Re: Orinoco-2500

2004-01-20 Thread [EMAIL PROTECTED] 
Marc Webster wrote:

Ok, I am not a routing expert so please excuse my ignorance about this
subject. 
an expert would try a wireless maillist? why don't you?

what version of free radius are you using?



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

prefix setting in radius

2004-01-20 Thread Novel S Sidabutar 
Hi,

Did radius can handle many prefix to some coverage area in voip terminating
with cisco as5300 configuration?

Thanks,
Novel S Sidabutar


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Orinoco-2500

2004-01-20 Thread Marc Webster 
Ok, I am not a routing expert so please excuse my ignorance about this subject. I recently purchased an ap-2500 for a neighborhood wisp. I am using dsl for backhaul to the internet. The dsl modem/router uses NAT (actiontec1524su). I tried to set up the ap2500 to use ip address of 192.168.0.2 and the router/modem lan address is 192.168.0.1. The Router/modem is the dhcp server on the network. Under this configuration I am getting a lot of weirdness with the network. Mainly that clients will intermittently not connect to the network. Their dhcp assignments are given to the clients ok but when you open the browser it just displays a blank page. As I said, this happens intermitently. I am speculating that since my modem/router and the ap2500 are both using NAT that it is creating some sort of conflict that causes the intermitent failures. The ap2500 manual suggests that I assign the ap2500 a static routable ip address, which I could do but the question that now arises is how do I manange the ap-2500 when my computer has a 192.168.0.x address and the ap2500 is assigned a public routable static address? The 2 will be on different subnets and as such I cant manage the ap2500 with the routable ip. Also, if I use the routable address on the ap2500, do I need to put that ip address in a dmz on the router, or created some kind of static route on the router or what? It would be nice if the orinoco help files would address these issues as I am sure that others have the same concerns. Also, When I do an arp -a on any wireless client the cache shows that the ip address of the client is mapped to the ap-2500 mac address and not the wireless client mac. Maybe this gives some clue to what is going on. Anyone with hotspot experience I am anxious to hear your solutions.
Thanks in advance, Marc  

LDAP and groups

2004-01-20 Thread Daniel 
I have freeradius 0.9.3 setup and running fine. Its is authing with my
Ldap server fine.

I can't get it to reject a user with membership of a ldap group.

users:
DEFAULT Ldap-Group == "disabled", Auth-Type := Reject
Reply-Message = "Sorry, you are not allowed"

The groups are held under ou=Group,dc=test,dc=net,dc=au

If I add a user to disabled ldap group the user is still authed.

I dont understand what needs to be in the radius.conf file for this to
work. Can anyone shed some light on this for me. As I said everything
other that this is working fine.

Thanks
Daniel


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Ascend-MOH-Timeout

2004-01-20 Thread darkstar 

Does FreeRadius support 16 bit attributes?

I'm trying to get this attribute working for v.92 modem on
hold:

ATTRIBUTE   Ascend-MOH-Timeout  261 integer

I've tried it with Cistron, but it doesn't seem to work
with attributes greater than 8 bits.

Thanks.

Jeroen Moetil

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: (no subject)

2004-01-20 Thread Miquel van Smoorenburg 
In article <[EMAIL PROTECTED]>,
Brian Johnson <[EMAIL PROTECTED]> wrote:
>I thought this list was going to be subscriber post only. :-)
>Any progress toward that?

This list and the other one (-devel) are subscriber post only
since around tuesday morning or afternoon ...

Mike.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Still struggling with SNMP and FreeRADIUS

2004-01-20 Thread david 

Quoting Ted Kaczmarek <[EMAIL PROTECTED]>:

> To save yourself a lot of grief, you may want to just use net-snmp's
> exTable. I have gone this way in the past and it is much easier to
> deal
> with that getting snmp support into a daemon :-)
> .1.3.6.1.4.1.2021.8
> 
> Their is no limits to what you can do like this.
> 
> Ted

That sounds good, I have several production radius servers (adding a 3rd soon) 
that I have to be able to monitor the health, capacity, performance of.

I am not a radius or snmp expert so any guidance or pointers to good 
documentation would be helpful.  This has been difficult given the accelerated 
time frame I have been under, but an excellent learning opportunity.

I appreciate all of the suggestions, patience and guidance I have received from 
the list.

Thanks,


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Still struggling with SNMP and FreeRADIUS

2004-01-20 Thread Ted Kaczmarek 
To save yourself a lot of grief, you may want to just use net-snmp's
exTable. I have gone this way in the past and it is much easier to deal
with that getting snmp support into a daemon :-)
.1.3.6.1.4.1.2021.8

Their is no limits to what you can do like this.

