this
behavior. I tried it on both XP and NT. Thanks.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Kostas
> Kalevras
> Sent: Wednesday, March 05, 2003 2:23 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Help Please - Monthly Time Limit
>
>
> On Wed, 5 Mar 2003, Bill Anderson wrote:
>
> > I am so close to getting the monthly time limit working and I
> just need a
> > little help. I have looked through the archives and have found
> things that
> > have brought me this far, however, I believe I am close. Does
> anyone have
> > any idea what I am doing wrong? Basically what I would like to
> do is have a
> > user to be rejected if they reach their monthly time limit. I
> am not using
> > SQL. I have attached the following information:
> >
> > /etc/raddb/users
> > radiusd debug session (radiusd -X)
> > /etc/raddb/radiusd.conf
> >
> > users file:
> >
> > mytestuser Max-Monthly-Session := 30, Auth-Type := Local,
> User-Password ==
> > "somepass"
> > Service-Type = Framed-User,
> > Framed-Protocol = PPP,
> > Framed-IP-Address = 255.255.255.254,
> > Framed-IP-Netmask = 255.255.255.255,
> > Framed-Routing = None,
> > Framed-MTU = 1500,
> > Framed-Compression = Van-Jacobson-TCP-IP,
> > Idle-Timeout = 900,
> > Session-Timeout = 21600,
> > Port-Limit = 1,
>
> > DEFAULT Max-Monthly-Session > 30, Auth-Type = Reject
> > Reply-Message = "Max monthly hours achieved"
>
> You don't need this check if you set Max-Monthly-Session
>
> >
> > Debug Session:
> >
> > [EMAIL PROTECTED] raddb]# radiusd -X
> > Starting - reading configuration files ...
> > Config: including file: /etc/raddb/proxy.conf
> > Config: including file: /etc/raddb/clients.conf
> > rad_recv: Access-Request packet from host 209.95.37.8:1647, id=149,
> > length=182
> > User-Name = "mytestuser"
> > User-Password = "backd00r"
> > NAS-IP-Address = 209.247.5.114
> > NAS-Port = 136
> > Service-Type = Framed-User
> > Framed-Protocol = PPP
> > Ascend-Data-Rate = 21600
> > Ascend-Calling-Id-Type-Of-Num = Unknown
> > Ascend-Calling-Id-Number-Plan = Unknown
> > Ascend-Xmit-Rate = 49333
> > Called-Station-Id = "5032134042"
> > Calling-Station-Id = "5038850150"
> > Acct-Session-Id = "386694565"
> > NAS-Port-Type = Async
> > Ascend-NAS-Port-Format = 2_4_5_5
> > Proxy-State = 0x3533
> > modcall: entering group authorize
> > modcall[authorize]: module "preprocess" returns ok
> > rlm_chap: Could not find proper Chap-Password attribute in request
> > modcall[authorize]: module "chap" returns noop
> > modcall[authorize]: module "mschap" returns notfound
> > rlm_counter: Entering module authorize code
> > rlm_counter: Could not find Check item value pair
> > modcall[authorize]: module "counter" returns noop
> > rlm_realm: No '@' in User-Name = "mytestuser", looking up realm NULL
> > rlm_realm: No such realm NULL
> > modcall[authorize]: module "suffix" returns noop
> > users: Matched mytestuser at 1
> > modcall[authorize]: module "files" returns ok
>
> You have files after counter in your authorize section. Try
> puting the counter
> module after the files module
>
>
>
> > # encryption moderate
> > # require_encryption = yes
> >
> > # require_strong always requires 128 bit key
> > # encryption
> > # require_strong = yes
> > }
> >
> > # Lightweight Directory Access Protocol (LDAP)
> > #
> > # This module definition allows you to use LDAP for
> > # authorization and authentication (Auth-Type := LDAP)
> > #
> > # See doc/rlm_ldap for description of configuration options
> > # and sample authorize{} and authenticate{} blocks
> > ldap {
> >
Re: Help Please - Monthly Time Limit
On Wed, 5 Mar 2003, Bill Anderson wrote:
> I am so close to getting the monthly time limit working and I just need a
> little help. I have looked through the archives and have found things that
> have brought me this far, however, I believe I am close. Does anyone have
> any idea what I am doing wrong? Basically what I would like to do is have a
> user to be rejected if they reach their monthly time limit. I am not using
> SQL. I have attached the following information:
>
> /etc/raddb/users
> radiusd debug session (radiusd -X)
> /etc/raddb/radiusd.conf
>
> users file:
>
> mytestuser Max-Monthly-Session := 30, Auth-Type := Local, User-Password ==
> "somepass"
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-IP-Address = 255.255.255.254,
> Framed-IP-Netmask = 255.255.255.255,
> Framed-Routing = None,
> Framed-MTU = 1500,
> Framed-Compression = Van-Jacobson-TCP-IP,
> Idle-Timeout = 900,
> Session-Timeout = 21600,
> Port-Limit = 1,
> DEFAULT Max-Monthly-Session > 30, Auth-Type = Reject
> Reply-Message = "Max monthly hours achieved"
You don't need this check if you set Max-Monthly-Session
>
> Debug Session:
>
> [EMAIL PROTECTED] raddb]# radiusd -X
> Starting - reading configuration files ...
