RE: Billing server + Radius attribute details

2004-12-27 Thread Amit Gupta 








 

 

Amit Gupta

Mobile:
91-9818052171

Yahoo IM: amitguptainn

MSN IM : amitguptainn

 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of prabhan
Sent: Tuesday, December 28, 2004 11:57 AM
To: freeradius-users@lists.freeradius.org
Subject: Billing server + Radius attribute details

 

How does Radius server maitain the accounting details.

 

>>You can save accounting details in
SQL database or files as per your requirements. Raw details are stored in
detail files.

 

In a pre paid application , How does the radius server fetch the
details

about the credit amount left and the duration available  ?

 

Is the Radius server invoked to send the credit amount and duration

details on sending accounting request or access request packet ?

 

Or is their any specific attribute in the accounting or access request

packets which tell the radius server to send the above mentioned
details

in the respective response packets ?

>> 

 

 

There are some standard attributes defined  from 1 to 100. Also some

vendor specific attribute can be defined. On what basis does radius

client / radius server

take a decision on the attributes to be sent ? Do all of them go in the

request as well as response packets ?

>> I think vendor specific attributes take precedence . It also
depends on order they appear in SQL source 

 

Is there any configuration at the radius server end to specify the

attributes to be sent in the response packets ?

>>  yes you can configure
response attributes at group as well as user levels. 

 

I am not able to proceed futher as i am not able to identify the

attribute selection both at the client and server end. I am depending
on

the radius erver for ANI/DNIS based authentication for prepaid as well

as postpaid applications.

I would like to get a call flow of the packets + the attribute details,

if anyone has already implemented such an application.

 

Thanks in advance,

 Prabha N

 

 

 

- 

List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

 

Billing server + Radius attribute details

2004-12-27 Thread prabhan 
How does Radius server maitain the accounting details.

In a pre paid application , How does the radius server fetch the details
about the credit amount left and the duration available  ?

Is the Radius server invoked to send the credit amount and duration
details on sending accounting request or access request packet ?

Or is their any specific attribute in the accounting or access request
packets which tell the radius server to send the above mentioned details
in the respective response packets ?

There are some standard attributes defined  from 1 to 100. Also some
vendor specific attribute can be defined. On what basis does radius
client / radius server
take a decision on the attributes to be sent ? Do all of them go in the
request as well as response packets ?

Is there any configuration at the radius server end to specify the
attributes to be sent in the response packets ?

I am not able to proceed futher as i am not able to identify the
attribute selection both at the client and server end. I am depending on
the radius erver for ANI/DNIS based authentication for prepaid as well
as postpaid applications.
I would like to get a call flow of the packets + the attribute details,
if anyone has already implemented such an application.

Thanks in advance,
 Prabha N



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

freeradius-users@lists.freeradius.org

2004-12-27 Thread zack musa 
Thanks Alan. 

I try to get user authentication using the python
testing tools. From what I get, the users from home
server (the remote server) were authenticated, but
users from the forwarding server failed to get their
authentication. in the proxy.conf, the configuration
are
__
realm 200.200.230.136 {
type= radius
authhost= 200.200.230.136:1812
accthost= 200.200.230.136:1813
secret  = amin}

realm NULL {
type= radius
authhost= 200.200.230.136:1812
accthost= 200.200.230.136:1813
secret  = amin}

realm DEFAULT {
 type= radius
 authhost= 200.200.230.136:1812
 accthost= 200.200.230.136:1813
 secret  = amin}