Ted

On Tue, 2004-01-20 at 11:29, [EMAIL PROTECTED] wrote:
> > Just a single question, do you know if the SMUX agent is connected
> > properly to the SNMP agent in front??
> > It looks like the SMUX subagent is not registered.
> > 
> Yes, I do see that the SMUX subagent being registered in the snmpd logs.
> 
> I think the problem is with SNMP support NOT getting compiled into
> FreeRADIUS.  Even though I am adding --with-snmp to the configure
> options, snmp support is failing.  When I run FR in debug mode,
> I can see that /etc/raddb/snmp.conf is getting read, but when I
> try radius -v or radius -X, I never see "WITH_SNMP" in the logs.
> 
> >From posting on the list I learned that I should see this when
> I check the radius version (radius -v, or is it -V, I dont have
> it in front of me at the moment).
> 
> Now I am back to where I was last August, trying to track down
> why SNMP support is not getting compiled.  I am continuing to
> go through the logs to see what is failing.  I do not know all
> of the lib/packages that the snmp code is dependant on.
> 
> Any suggestions are welcome, or if anyone has an rpm available.
> I am trying to compile FreeRADIUS 0.9.3 WITH SNMP support on REDHAT 9.0.
> 
> Thanks,
> 
> Dave
> 
> 
> - 
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: how to compile 0.9.3 at suse 9.0

2004-01-20 Thread Peter Nixon 
On Tuesday 20 January 2004 01:26, Peter Nixon wrote:
> On Monday 19 January 2004 13:23, Spetzler, Arne (DZ-SH) wrote:
> > Hello there,
> >
> > i've recently tried to compiled the
> >
> > freeradius-0.9.3.tar.gz
> >
> > but could not get it to work properly :(
>
> FreeRADIUS works on SuSE and version 0.9.0 is part of SuSE 9.0
> I will post some SuSE 9.0 rpms of FreeRADIUS 0.9.3 tomorrow.

I have uploaded some SuSE 9.0 rpms of FreeRADIUS 0.9.3 to the ftp server at:

ftp://ftp.freeradius.org/pub/radius/rpm/suse/9.0

I hope that helps.

-- 

Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Still struggling with SNMP and FreeRADIUS

2004-01-20 Thread david 

> Just a single question, do you know if the SMUX agent is connected
> properly to the SNMP agent in front??
> It looks like the SMUX subagent is not registered.
> 
Yes, I do see that the SMUX subagent being registered in the snmpd logs.

I think the problem is with SNMP support NOT getting compiled into
FreeRADIUS.  Even though I am adding --with-snmp to the configure
options, snmp support is failing.  When I run FR in debug mode,
I can see that /etc/raddb/snmp.conf is getting read, but when I
try radius -v or radius -X, I never see "WITH_SNMP" in the logs.

>From posting on the list I learned that I should see this when
I check the radius version (radius -v, or is it -V, I dont have
it in front of me at the moment).

Now I am back to where I was last August, trying to track down
why SNMP support is not getting compiled.  I am continuing to
go through the logs to see what is failing.  I do not know all
of the lib/packages that the snmp code is dependant on.

Any suggestions are welcome, or if anyone has an rpm available.
I am trying to compile FreeRADIUS 0.9.3 WITH SNMP support on REDHAT 9.0.

Thanks,

Dave


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

mysql+groups+huntgroups

2004-01-20 Thread Marius Onica 
Hi !

I'm new to freeradius and I'm trying to implement groups in huntgroups.
I'm using freeradius 0.93 with mysql. I must note that user authorization
is working ok, and huntgroups is also working when I use inside them only
user names.

My configuration is as follows:

radcheck table:

 id username  attribuite op value

  1 usera Crypt-Password == password


radgroupcheck table:

 id groupname  attribuite op value

  2  dinamicAuth-Type == local
  3  dinamicHuntgroup-Name+= HG


radreply table is empty

radgroupreply table:

 id groupname  attribuite op value

 4  dinamic   Service-Type   :=  Framed-User
 5  dinamic   Framed-Protocol:=   PPP
 6  dinamic   Framed-MTU :=   1500
 7  dinamic   Idle-Timeout   :=   1200
 8  dinamic   Fall-Through   :=   Yes


usergroup table:


 id username  Groupname

  1  usera dinamic

My huntgroups file contains:

