Re: Radius newbie questions
Artur Hecker <[EMAIL PROTECTED]> wrote: > a propos, what happened to those example certificates i've once mailed > you? are they by any chance included with the server now? if not: do you > want me to recreate them with some other options? They're gathering dust somewhere... Send them to me again, and I'll try to find some time this week to look at them. > i really think it would be helpful for many people, just to do the first > tests and to see: oh yes, it's not the freeradius going crazy, it's me, > not being able to create five simple certificates... Oh, yes. Having a working certificate script included in the server is nice, but nothing points to it... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius newbie questions
hi alan Put a page on the web, and mail the URL to the list. The EAP-TLS documents should really be included with the server, but they're large, and need minor updates... Alan DeKok. a propos, what happened to those example certificates i've once mailed you? are they by any chance included with the server now? if not: do you want me to recreate them with some other options? i really think it would be helpful for many people, just to do the first tests and to see: oh yes, it's not the freeradius going crazy, it's me, not being able to create five simple certificates... ciao artur - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius newbie questions
Ted Kaczmarek <[EMAIL PROTECTED]> wrote: > Got it, I will put together some examples going forward for submissions > to a newbie doc. Please do so! > Where would one submit docs for newbies? Put a page on the web, and mail the URL to the list. The EAP-TLS documents should really be included with the server, but they're large, and need minor updates... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius newbie questions
Got it, I will put together some examples going forward for submissions to a newbie doc. joeuser Auth-Type := Local, Service-Type = NAS-Prompt-User, Acct-Authentic == RADIUS, Vendor-Specific == 1991, Foundry-Privilege-level == 0, Service-Type == 6 I love the fact that radiusd fixes typo's :-) Where would one submit docs for newbies? Thanks, Ted On Fri, 2003-11-14 at 12:22, Kaczmarek, Thaddeus wrote: > I just ordered the radius book, and used to use Funk software a while > back. I can get logged in via freeradius but can't seem to figure out > how to get foundry-privilege-level == 0 to work. I get logged in with > read only permissions. > > > rad_recv: Access-Request packet from host 10.0.5.252:1645, id=93, > length=65 > User-Name = "joeuser" > User-Password = "joepassw0rd" > Service-Type = NAS-Prompt-User > NAS-IP-Address = 10.0.5.252 > NAS-Port = 1 > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > modcall[authorize]: module "chap" returns noop > rlm_eap: EAP-Message not found > modcall[authorize]: module "eap" returns noop > rlm_realm: No '@' in User-Name = "joeuser", looking up realm NULL > rlm_realm: No such realm "NULL" > modcall[authorize]: module "suffix" returns noop > users: Matched DEFAULT at 152 > modcall[authorize]: module "files" returns ok > modcall[authorize]: module "mschap" returns noop > modcall: group authorize returns ok > rad_check_password: Found Auth-Type System > auth: type "System" > modcall: entering group authenticate > modcall[authenticate]: module "unix" returns ok > modcall: group authenticate returns ok > Login OK: [joeuser/joepassw0rd] (from client cr1corsw2 port 1) > Sending Access-Accept of id 93 to 10.0.5.252:1645 > Finished request 1 > Going to the next request > --- Walking the entire request list --- > Waking up in 6 seconds... > --- Walking the entire request list --- > Cleaning up request 1 ID 93 with timestamp 3fb50e3d > Nothing to do. Sleeping until we see a request. > > This id from users file > joeuser Acct-Authentic == RADIUS, Service-Type == > NAS-Prompt-User, foundry-privilege-level == 0, foundry-command-string > == > * > > Any help would be greatly appreciated :-) > > > Ted > > > > > > DISCLAIMER > e-mail, and any attachments thereto, is intended only for use by the > addressee(s) named herein and may contain legally privileged and/or > confidential information. If you are not the intended recipient of > this e-mail, you are hereby notified that any dissemination, > distribution or copying of this e-mail, and any attachments thereto, > is strictly prohibited. If you have received this e-mail in error, > please immediately notify me and permanently delete the original and > any copy of any e-mail and any printout thereof. > > E-mail transmission cannot be guaranteed to be secure or error-free. > The sender therefore does not accept liability for any errors or > omissions in the contents of this message which arise as a result of > e-mail transmission. > > REGARDING PRIVACY AND CONFIDENTIALITY > Crown Financial Group may, at its discretion, monitor and review the > content of all e-mail communications. > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Radius newbie questions
Title: Radius newbie questions I just ordered the radius book, and used to use Funk software a while back. I can get logged in via freeradius but can't seem to figure out how to get foundry-privilege-level == 0 to work. I get logged in with read only permissions. rad_recv: Access-Request packet from host 10.0.5.252:1645, id=93, length=65 User-Name = "joeuser" User-Password = "joepassw0rd" Service-Type = NAS-Prompt-User NAS-IP-Address = 10.0.5.252 NAS-Port = 1 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "chap" returns noop rlm_eap: EAP-Message not found modcall[authorize]: module "eap" returns noop rlm_realm: No '@' in User-Name = "joeuser", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop users: Matched DEFAULT at 152 modcall[authorize]: module "files" returns ok modcall[authorize]: module "mschap" returns noop modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type "System" modcall: entering group authenticate modcall[authenticate]: module "unix" returns ok modcall: group authenticate returns ok Login OK: [joeuser/joepassw0rd] (from client cr1corsw2 port 1) Sending Access-Accept of id 93 to 10.0.5.252:1645 Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 93 with timestamp 3fb50e3d Nothing to do. Sleeping until we see a request. This id from users file joeuser Acct-Authentic == RADIUS, Service-Type == NAS-Prompt-User, foundry-privilege-level == 0, foundry-command-string == * Any help would be greatly appreciated :-) Ted DISCLAIMER e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me and permanently delete the original and any copy of any e-mail and any printout thereof. E-mail transmission cannot be guaranteed to be secure or error-free. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. REGARDING PRIVACY AND CONFIDENTIALITY Crown Financial Group may, at its discretion, monitor and review the content of all e-mail communications.