in the debug mode, the messages are:
___

host 200.200.230.135:1163, id=189, length=43
User-Name = "abu"
User-Password = "abu"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok
for request 0
  modcall[authorize]: module "chap" returns noop for
request 0
  modcall[authorize]: module "mschap" returns noop for
request 0
rlm_realm: No '@' in User-Name = "abu", looking up
realm NULL
rlm_realm: Found realm "NULL"
rlm_realm: Adding Stripped-User-Name = "abu"
rlm_realm: Proxying request from user abu to realm
NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Preparing to proxy authentication
request to realm "NULL"
  modcall[authorize]: module "suffix" returns updated
for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for
request 0
radius_xlat:  'abu'
rlm_sql (sql): sql_set_user escaped user --> 'abu'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op
FROM radcheck WHERE Username = 'abu' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
 FROM radgroupcheck,usergroup WHERE usergroup.Username
= 'abu' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op
FROM radreply WHERE Username = 'abu' ORDER BY id'
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
 FROM radgroupreply,usergroup WHERE usergroup.Username
= 'abu' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): Released sql socket id: 4
  modcall[authorize]: module "sql" returns ok for
request 0
modcall: group authorize returns updated for request 0
Sending Access-Request of id 0 to 200.200.230.136:1812
User-Name = "abu"
User-Password = "abu"
NAS-IP-Address = 200.200.230.135
Proxy-State = 0x313839
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Reject packet from host
200.200.230.136:1812, id=0, length=25
Proxy-State = 0x313839
  Processing the post-proxy section of radiusd.conf
modcall: entering group post-proxy for request 0
  modcall[post-proxy]: module "eap" returns noop for
request 0
modcall: group post-proxy returns noop for request 0
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 189 to
200.200.230.135:1163
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 189 with timestamp 41d0f12f
Nothing to do.  Sleeping until we see a request.
_

FR is sending auth request to the Remote Server
altough the user is from its own sql database. then
rejecting it. Is that what is happening? How can i
drive the request to 1st search from its sql db and
then proxy the request when theres no record? 
If any  additional info needed, please inform me, I
will send it immediately.  
Thanks.


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Prepaid card module/software

2004-12-27 Thread Carl Peterson 
How would I implement this?
What I need is to add something like WISPr-Session-Terminate-Time with a Value 
of 24 hours from first use after their first use.  Of course it needs to be 
added as soon as they log in the first time, or actually before, perhaps in 
pre-auth so that their first session isn't indefinite.  Any ideas?

Carl

On Monday 27 December 2004 17:46, Thor Spruyt wrote:
> Carl Peterson wrote:
> > I am working on writing it as we speak.  Current release is
> > phpMyPrepaid-0.1.2.  It actually works with a MySQL database and
> > inserts the users into the radcheck table.  Hourly cards work but I
> > haven't figured out the post-auth stuff in Freeradius for daily cards
> > yet.  You can grab the current release off of my development server
> > at: http://cpete.com/prepaidAdmin/  I am moving things over to
> > http://jabali.net/~carl this week.  All new releases, changelogs, etc
> > will be hosted there.
>
> I read something about using Post-Auth for setting expiration date/time.
> In my opinion, the Accounting-Start should be used for this purpose, since
> an authentication doesn't neccessarily mean a session!

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Any idea of freeradius on IPV6

2004-12-27 Thread Sharat (LAB) 



HI Group,
 
I need to setup Radius server with IPV6 support. 
The Box I need to work with is a ROUTER with IPV6 RADIUS Client. Now I 
configured my Fedora/Solaris PC with Ipv6 address's and could connect to the box 
via telnet. But How do I setup radius for basic AAA functionality over 
IPV6. Is this supported ???
 
Has any one crossed this way for Radius over IPV6, 
Any help in this topic will be helpfull.
 
Thanks
Sharat Janga
QA ENGINEER

Re: Prepaid card module/software

2004-12-27 Thread Thor Spruyt 
Carl Peterson wrote:
I am working on writing it as we speak.  Current release is
phpMyPrepaid-0.1.2.  It actually works with a MySQL database and
inserts the users into the radcheck table.  Hourly cards work but I
haven't figured out the post-auth stuff in Freeradius for daily cards
yet.  You can grab the current release off of my development server
at: http://cpete.com/prepaidAdmin/  I am moving things over to
http://jabali.net/~carl this week.  All new releases, changelogs, etc
will be hosted there.
I read something about using Post-Auth for setting expiration date/time.
In my opinion, the Accounting-Start should be used for this purpose, since 
an authentication doesn't neccessarily mean a session!