HG   NAS-IP-Address == 192.168.0.5
  Group = dinamic

Thanks in advance,
  Marius


__
Inflex - installed on mailserver for domain @uoradea.ro
Queries to: [EMAIL PROTECTED]

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: radius.log

2004-01-20 Thread Anson Rinesmith 

> "Anson Rinesmith" <[EMAIL PROTECTED]> wrote:
> > Can anyone tell me where the radius.log file is configured?
> 
> $ grep radius.log /etc/raddb/*
I know where the file is
> 
> > I would like to have a file for each realm.
> 
>   That is not currently supported.
Can you think of a way to pull certain information from the radius.log file?
I proxy to my realms based on "Called-Station-ID". Each ISP that would dial
into the NAS would like to see their own error log? Anyone tinkered with
this successfully, even mildly?
I would be willing to poke at the code and recompile if necessary, but that
is certainly not my forte.
> 
>   Alan DeKok.
> 
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radius.log

2004-01-20 Thread Alan DeKok 
"Anson Rinesmith" <[EMAIL PROTECTED]> wrote:
> Can anyone tell me where the radius.log file is configured?

$ grep radius.log /etc/raddb/*

> I would like to have a file for each realm.

  That is not currently supported.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Simultaneous-Use - checkrad with diff. auth/acct systems

2004-01-20 Thread Andrea Gabellini 
At 14.38 20/01/2004, you wrote:
hi,

i have search the archive for some informations about an scenario where
AUTHing and ACCTing take place on different machines. We have
this situation what makes the use of checkrad (which needs a local
radutmp on the AUTH-system - or have we here misunderstood
someting?) a little bit difficult.
checkrad is used also with sql simul_*_query, so if you are using sql to 
authenticate and for accounting you can use it.

Now we are close to the point to write our own "Simultaneous-Use" solution
for our CISCO-NASes but if someone have some hints, they will be appreciate.
We use some Cisco 5300 with the Simultaneous-Use that come with FR and it 
works fine. I made a little correction to checkrad about the ports above 2.


thx
gerald
- List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html


---
Ah, this poor mouse only has one ball ...
---
Ing. Andrea Gabellini
Email: [EMAIL PROTECTED]
Tel: 0549 886111 (Italy)
Tel. +378 0549 886111 (International)
Intelcom San Marino S.p.A.
Strada degli Angariari, 3
47891 Rovereta
Repubblic of San Marino
http://www.omniway.sm  http://www.intelcom.sm

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: (no subject)

2004-01-20 Thread Brian Johnson 



I thought this list was going to be subscriber post only. 
:-)
 
Any progress toward that?
 
- Brian J.
 

  
  
  From: 
  [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED] On Behalf Of Tarun 
  SinghalSent: Wednesday, January 14, 2004 11:26 PMTo: 
  [EMAIL PROTECTED]Subject: (no 
  subject)
  
   
  
  Largest Matrimonial Portal For 
  Agarwal  
  We have the largest collection of  Agarwal 
  Bride & Groom
   
  Agarwal Matrimonial - http://www.agarwaltoagarwal.org 
  We Have the largest data base of well educated Agarwalbrides & 
  grooms from all over India and othercountries including US, UK, 
  Canada, Australia etc. Thedata base includes bio-data of Agarwal boys and 
  girlsfrom various fields of life i.e. Medicos, Engineers,IT 
  Professionals, Software Engineers, Professors,Teachers, Entrepreneurs, 
  Industrialist, Businessmen,Self Employed, Employees in private & 
  public sectorsetc. It also includes bio-data of well-educated 
  homelygirls.  
  Note: We have the largest collection 
  of Manglik Agarwal.   
  & 
  We have largest collection of profile from different 
  Agarwal  culture 
   
  E.g.: Haryana, Rajasthani, Delhi, Uttar Pradesh, 
  etc. 
  http://www.agarwaltoagarwal.org

Re: Simultaneous-Use - checkrad with diff. auth/acct systems

2004-01-20 Thread Norguhtar 
Accounting sistem not need auth system. Only writting in clients.conf all need 
accounting NAS.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Simultaneous-Use - checkrad with diff. auth/acct systems

2004-01-20 Thread Gerald Krause 
hi,

i have search the archive for some informations about an scenario where
AUTHing and ACCTing take place on different machines. We have
this situation what makes the use of checkrad (which needs a local
radutmp on the AUTH-system - or have we here misunderstood
someting?) a little bit difficult.
Now we are close to the point to write our own "Simultaneous-Use" solution
for our CISCO-NASes but if someone have some hints, they will be appreciate.
thx
gerald
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radius.log

2004-01-20 Thread Anson Rinesmith 








Can anyone tell me where the radius.log file is configured? I would
like to have a file for each realm.