> Config: including file: /etc/raddb/proxy.conf
> Config: including file: /etc/raddb/clients.conf
> rad_recv: Access-Request packet from host 209.95.37.8:1647, id=149,
> length=182
> User-Name = "mytestuser"
> User-Password = "backd00r"
> NAS-IP-Address = 209.247.5.114
> NAS-Port = 136
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Ascend-Data-Rate = 21600
> Ascend-Calling-Id-Type-Of-Num = Unknown
> Ascend-Calling-Id-Number-Plan = Unknown
> Ascend-Xmit-Rate = 49333
> Called-Station-Id = "5032134042"
> Calling-Station-Id = "5038850150"
> Acct-Session-Id = "386694565"
> NAS-Port-Type = Async
> Ascend-NAS-Port-Format = 2_4_5_5
> Proxy-State = 0x3533
> modcall: entering group authorize
> modcall[authorize]: module "preprocess" returns ok
> rlm_chap: Could not find proper Chap-Password attribute in request
> modcall[authorize]: module "chap" returns noop
> modcall[authorize]: module "mschap" returns notfound
> rlm_counter: Entering module authorize code
> rlm_counter: Could not find Check item value pair
> modcall[authorize]: module "counter" returns noop
> rlm_realm: No '@' in User-Name = "mytestuser", looking up realm NULL
> rlm_realm: No such realm NULL
> modcall[authorize]: module "suffix" returns noop
> users: Matched mytestuser at 1
> modcall[authorize]: module "files" returns ok
You have files after counter in your authorize section. Try puting the counter
module after the files module
> # encryption moderate
> # require_encryption = yes
>
> # require_strong always requires 128 bit key
> # encryption
> # require_strong = yes
> }
>
> # Lightweight Directory Access Protocol (LDAP)
> #
> # This module definition allows you to use LDAP for
> # authorization and authentication (Auth-Type := LDAP)
> #
> # See doc/rlm_ldap for description of configuration options
> # and sample authorize{} and authenticate{} blocks
> ldap {
> server = "ldap.your.domain"
> # identity = "cn=admin,o=My Org,c=UA"
> # password = mypass
> basedn = "o=My Org,c=UA"
> filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
>
> # set this to 'yes' to use TLS encrypted connections
> # to the LDAP database by using the StartTLS extended
> # operation.
> start_tls = no
> # set this to 'yes' to use TLS encrypted connections to the
> # LDAP database by passing the LDAP_OPT_X_TLS_TRY option to
> # the ldap library.
> tls_mode = no
>
> # default_profile = "cn=radprofile,ou=dialup,o=My Org,c=UA"
> # profile_attribute = "radiusProfileDn"
> access_attr = "dialupAccess"
>
> # Mapping of RADIUS dictionary attributes to LDAP
> # directory attributes.