--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telenet Hotspot
service op www.telenet.be/hotspots
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Prepaid card module/software

2004-12-27 Thread Carl Peterson 
I am working on writing it as we speak.  Current release is 
phpMyPrepaid-0.1.2.  It actually works with a MySQL database and inserts the 
users into the radcheck table.  Hourly cards work but I haven't figured out 
the post-auth stuff in Freeradius for daily cards yet.  You can grab the 
current release off of my development server at: 
http://cpete.com/prepaidAdmin/  I am moving things over to 
http://jabali.net/~carl this week.  All new releases, changelogs, etc will be 
hosted there.

Carl Peterson  
On Monday 27 December 2004 03:27, rashad wrote:
> Dear people. Is there any prepaid card processing software that works with
> freeradius?

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

How to configure 3Com OfficeConnect Wireless Cable/DSL Gateway (3CRWE52196) to work with freeradius

2004-12-27 Thread chiam kuosiang 
Hi,
 
I have configured a freeradius sever running on a redhat 9 linux using freeradius-0.9.3, mysql-3.23.54a-11, apache_1.3.27, php-4.2.3, openssl-0.9.7e and mod_ssl-2.8.11-1.3.27. And the dialup admin is working (test user dummy succeeded). 
 
Now, i have a 3Com access point, OfficeConnect Wireless Cable/DSL Gateway (3CRWE52196). Can anybody point me out how to configure it? I didn't see any eap authentication in the access point interface like the CISCO AP do. 
 
from fresh user, 
Siang
		Do you Yahoo!? 
Dress up your holiday email, Hollywood style. Learn more.

EAP or PAP?? LDAP???

2004-12-27 Thread Chan Min Wai (System Administrator) 
Hello all,

Something I wasn't very sure about.
I know freeradius support both EAP and PAP, I would like to know what is
the different?

>From my understanding:

EAP seem need to store the password in clear text, however the
transmission was encrypted.

PAP store password using mschap or something however the password
transmission will be clear text.

Am I wrong in someway?

I'm currently using LDAP with EAP and would like to know if PAP will be
a better solution.

please clarify me.

Someone who had lost.
Chan Min Wai

Thank You

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: [radius] Auth-Type error

2004-12-27 Thread Nick Marino 
Nick Marino - IT Solutions
- Original Message - 
From: "Mathias Röhl" <[EMAIL PROTECTED]>
To: 
Sent: Monday, December 27, 2004 6:41 AM
Subject: Re: [radius] Auth-Type error


Am Mo, den 27.12.2004 schrieb Nick Marino um 11:15:
Hi
Never mind found the problem myself.
and ? what was the reason ?
Well for some reason the Auth-Type PAP was not in the radreply by default as 
it is on my other systems had to go back to each account in Using Dialup 
Admin and add the attribute the each account. Then it worked ok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Using groups to configure access based on particular requesting radius server.

2004-12-27 Thread Alan DeKok 
"Mike Cisar" <[EMAIL PROTECTED]> wrote:
> Likewise is != valid here?  Such that the following would be a valid
> representation...
> 
> DEFAULT   Client-IP-Address == ip1.of.pool.a., Group != "poola", 
> Auth-Type := Reject

  Yes.

> With only two pools I suppose it wouldn't really make much difference, but
> if a 3rd or more were added the latter would result in fewer configuration
> lines required, correct?

  Yes.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Check users for validation using Exec

2004-12-27 Thread Alan DeKok 
[EMAIL PROTECTED] wrote:
> But even when i try connect from correct system also I am not able to
> authenticate.
> Sometimes it works, sometimes it doesn't .

  Use debugging mode to see why.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: LDAP Auth Problem

2004-12-27 Thread Alan DeKok 
Mathias =?ISO-8859-1?Q?R=F6hl?= <[EMAIL PROTECTED]> wrote:
> > Since you are sending EAP, you should uncomment eap in both the
> > authorization and authentication section.  See what that does for you.
> > 
> I did this, but now there's no output and of course, no authentication
> or authorization.

  Sorry, the server *always* has output in debugging mode.

  Start your system with the default configuration shipped with the
server.  It's there for a reason.  Edit it as little as necessary to
get your system working the way you want.

  If you make whole-sale changes to the configuration files without
knowing what they do, you will NEVER get your system configured.

  Alan DeKok.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Release notes

2004-12-27 Thread Alan DeKok 
Admin <[EMAIL PROTECTED]> wrote:
> I have a question, does the each CVS version of FreeRadius have
> release_note?