Re: TXP, then he took

2004-01-20 Thread Thompson Selma 


Banned CD Government don't want me to s>ell it. See Now %RND_SYB


whoosh bigot herman satan weighty assign material applicate spicy sapsucker dungeon remunerate gresham dispersive predilect mane epsom casteth want chirp jump mountainside cunningham denotative edinburgh cross lew corrigenda wright ala chili thrill recur demurrer departure baneful fortunate 
decrement die afoul chaplin accept ale tote epa hawaii breastplate purchasable boor diagnostician frivolous redhead carboy elmhurst debby bony bradford guenther brawl burlington anteroom wonderful retail 
choppy sheridan didactic corruption centrifuge resemblant pyrolyse kiosk doge usable blubber dunk trencherman vague 
octant driven barb gibe gauntlet beef monty product landis dacca bellamy 
presence spoke delphi consulate herbert boat whizzing melodic breakdown rooftree hank napoleonic aerate el mu respect chronic difluoride functionary hornblende instantiate 
definition hideous vise creon luxury gaspee fingertip aversion ash board eclipse falloff aide gel dour allspice 
babylon devilish idiot nicotine yell coriander junky tantamount puerto indentation nitride chadwick mile holmium strikebreak descent geraldine beaujolais group keith yvette compensable terminal bibliophile victim winsome charisma creekside perforce nimbus paradise elegant usurpation dint twirly pair adulthood spare uranium ethane 
dynastic communicable scanty spend olaf lockhart bicker organ beltsville caper beatitude bedford dougherty bicycle eigenspace reveal eternity smythe castor succession aminobenzoic coypu inman to yoga kilohm latitudinary rafferty either inflater cummins instrument afterward out stevenson control evasion gimpy 
port whipsaw inhibitor burch boulder eft confide holden fateful anthropomorphism alveolus fujitsu doctor 
roundabout waist pewter arrival indwell haven't fabian imperfect doolittle chicagoan hrothgar ingrown flank 
amoeba taverna haberdashery balfour befuddle congolese ciliate dewar canton destiny loyalty clime buckley trident cobra smile afterimage donald anglo tailwind anthology convert reap nightingale demo hug fordham trendy

Proxying based on Dialed No

2004-01-20 Thread Firas Shalabi 
Hi all,


I have Radius server Ver. 0.9.3 ,  we want to proxy the accounting info to a remote 
radius based on Dialed No, no username will be sent to the radius, I managed to proxy 
the accounting requests but with username attribute available , I got the following 
when no username :

 rad_recv: Accounting-Request packet from host 172.16.0.2:1646, id=29, length=123
Acct-Session-Id = "00FB"
Framed-Protocol = PPP
Acct-Authentic = Local
Acct-Status-Type = Start
Calling-Station-Id = "234"
Called-Station-Id = "235"
NAS-Port-Type = Async
Connect-Info = "28800/33600 V34+/V44/LAPM"
NAS-Port = 26
Service-Type = Framed-User
NAS-IP-Address = 172.16.0.2
Acct-Delay-Time = 0
modcall: entering group preacct for request 3
modcall[preacct]: module "preprocess" returns noop for request 3
rlm_realm: Proxy reply, or no User-Name.  Ignoring.
modcall[preacct]: module "suffix" returns noop for request 3
modcall[preacct]: module "files" returns noop for request 3
modcall: group preacct returns noop for request 3
modcall: entering group accounting for request 3
rlm_acct_unique: WARNING: Attribute NAS-Port-Id was not found in request, unique
ID MAY be inconsistent
rlm_acct_unique: WARNING: Attribute User-Name was not found in request, unique I
D MAY be inconsistent
rlm_acct_unique: Hashing ',Client-IP-Address = 172.16.0.2,NAS-IP-Address = 172.1
6.0.2,Acct-Session-Id = "00FB",'
rlm_acct_unique: Acct-Unique-Session-ID = "d1d8fd64aa3ff5da".
 modcall[accounting]: module "acct_unique" returns ok for request 3
radius_xlat:  '/usr/local/var/log/radius/radacct/172.16.0.2/detail-20040120'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
 expands to /usr/local/var/log/radius/radacct/172.16.0.2/detail-20040120
  modcall[accounting]: module "detail" returns ok for request 3
  modcall[accounting]: module "unix" returns noop for request 3
radius_xlat:  '/usr/local/var/log/radius/radutmp'
radius_xlat:  ''
  modcall[accounting]: module "radutmp" returns ok for request 3
modcall: group accounting returns ok for request 3
Sending Accounting-Response of id 29 to 172.16.0.2:1646
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...

