help me with cisco_pix525,freeradius and openldap?
hi, all,i am new to this list and freeradius.my environment is blow list: a cisco pix525 run as vpn. vpn authentication uses freeradius0.9.3 inside.the database of backend is OPENLDAP. who has such a solution? help me!!!help me!!! thank in advance regards, jiang _ MSN Messenger: http://messenger.msn.com/cn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius and openldap
From: Leo Edmiston-Cyr Sent: Wednesday, 18 June 2003 11:55 PM Sylvain MASNADA wrote: I'd like to know too, which free client do you use on linux, with its advantages and disavantages, if possible. I've difficulties to made them well-work on this platform. (I tried Xsupplicant and Aegis -trial beta version-) ?? client? You mean RADIUS client or LDAP client? RADIUS comes with a free client -- radtest. LDAP (OpenLDAP) comes with free clients -- ldapsearch, ldapmodify... I'm not sure what you mean here. He actually means 802.1x supplicant. Or at least, that's what he's listing as tried... -- = Paul TBBle Hampson Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius and openldap
OK, thanks. But just my first question was answered. Please answer the others. (for the clients for exemple, even newbies can answer) Thx again Sylvain - Original Message - From: Dustin Doris To: Sent: Tuesday, June 17, 2003 3:49 PM Subject: Re: freeradius and openldap They are radius attributes, check out http://www.freeradius.org/rfc/rfc2865.html Read the RFC, it will tell you about those attributes as well as explain what radius does. On Tue, 17 Jun 2003, [iso-8859-1] Sylvain MASNADA wrote: Hi all, I'd like to know where I could find a good doc on the RADIUS-LDAPv3.schema to know exactly the fields' signification. I filled the field radiusPrompt in openldap with 'hello' but when an user authenticate himself he doesn't see any prompt. I'd like to know too, which free client do you use on linux, with its advantages and disavantages, if possible. I've difficulties to made them well-work on this platform. (I tried Xsupplicant and Aegis -trial beta version-) Finally I'd like to know if it's possible to join a file in the freeradius response to the client, to be stored on the client machine or to open a web page on the client screen thanks Freeradius. Thanks in advance. Your help will be well-appreciated. Sylvain List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ___ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius and openldap
Sylvain MASNADA wrote: OK, thanks. But just my first question was answered. Please answer the others. (for the clients for exemple, even newbies can answer) Thx again Sylvain - Original Message - From: Dustin Doris To: Sent: Tuesday, June 17, 2003 3:49 PM Subject: Re: freeradius and openldap They are radius attributes, check out http://www.freeradius.org/rfc/rfc2865.html Read the RFC, it will tell you about those attributes as well as explain what radius does. On Tue, 17 Jun 2003, [iso-8859-1] Sylvain MASNADA wrote: Hi all, I'd like to know where I could find a good doc on the RADIUS-LDAPv3.schema to know exactly the fields' signification. It is not so much a matter of understanding the RADIUS-LDAPv3 schema as it is understanding the meaning of the check and reply RADIUS attributes that can be stored in LDAP (v3 or v2 schema). To this end simply find the RADIUS attriubtes you are interested in setting (reply items to the NAS) and checking (check items you want RADIUS to check before authenticating), look over raddb/ldap.attrmap and doc/RADIUS-LDAPv3.schema to see how you store those RADIUS attributes in LDAP. As far as what each of the RADIUS attributes means in total, well, that is a job for the RFC and other RADIUS doc recommended. I filled the field radiusPrompt in openldap with 'hello' but when an user authenticate himself he doesn't see any prompt. I don't know anything about this. I'd like to know too, which free client do you use on linux, with its advantages and disavantages, if possible. I've difficulties to made them well-work on this platform. (I tried Xsupplicant and Aegis -trial beta version-) ?? client? You mean RADIUS client or LDAP client? RADIUS comes with a free client -- radtest. LDAP (OpenLDAP) comes with free clients -- ldapsearch, ldapmodify... I'm not sure what you mean here. Finally I'd like to know if it's possible to join a file in the freeradius response to the client, to be stored on the client machine or to open a web page on the client screen thanks Freeradius. I do not believe there is any hope of this with RADIUS alone. It is possible to have your NAS transparently proxy port 80 to a web server of your choice making the first web page they viewed your page. This would require settings on your specific NAS, configuring the web server, and seeing what capability your NAS had for ending this transparent proxy after your page was hit. I know there are commercial solutions to this problem too. Finally, it is possible, although I know NOTHING about it, that a RADIUS reply to the NAS could affect the transparent proxying of port 80 that your NAS _MAY_ be able to do. Thanks in advance. Your help will be well-appreciated. Sylvain List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ___ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius and openldap
Hi all, I'd like to know where I could find a good doc on the RADIUS-LDAPv3.schema to know exactly the fields' signification. I filled the field radiusPrompt in openldap with 'hello' but when an user authenticate himself he doesn't see any prompt. I'd like to know too, which free client do you use on linux, with its advantages and disavantages, if possible. I've difficulties to made them well-work on this platform. (I tried Xsupplicant and Aegis -trial beta version-) Finally I'd like to know if it's possible to join a file in the freeradius response to the client, to be stored on the client machine or to open a web page on the client screen thanks Freeradius. Thanks in advance. Your help will be well-appreciated. SylvainDo You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Testez le nouveau Yahoo! Mail
Re: freeradius and openldap
They are radius attributes, check out http://www.freeradius.org/rfc/rfc2865.html Read the RFC, it will tell you about those attributes as well as explain what radius does. On Tue, 17 Jun 2003, [iso-8859-1] Sylvain MASNADA wrote: Hi all, I'd like to know where I could find a good doc on the RADIUS-LDAPv3.schema to know exactly the fields' signification. I filled the field radiusPrompt in openldap with 'hello' but when an user authenticate himself he doesn't see any prompt. I'd like to know too, which free client do you use on linux, with its advantages and disavantages, if possible. I've difficulties to made them well-work on this platform. (I tried Xsupplicant and Aegis -trial beta version-) Finally I'd like to know if it's possible to join a file in the freeradius response to the client, to be stored on the client machine or to open a web page on the client screen thanks Freeradius. Thanks in advance. Your help will be well-appreciated. Sylvain - Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Testez le nouveau Yahoo! Mail - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius with Openldap 2.0
I have freeradius 0.5 and Openldap 2.0 installed on my linux7.2 box. I want the user database from the Openldap. How can i configure the freeradius for openldap support. And, i want the user change his password using the web (HTTP) Can anyone help me? [This e-mail is confidential and may also be privileged. If you are not the intended recipient, please delete it and notify us immediately; you should not copy or use it for any purpose, nor disclose its contents to any other person. Thank you.] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html