  No.  They are generated daily by a script, so there is no human
involvement to add release notes.

> Where can I find the information about the difference between two
> different CVS snapshots?

  Use cvs.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Release notes

2004-12-27 Thread Admin 
Hi, all,
I have a question, does the each CVS version of FreeRadius have release_note? 
Where can I find the information about the difference between two different CVS 
snapshots?
--
Best regards,
Serg Shipaev, IP TELephony EXchange Ltd.
e-mail: [EMAIL PROTECTED]
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: LDAP Auth Problem

2004-12-27 Thread Mathias Röhl 
Hi

DD, thx for the fast reply
> Since you are sending EAP, you should uncomment eap in both the
> authorization and authentication section.  See what that does for you.
> 
I did this, but now there's no output and of course, no authentication
or authorization.
May be I must edit the users file also ? No, the user should come from
LDAP...it's tricky...

regards

[EMAIL PROTECTED]



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: LDAP Auth Problem

2004-12-27 Thread Dustin Doris 

> Hi
>
> I tried to run fr with LDAP and MYSQL. It works with EAP/TLS fine, but
> with local Auth in the users file.
> Now I added into radiusd.conf
>
> --
> authorize {
> #
> #preprocess
> #chap
> #mschap
> #auth_log
> ldap
> #eap
> #files
> #   checkval
> }
> authenticate {
> #unix
> #eap
> authtype LDAP {
> ldap
> }
> }

> rad_recv: Access-Request packet from host 172.16.98.41:32784, id=1,
> length=156
> User-Name = "testuser"
> NAS-IP-Address = 172.16.98.41
> Called-Station-Id = "00-0C-84-01-04-F8"
> Calling-Station-Id = "00-30-65-05-3A-AF"
> NAS-Identifier = "x2250"
> NAS-Port = 20
> Framed-MTU = 1492
> NAS-Port-Type = Wireless-802.11
> Connect-Info = "CONNECT 11Mbps 802.11b"
> EAP-Message = 0x0201000d017465737475736572
> Message-Authenticator = 0x5306b5e2bcf4bf4f0312fac8808776b3
>   Processing the authorize section of radiusd.conf
> modcall: entering group authorize for request 0
> rlm_ldap: - authorize
> rlm_ldap: performing user authorization for testuser
> radius_xlat:  '(uid=testuser)'
> radius_xlat:  'ou=people,dc=qa,dc=bintec,dc=de'
> rlm_ldap: ldap_get_conn: Checking Id: 0
> rlm_ldap: ldap_get_conn: Got Id: 0
> rlm_ldap: attempting LDAP reconnection
> rlm_ldap: (re)connect to 172.16.98.52:389, authentication 0
> rlm_ldap: bind as cn=manager,dc=qa,dc=bintec,dc=de/test to
> 172.16.98.52:389
> rlm_ldap: waiting for bind result ...
> rlm_ldap: Bind was successful
> rlm_ldap: performing search in ou=people,dc=qa,dc=bintec,dc=de, with
> filter (uid=testuser)
> rlm_ldap: Added password testing123 in check items
> rlm_ldap: looking for check items in directory...
> rlm_ldap: looking for reply items in directory...
> rlm_ldap: user testuser authorized to use remote access
> rlm_ldap: ldap_release_conn: Release Id: 0
>   modcall[authorize]: module "ldap" returns ok for request 0
> modcall: group authorize returns ok for request 0
>   rad_check_password:  Found Auth-Type LDAP
> auth: type "LDAP"
>   Processing the authenticate section of radiusd.conf
> modcall: entering group authtype for request 0
> rlm_ldap: - authenticate
> rlm_ldap: Attribute "User-Password" is required for authentication.
>   modcall[authenticate]: module "ldap" returns invalid for request 0
> modcall: group authtype returns invalid for request 0
> auth: Failed to validate the user.
> Delaying request 0 for 1 seconds
> Finished request 0
> Going to the next request
> --- Walking the entire request list ---
> Waking up in 1 seconds...
> --- Walking the entire request list ---
> Waking up in 1 seconds...
> --- Walking the entire request list ---
> Sending Access-Reject of id 1 to 172.16.98.41:32784
> 
>
> After all there's the Access-reject.
>
> My radiusd.conf for LDAP
>
> $INCLUDE ${confdir}/eap.conf
>
> mschap {
> authtype = MS-CHAP
> use_mppe = yes
> require_encryption = yes
> require_strong = yes
> }
>
> ldap {
> server = "172.16.98.52"
> #identity = "cn=manager,ou=people,dc=qa,dc=bintec,dc=de"
> identity = "cn=manager,dc=qa,dc=bintec,dc=de"
> password = 
> basedn = "ou=people,dc=qa,dc=bintec,dc=de"
> filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
> password_attribute = "userPassword"
> start_tls = no
> dictionary_mapping = ${raddbdir}/ldap.attrmap
> ldap_connections_number = 5
> #   access_attr = "dialupAccess"
> timeout = 4
> timelimit = 3
> net_timeout = 1
>
>
>
>
>
> May be there's a mistake ? And someone can kindly open my eyes ?
>
> thx in advance
>
> regards
>
>   [EMAIL PROTECTED]
>