> dictionary_mapping = ${raddbdir}/ldap.attrmap
>
> # ldap_cache_timeout = 120
> # ldap_cache_size = 0
> ldap_connections_number = 5
> # password_header = "{clear}"
> # password_attribute = userPassword
> # groupname_attribute = cn
> # groupmembership_filter =
> "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupO
> fUniqueNames)(unique
Help Please - Monthly Time Limit
I am so close to getting the monthly time limit working and I just need a
little help. I have looked through the archives and have found things that
have brought me this far, however, I believe I am close. Does anyone have
any idea what I am doing wrong? Basically what I would like to do is have a
user to be rejected if they reach their monthly time limit. I am not using
SQL. I have attached the following information:
/etc/raddb/users
radiusd debug session (radiusd -X)
/etc/raddb/radiusd.conf
users file:
mytestuser Max-Monthly-Session := 30, Auth-Type := Local, User-Password ==
"somepass"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Framed-Routing = None,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobson-TCP-IP,
Idle-Timeout = 900,
Session-Timeout = 21600,
Port-Limit = 1,
DEFAULT Max-Monthly-Session > 30, Auth-Type = Reject
Reply-Message = "Max monthly hours achieved"
Debug Session:
[EMAIL PROTECTED] raddb]# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/snmp.conf
Config: including file: /etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/var"
main: logdir = "/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/var/log/radius/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: servers_per_realm = 15
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: ignore_password = no
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: passwd = "(null)"
mschap: authtype = "MS-CHAP"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded preprocess
preprocess: huntgroups = "/etc/raddb/huntgroups"
preprocess: hints = "/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded Counter
counter: filename = "/etc/raddb/db.counter"
counter: key = "User-Name"
counter: reset = "monthly"
counter: count-attribute = "Acct-Session-Time"
counter: counter-name = "Monthly-Session-Time"
counter: check-name = "Max-Monthly-Session"
counter: allowed-servicetype = "Framed-User"
counter: cache-size = 5000
rlm_counter: Counter attribute Monthly-Session-Time is number 1080
rlm_counter: Current Time: 1046898303, Next reset 1049184000
Module: Instantiated counter (counter)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/etc/raddb/users"
files: acctusersfile = "/etc/raddb/acct_users"
files: preproxy_usersfile = "/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port-Id"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile =
"/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: l
Re: HELP Please...
It looks like it is the port number on the NAS where that user is connected to. Nick On Tuesday 20 August 2002 05:27, stuartc wrote: > Just going throught these logs Can someone tell me please what the /S > means on the end of each log. > > Thanks > > Stu > > > > > Tue Aug 20 04:05:28 2002: Auth: Login OK: [0161010] (from nas > 17.0.64.102/S20309) > Tue Aug 20 04:05:47 2002: Auth: Login OK: > [01-004E967E-01-000E-0960-01BD8210-@dim] (from nas > 17.0.64.102/S20088) > Tue Aug 20 04:06:31 2002: Auth: Login OK: [0161012] (from nas > 17.0.64.100/S20118) > Tue Aug 20 04:06:49 2002: Auth: Login OK: > [01-0017F2C9-01-007E-0960-0041B049-@dim] (from nas > 17.0.64.100/S20145) > Tue Aug 20 04:06:54 2002: Auth: Login OK: [0161032] (from nas > 17.0.64.102/S20709) > Tue Aug 20 04:07:03 2002: Auth: Login OK: [0161010] (from nas > 17.0.64.102/S20223) > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html -- Nick Davis Associate Systems Administrator [EMAIL PROTECTED] Internet Exposure, Inc. http://www.iexposure.com (612)676-1946 Web Development-Web Marketing-ISP Services - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
HELP Please...
