Re: Sending a access reject packets
Thanx, then I must switch to Linksys or D-Link I want to stay with radius eap/ttl-eap-md5 but the choice of low-cost ap is very very small. Paul Hampson wrote: From: Fastbyte Sent: Sunday, 7 September 2003 1:57 AM thanx for a quick answer, but my problem is a NAS because I´m using Belkin F5D7130-4 and I have seen that this ap doesn´t do accounting. So my idea was to parse log file and then automaticly generate a radius auth-reject. But with this answer I´m really out of any fresh ideas... Can you give some more pointers? A quick read of the Belkin website suggests that it's not possible. In fact, RADIUS isn't actually mentioned at all in the product brief or another review I read. The review mentioned a complete lack of monitoring features for the device, so the best I can say is this device is apparently ill-suited to any environment where you care more than "These MACs are allowed, these are disallowed". -- = Paul "TBBle" Hampson Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] This is a one line proof...if we start sufficiently far to the left. -- Cambridge University Math Department - Random signature generator 3.0 by Paul "TBBle" Hampson = - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Sending a access reject packets
> From: Fastbyte > Sent: Sunday, 7 September 2003 1:57 AM > thanx for a quick answer, but my problem is a NAS because I´m using > Belkin F5D7130-4 and I have seen that this ap doesn´t do accounting. > So my idea was to parse log file and then automaticly generate a > radius auth-reject. But with this answer I´m really out of any fresh > ideas... Can you give some more pointers? A quick read of the Belkin website suggests that it's not possible. In fact, RADIUS isn't actually mentioned at all in the product brief or another review I read. The review mentioned a complete lack of monitoring features for the device, so the best I can say is this device is apparently ill-suited to any environment where you care more than "These MACs are allowed, these are disallowed". -- = Paul "TBBle" Hampson Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] This is a one line proof...if we start sufficiently far to the left. -- Cambridge University Math Department - Random signature generator 3.0 by Paul "TBBle" Hampson = - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending a access reject packets
Hi Paul, thanx for a quick answer, but my problem is a NAS because I´m using Belkin F5D7130-4 and I have seen that this ap doesn´t do accounting. So my idea was to parse log file and then automaticly generate a radius auth-reject. But with this answer I´m really out of any fresh ideas... Can you give some more pointers? Sergio Paul Hampson wrote: From: Fastbyte Sent: Sunday, 7 September 2003 12:44 AM how can i send a access reject packet or another possibility to disconnect user without using radius? Lets say with php, wher can i find some example or tip, also in other programming languages? If you're talking about disconnecting currently-online users, that's not a RADIUS thing, really. There _was_ a draft method of telling a NAS to disconnect a user that uses the RADIUS protocol, but it's not supported by FreeRADIUS directly, you'd have to build the request and use radclient to send it to the NAS. In short, it's NAS-specific, and outside RADIUS's area. The answers will be in the documentation for your NAS. -- = Paul "TBBle" Hampson Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] This is a one line proof...if we start sufficiently far to the left. -- Cambridge University Math Department - Random signature generator 3.0 by Paul "TBBle" Hampson = - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Sending a access reject packets
> From: Fastbyte > Sent: Sunday, 7 September 2003 12:44 AM > how can i send a access reject packet or another possibility to > disconnect user without using radius? Lets say with php, wher can i find > some example or tip, also in other programming languages? If you're talking about disconnecting currently-online users, that's not a RADIUS thing, really. There _was_ a draft method of telling a NAS to disconnect a user that uses the RADIUS protocol, but it's not supported by FreeRADIUS directly, you'd have to build the request and use radclient to send it to the NAS. In short, it's NAS-specific, and outside RADIUS's area. The answers will be in the documentation for your NAS. -- = Paul "TBBle" Hampson Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] This is a one line proof...if we start sufficiently far to the left. -- Cambridge University Math Department - Random signature generator 3.0 by Paul "TBBle" Hampson = - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html