Since you are sending EAP, you should uncomment eap in both the
authorization and authentication section.  See what that does for you.



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Huntgroups, ldap, groupofnames

2004-12-27 Thread Dustin Doris 

> >
> > On Dec 22, 2004, at 12:57 PM, Dustin Doris wrote:
> >
> > > I cliped some of your message and only left the relevant parts.  The
> > > packet you show came from the NASIP of 149.28.3.101, not 192.168.1.10.
> > >  Is
> > > that your entire huntgroups file you showed?  If so, this isn't
> > > matching
> > > the rule in the users file because its not in that huntgroup.
> >
> > Sorry I was trying to substitute out the IP's, the IP's do actually
> > match up.
> >
> Hmmm.. It seems like it should work, I am guessing that you are matching
> on another entry in the users file.  I'll have to go back through my
> archives and check the debug info you posted before.  Try running radiusd
> -X again and look for something like this:
>
> users: Matched DEFAULT at 27
>
> Then check line 27 on the users file and see where its matching.
>
> I'll take another look at your debug info and see if I can spot anything
> unusual.
>
>
>


Went through your debug info you sent last time and found this:
 users: Matched DEFAULT at 171
 users: Matched DEFAULT at 183

It looks like you are matching at two different entries.  Can you paste
your entire users file for us to see?  Check those two entries in your
users file, one of them is letting you in.



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Huntgroups, ldap, groupofnames

2004-12-27 Thread Dustin Doris 
>
> On Dec 22, 2004, at 12:57 PM, Dustin Doris wrote:
>
> > I cliped some of your message and only left the relevant parts.  The
> > packet you show came from the NASIP of 149.28.3.101, not 192.168.1.10.
> >  Is
> > that your entire huntgroups file you showed?  If so, this isn't
> > matching
> > the rule in the users file because its not in that huntgroup.
>
> Sorry I was trying to substitute out the IP's, the IP's do actually
> match up.
>
Hmmm.. It seems like it should work, I am guessing that you are matching
on another entry in the users file.  I'll have to go back through my
archives and check the debug info you posted before.  Try running radiusd
-X again and look for something like this:

users: Matched DEFAULT at 27

Then check line 27 on the users file and see where its matching.

I'll take another look at your debug info and see if I can spot anything
unusual.



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

LDAP Auth Problem

2004-12-27 Thread Mathias Röhl 
Hi

I tried to run fr with LDAP and MYSQL. It works with EAP/TLS fine, but
with local Auth in the users file.
Now I added into radiusd.conf