Just going throught these logs Can someone tell me please what the /S means on the end of each log. Thanks Stu Tue Aug 20 04:05:28 2002: Auth: Login OK: [0161010] (from nas 17.0.64.102/S20309) Tue Aug 20 04:05:47 2002: Auth: Login OK: [01-004E967E-01-000E-0960-01BD8210-@dim] (from nas 17.0.64.102/S20088) Tue Aug 20 04:06:31 2002: Auth: Login OK: [0161012] (from nas 17.0.64.100/S20118) Tue Aug 20 04:06:49 2002: Auth: Login OK: [01-0017F2C9-01-007E-0960-0041B049-@dim] (from nas 17.0.64.100/S20145) Tue Aug 20 04:06:54 2002: Auth: Login OK: [0161032] (from nas 17.0.64.102/S20709) Tue Aug 20 04:07:03 2002: Auth: Login OK: [0161010] (from nas 17.0.64.102/S20223) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need help please
The problem is the startup script you are using. To start the daemon just execute radiusd directly and pass the appropriate arguments. Not all flavors of *nix have the start-stop-daemon program/function. Aaron > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of > Bertrand TACHAGO > Sent: Monday, July 22, 2002 1:17 PM > To: Enesha Fairluck > Cc: [EMAIL PROTECTED] > Subject: Re: Need help please > > > I had recompiled the program as you adviced me but at now, > when I'm trying to start the program, I have the following > error: Starting Freeradius server: > radwatch/etc/rc.d/init.d/rc.radiusd: > start-stop-daemon: command not found radiusd. > Please can you tell me what wrong is? > Enesha Fairluck wrote: > > > try recompiling the program > > - Original Message - > > From: "Bertrand TACHAGO" <> > > To: <[EMAIL PROTECTED]> > > Sent: Monday, July 22, 2002 10:28 AM > > Subject: Need help please > > > > > Hello, > > > I was using freeradius version 0.5 with Redhat Linux 7.1 and > > > everythings > > > > > > were working properly. But since I upgraded the system to Redhat > > > Linux 7.2, nothing is working now: anyone is unable to connect. > > > Please can someone help me solve this problem? > > > Thanks in advance > > > -- > > > Bertrand TACHAGO > > > Computer specialist, Network & Information Specialist > > > SDNP SchoolNet Cameroon (237)221 25 53 > > > Yaounde Cameroon > > > My website: http://www.sdnp.cm/tachago/ > > > > > > > > > > > > - > > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > > > > > > > > -- > Bertrand TACHAGO > Computer specialist, Network & Information Specialist > SDNP SchoolNet Cameroon (237)221 25 53 > Yaounde Cameroon > My website: http://www.sdnp.cm/tachago/ > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help please
I had recompiled the program as you adviced me but at now, when I'm trying to start the program, I have the following error: Starting Freeradius server: radwatch/etc/rc.d/init.d/rc.radiusd: start-stop-daemon: command not found radiusd. Please can you tell me what wrong is? Enesha Fairluck wrote: > try recompiling the program > - Original Message - > From: "Bertrand TACHAGO" <> > To: <[EMAIL PROTECTED]> > Sent: Monday, July 22, 2002 10:28 AM > Subject: Need help please > > > Hello, > > I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings > > > > were working properly. But since I upgraded the system to Redhat Linux > > 7.2, nothing is working now: anyone is unable to connect. Please can > > someone > > help me solve this problem? > > Thanks in advance > > -- > > Bertrand TACHAGO > > Computer specialist, Network & Information Specialist > > SDNP SchoolNet Cameroon (237)221 25 53 > > Yaounde Cameroon > > My website: http://www.sdnp.cm/tachago/ > > > > > > > > - > > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > > -- Bertrand TACHAGO Computer specialist, Network & Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help please
Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since I upgraded the system to Redhat Linux 7.2, nothing is working now: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance -- Bertrand TACHAGO Computer specialist, Network & Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need help please
Run radiusd in debug mode with the "-x" flag. Then let us know what errors or stange things are appearing. Aaron Weiker > -Original Message- > From: Bertrand TACHAGO [mailto:[EMAIL PROTECTED]] > Sent: Monday, July 22, 2002 11:14 AM > To: [EMAIL PROTECTED] > Subject: Need help please > > > Hello, > I was using freeradius version 0.5 with Redhat Linux 7.1 and > everythings > > were working properly. But since I upgraded the system to > Redhat Linux 7.2, nothing is working now: anyone is unable to > connect. Please can someone help me solve this problem? > Thanks in advance > -- > Bertrand TACHAGO > Computer specialist, Network & Information Specialist > SDNP SchoolNet Cameroon (237)221 25 53 > Yaounde Cameroon > My website: http://www.sdnp.cm/tachago/ > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help please
Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since I upgraded the system to Redhat Linux 7.2, nothing is working now: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance -- Bertrand TACHAGO Computer specialist, Network & Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Subject: How to test help please