Thanks in advance

Regards,






*
The contents of this email and any attachments are confidential. It is 
intended for the named recipient(s) only. If you have received this email 
in error please notify the system manager or  the sender immediately and 
do not disclose the contents to any one or make copies.
*
PALTEL E-Safety System scanned this email and found NO viruses, 
vandals or malicious content.
*
Should you need any information or clarifications regarding this system, 
please do not hesitate to contact our team at the IP Dep. 
<[EMAIL PROTECTED]>.
*


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Still struggling with SNMP and FreeRADIUS

2004-01-20 Thread Harrie Hazewinkel 
Hi,

Just a single question, do you know if the SMUX agent is connected
properly to the SNMP agent in front??
It looks like the SMUX subagent is not registered.
Harrie

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: user groups in users file

2004-01-20 Thread Burkhard Weeber 
I use "User-Category" for this. And all remains in the users file

user Password == "secret", User-Category := "noble", Auth-Type := Local


noble
Service-Type = Framed-User,
,
...

Give it a shot.

Burkhard Weeber
viastore systems GmbH
P/O Box 300668
D-70446 Stuttgart
Tel: +49-711-9818-0
Email: [EMAIL PROTECTED]

Disclaimer:
The opinions expressed herein are my personal points of view and do not
represent those of my employer.

Windows95:  n.
32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit
operating system originally coded for a 4 bit microprocessor, written by
a 2 bit company, that can't stand 1 bit of competition.




> -Original Message-
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On 
> Behalf Of Spetzler, Arne (DZ-SH)
> Sent: Tuesday, January 20, 2004 8:38 AM
> To: [EMAIL PROTECTED]
> Subject: Re: user groups in users file
> 
> 
> > 
> > Message: 16
> > From: "Alan DeKok" <[EMAIL PROTECTED]>
> > To: [EMAIL PROTECTED]
> > Subject: Re: user groups in users file 
> > Date: Mon, 19 Jan 2004 13:00:44 -0500
> > Reply-To: [EMAIL PROTECTED]
> > 
> > "Spetzler, Arne (DZ-SH)" <[EMAIL PROTECTED]> wrote:
> > > is it possible to group users like this:
> > > 
> > > charles   Auth-Type := local, User-Password == "12345"
> > >   Group_of_users = "noble"
> > 
> >   No, sorry.
> > 
> > > PS.: No i don't want to use sql or ldap
> > 
> >   You can put them all into a file, and use rlm_passwd to 
> parse it...
> 
> read the docu -> :) that seems to be exactly what i'm 
> searching for - i try! :)
> 
> (its much better than my proposal :)
> 
> Arne Spetzler
> 
> - 
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
> 


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: user groups in users file

2004-01-20 Thread Spetzler, Arne \(DZ-SH\) 
> 
> Message: 16
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: user groups in users file 
> Date: Mon, 19 Jan 2004 13:00:44 -0500
> Reply-To: [EMAIL PROTECTED]
> 
> "Spetzler, Arne (DZ-SH)" <[EMAIL PROTECTED]> wrote:
> > is it possible to group users like this:
> > 
> > charles Auth-Type := local, User-Password == "12345"
> > Group_of_users = "noble"
> 
>   No, sorry.
> 
> > PS.: No i don't want to use sql or ldap
> 
>   You can put them all into a file, and use rlm_passwd to parse it...

read the docu -> :) that seems to be exactly what i'm searching for - i try! :)

(its much better than my proposal :)

Arne Spetzler

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

How Could We configure an empty Username and Password ? HELP

2004-01-20 Thread Nader Sayeh 








Dear All,

I have configured the Free-radius software version 0.9.3, it is working
probably.

I tried to configure an empty username and password but it didn't work,
how could I do so?

 

Regards,







*
The contents of this email and any attachments are confidential. It is 
intended for the named recipient(s) only. If you have received this email 
in error please notify the system manager or  the sender immediately and 
do not disclose the contents to any one or make copies.
*
PALTEL E-Safety System scanned this email and found NO viruses, 
vandals or malicious content.
*
Should you need any information or clarifications regarding this system, 
please do not hesitate to contact our team at the IP Dep. 
<[EMAIL PROTECTED]>.
*