--
authorize {
#
#preprocess
#chap
#mschap
#auth_log
ldap
#eap
#files
#   checkval
}
authenticate {
#unix
#eap
authtype LDAP {
ldap
}
}
--

the radiusd -X -A says the following

--

Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /usr/local//etc/raddb/proxy.conf
Config:   including file: /usr/local//etc/raddb/clients.conf
Config:   including file: /usr/local//etc/raddb/eap.conf
Config:   including file: /usr/local//etc/raddb/sql.conf
 main: prefix = "/usr/local/"
 main: localstatedir = "/usr/local//var"
 main: logdir = "/usr/local//var/log/radius"
 main: libdir = "/usr/local//lib"
 main: radacctdir = "/usr/local//var/log/radius/radacct"
 main: hostname_lookups = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/usr/local//var/log/radius/radius.log"
 main: log_auth = no
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile = "/usr/local//var/run/radiusd/radiusd.pid"
 main: user = "(null)"
 main: group = "(null)"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/local//sbin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = yes
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec 
 exec: wait = yes
 exec: program = "(null)"
 exec: input_pairs = "request"
 exec: output_pairs = "(null)"
 exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec) 
Module: Loaded expr 
Module: Instantiated expr (expr) 
Module: Loaded LDAP 
ldap: server = "172.16.98.52"
 ldap: port = 389
 ldap: net_timeout = 1
 ldap: timeout = 4
 ldap: timelimit = 3
 ldap: identity = "cn=manager,dc=qa,dc=bintec,dc=de"
 ldap: tls_mode = no
 ldap: start_tls = no
 ldap: tls_cacertfile = "(null)"
 ldap: tls_cacertdir = "(null)"
 ldap: tls_certfile = "(null)"
 ldap: tls_keyfile = "(null)"
 ldap: tls_randfile = "(null)"
 ldap: tls_require_cert = "allow"
 ldap: password = ""
 ldap: basedn = "ou=people,dc=qa,dc=bintec,dc=de"
 ldap: filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
 ldap: base_filter = "(objectclass=radiusprofile)"
 ldap: default_profile = "(null)"
 ldap: profile_attribute = "(null)"
 ldap: password_header = "(null)"
 ldap: password_attribute = "userPassword"
 ldap: access_attr = "(null)"
 ldap: groupname_attribute = "cn"
 ldap: groupmembership_filter =
"(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(obje
ctClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
 ldap: groupmembership_attribute = "(null)"
 ldap: dictionary_mapping = "/usr/local//etc/raddb/ldap.attrmap"
 ldap: ldap_debug = 0
 ldap: ldap_connections_number = 5
 ldap: compare_check_items = no
 ldap: access_attr_used_for_allow = yes
 ldap: do_xlat = yes
rlm_ldap: Registering ldap_groupcmp for Ldap-Group
rlm_ldap: Registering ldap_xlat with xlat_name ldap
rlm_ldap: reading ldap<->radius mappings from file
/usr/local//etc/raddb/ldap.attrmap
rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type
rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use
rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id
rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS
Calling-Station-Id
rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password
rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password
rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT
rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration
rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type
rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol
rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address
rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask
rlm_ldap: LDAP radiusFramedRoute mapped to RADIU

Re: [radius] Auth-Type error

2004-12-27 Thread Mathias Röhl 
Am Mo, den 27.12.2004 schrieb Nick Marino um 11:15:
Hi
> Never mind found the problem myself. 
> 
and ? what was the reason ?

regards

[EMAIL PROTECTED]



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: [radius] Auth-Type error

2004-12-27 Thread Nick Marino 
- Original Message - 
From: "Nick Marino" <[EMAIL PROTECTED]>
To: 
Sent: Monday, December 27, 2004 3:29 AM
Subject: [radius] Auth-Type error


When trying to authenticate a wireless user I keep getting and error: 
Unknown value specified for Auth-Type. Cannot perform requested operation.

Using FR 1.0.1
And Mysql
Anyone know where I can start looking.. I've gone over all the 
configuration but I am missing something somewhere.

Any help would be greatly appreciated.

Never mind found the problem myself. 

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Auth-Type error

2004-12-27 Thread Nick Marino 
When trying to authenticate a wireless user I keep getting and error: 
Unknown value specified for Auth-Type. Cannot perform requested operation.

Using FR 1.0.1
And Mysql
Anyone know where I can start looking.. I've gone over all the configuration 
but I am missing something somewhere.

Any help would be greatly appreciated.

Nick Marino - IT Solutions 

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Prepaid card module/software

2004-12-27 Thread rashad 



Dear people. Is there any prepaid card processing 
software that works with freeradius?