On Tue, 09 Jul 2002 21:28:04 +0200, [EMAIL PROTECTED] wrote: If you have a windows machine around there, you cant test it with ntradping. http://www.mastersoft-group.com/download >> How do I test to see if the radius server is working right... >> I can see that is running fine - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: How to test help please
radtest - Original Message - From: "Johnno" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, July 09, 2002 5:31 AM Subject: How to test help please > How do I test to see if the radius server is working right... > > I can see that is running fine > > Johnno > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: How to test help please
At 11:31 PM 7/9/2002 +1200, Johnno wrote: >How do I test to see if the radius server is working right... > >I can see that is running fine Use the 'radtest' utility that comes with the server to send it sample requests. Read all the documents in ~/doc, as they contain lots of helpful examples. The man pages have a good amount of information as well. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: some help please
At 05:15 PM 7/9/2002 +1200, Johnno wrote: >I have just install freeradius 0.6 and I get this when I ran >check-radiusd-config > >HASH: Reinitializing hash structures and lists for caching... >rlm_unix: You MUST specify a shadow password file! >HASH: unable to create user hash table. disable caching and run debugs >radiusd.conf[462]: unix: Module instantiation failed. > >how do I fix this.. You'll need to look at the 'radiusd.conf' file, and follow the steps that the server is telling you to do above. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
How to test help please
How do I test to see if the radius server is working right... I can see that is running fine Johnno - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: some help please
Johnno wrote: > I have just install freeradius 0.6 and I get this when I ran > check-radiusd-config > > HASH: Reinitializing hash structures and lists for caching... > rlm_unix: You MUST specify a shadow password file! > HASH: unable to create user hash table. disable caching and run debugs > radiusd.conf[462]: unix: Module instantiation failed. > > how do I fix this.. try disabeling caching in radiusd.conf Gerald - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
some help please
I have just install freeradius 0.6 and I get this when I ran check-radiusd-config HASH: Reinitializing hash structures and lists for caching... rlm_unix: You MUST specify a shadow password file! HASH: unable to create user hash table. disable caching and run debugs radiusd.conf[462]: unix: Module instantiation failed. how do I fix this.. Many thanks, Johnno - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help please
Stefan Immel wrote: > >Hi everyone, > >i have a strange problem in my server. After a user has log off from the system or >especially when the light turn > >off, the system is still react as the user is still logged in. This is showed by > >RADLAST or RADWHO command. What's wrong and how can I solve this problem? > >I'm running RH 7.1 with radiusd-cistron-1.6.6. > >Thanks a lot for your help. > Wrong list. This is the freeradius list not the cistron radius list. > > But perhaps you should switch to freeradius cause it's more stable and better than >cistron. > > P.S.: could you please stop using HTML in your mails to a mailinglist, it's >considered to be not very polite. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Many thanks. I'm going to try and let you know what happens -- Bertrand TACHAGO Computer specialist, Network & Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need help please
>Hi everyone, >i have a strange problem in my server. After a user has log off from the system or >especially when the light turn >off, the system is still react as the user is still logged in. This is showed by >RADLAST or RADWHO command. What's wrong and how can I solve this problem? >I'm running RH 7.1 with radiusd-cistron-1.6.6. >Thanks a lot for your help. Wrong list. This is the freeradius list not the cistron radius list. But perhaps you should switch to freeradius cause it's more stable and better than cistron. P.S.: could you please stop using HTML in your mails to a mailinglist, it's considered to be not very polite. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help please
Hi everyone, i have a strange problem in my server. After a user has log off from the system or especially when the light turn off, the system is still react as the user is still logged in. This is showed by RADLAST or RADWHO command. What's wrong and how can I solve this problem? I'm running RH 7.1 with radiusd-cistron-1.6.6. Thanks a lot for your help. -- Bertrand TACHAGO Computer specialist, Network & Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/
Re: FreeRadius Help Please..
"Johnno" <[EMAIL PROTECTED]> wrote: > I can this error and how do i fix it.. > > radiusd: Starting - reading configuration files ... > radiusd: radiusd.conf[426] Failed to link to module 'rlm_unix': file not > found Read the FAQ. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius Help Please..
> Thanks for you help Matt.. No problems. > I did that and now I get.. > > radiusd: Starting - reading configuration files ... > radiusd: radiusd.conf[426]: unix: Module instantiation failed. Not sure about that one.. If you know how to use it, you might want to see if you have strace, and see if you can see what's causing it to fail. The unix module doesn't need much configuring from what I recall, so I couldn't think what would cause it to fail. What unix variant are you building this on? Matt. -- This email is encrypted. To de-crypt : 1) Run the WhatITyped2WhatIMeant utility. 2) Disable your personal reality distortion field. 3) Add single instance of salt() - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius Help Please..
Thanks for you help Matt.. I did that and now I get.. radiusd: Starting - reading configuration files ... radiusd: radiusd.conf[426]: unix: Module instantiation failed. Johnno - Original Message - From: "Matthew Wallis" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, May 20, 2002 10:12 PM Subject: Re: FreeRadius Help Please.. > Yup, those are static libs, if you check with something like strace, > you'll find that radiusd is trying to load rlm_unix.so from the libs > directory. > > Build freeradius again, starting with deleting config.cache, and then > do make clean. > > Configure it with the option --enable-shared, and see how you go. > > Matt. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius Help Please..
> where about will I find this in the lib directory?? > > in the lib directory i have > > rlm_unix.a > rlm_unix.la > > Johnno > Yup, those are static libs, if you check with something like strace, you'll find that radiusd is trying to load rlm_unix.so from the libs directory. Build freeradius again, starting with deleting config.cache, and then do make clean. Configure it with the option --enable-shared, and see how you go. Matt. -- This email is encrypted. To de-crypt : 1) Run the WhatITyped2WhatIMeant utility. 2) Disable your personal reality distortion field. 3) Add single instance of salt() - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius Help Please..
where about will I find this in the lib directory?? in the lib directory i have rlm_unix.a rlm_unix.la Johnno - Original Message - From: "Matthew Wallis" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, May 20, 2002 9:38 PM Subject: Re: FreeRadius Help Please.. > > > Hello, > > > > I have just installed FreeRadius, but when I do a > > > > ./radiusd -f -y > > > > I can this error and how do i fix it.. > > > > radiusd: Starting - reading configuration files ... > > radiusd: radiusd.conf[426] Failed to link to module 'rlm_unix': file not > > found > > Check that you have a rlm_unix.so file and not a rlm_unix.la file. > One is a static library, the other is a dynamic library. > > By default, freeradius will try to load the dynamic library. > > Matt. > > > -- > This email is encrypted. To de-crypt : > > 1) Run the WhatITyped2WhatIMeant utility. > 2) Disable your personal reality distortion field. > 3) Add single instance of salt() > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius Help Please..
> Hello, > > I have just installed FreeRadius, but when I do a > > ./radiusd -f -y > > I can this error and how do i fix it.. > > radiusd: Starting - reading configuration files ... > radiusd: radiusd.conf[426] Failed to link to module 'rlm_unix': file not > found Check that you have a rlm_unix.so file and not a rlm_unix.la file. One is a static library, the other is a dynamic library. By default, freeradius will try to load the dynamic library. Matt. -- This email is encrypted. To de-crypt : 1) Run the WhatITyped2WhatIMeant utility. 2) Disable your personal reality distortion field. 3) Add single instance of salt() - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRadius Help Please..
Hello, I have just installed FreeRadius, but when I do a ./radiusd -f -y I can this error and how do i fix it.. radiusd: Starting - reading configuration files ... radiusd: radiusd.conf[426] Failed to link to module 'rlm_unix': file not found Many Thanks, Johnno - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
