AS5300 and callerid
how can i get callerid from Cisco AS5300? thanks, Payam Shabanian [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: use more radius-mysql databases
[EMAIL PROTECTED] wrote:
i have a freeradiusserver with a connection to a mysql db. now i want
to unstall a new customer. for this customer i want to use a seperate
database. how can i uinstall this?
You can define multiple instances of a module:
See doc/rlm_sql:
5. Instances
Just like any other module, multiple instances of the rlm_sql
module can be defined and used wherever you like.
The default .conf files for the different database types,
contain 1 instance without a name like so:
sql {
...
}
You can create multiple named instances like so:
sql sql_instance1 {
...
}
sql sql_instance2 {
...
}
And then you can use a specific instance in radiusd.conf, like
so:
authorize {
...
sql_instance1
...
}
accounting {
...
sql_instance1
sql_instance2
...
}
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: AS5300 and callerid
Hi Payam, 'CLID' should appear in Calling-Station-Id in the accounting packet. Is that what you meant? Rgds, Guy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of shabanip Sent: 25 February 2005 08:18 To: freeradius-users@lists.freeradius.org Subject: AS5300 and callerid how can i get callerid from Cisco AS5300? thanks, Payam Shabanian [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html This e-mail is private and may be confidential and is for the intended recipient only. If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed. If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it. We use reasonable endeavours to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free. You should undertake your own virus checking. The right to monitor e-mail communications through our network is reserved by us. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: AS5300 and callerid
but my as5300 dont send such a packet Payam Shabanian shabanip -at- avapajoohesh.com Hi Payam, 'CLID' should appear in Calling-Station-Id in the accounting packet. Is that what you meant? Rgds, Guy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of shabanip Sent: 25 February 2005 08:18 To: freeradius-users@lists.freeradius.org Subject: AS5300 and callerid how can i get callerid from Cisco AS5300? thanks, Payam Shabanian [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html This e-mail is private and may be confidential and is for the intended recipient only. If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed. If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it. We use reasonable endeavours to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free. You should undertake your own virus checking. The right to monitor e-mail communications through our network is reserved by us. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: AS5300 and callerid
hi, On Fri, 2005-02-25 at 11:47 +0330, shabanip wrote: how can i get callerid from Cisco AS5300? look for these avp's: Calling-Station-Id gw-rxd-cgn gw-final-xlated-cgn for Cisco-related avp's checkout this link: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_programming_reference_guide09186a00800b5e17.html hth, roy - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: AS5300 and callerid
thanks for your great help! Payam Shabanian shabanip -at- avapajoohesh.com hi, On Fri, 2005-02-25 at 11:47 +0330, shabanip wrote: how can i get callerid from Cisco AS5300? look for these avp's: Calling-Station-Id gw-rxd-cgn gw-final-xlated-cgn for Cisco-related avp's checkout this link: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_programming_reference_guide09186a00800b5e17.html hth, roy - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius+Nocat
Hi Chan,
The patch is really basic :
## -- begin ---
--- /usr/local/nocat/lib/NoCat/Source/RADIUS.pm 2004-02-26
10:46:41.0 +0100
+++ /usr/share/nocatauth/authserv/lib/NoCat/Source/RADIUS.pm
2004-06-25 13:39:12.0 +0200
@@ -85,8 +85,8 @@
# mimic the check_pwd from Authen::Radius
$radius-clear_attributes;
$radius-add_attributes (
-{ Name = 1, Value = $user-id },
-{ Name = 2, Value = $user_pw }
+{ Name = 1, Value = $user-id, Type
= 'string' },
+{ Name = 2, Value = $user_pw, Type =
'string' }
);
my $radiuscheckok = 0;
## -- end ---
I do it myself
you can add all attributes you need , for example , i need the
NAS-IP-ADDRESS to match with huntgroup + sql back end .
If you need tips , let me know
Regards
Thomas MARCHESSEAU
Chan Min Wai wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thomas MARCHESSEAU wrote:
HI all,
Nocat rocks with Freeradius. I just have pb with RADIUS.pm
Try this one, and let me know if its ok for you .
Btw , Chilli woks nice too.
Regards
Thomas MARCHESSEAU
However, I'm using chillispot at the time...
But Thank for the script, it seem to be the one that you are having is a
bit different.
Could you please tell me where do you get the patch?
Regards,
Chan Min Wai
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFCHowCV0p9slMZLW4RAgTZAKDjeFrJhlTdC2s3p+5XNpt9y5jOvwCg2IAt
aT/nZ1iirOerEvlBBJoi9iA=
=eg5O
-END PGP SIGNATURE-
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: authentication saw web for wireless
Hi, Have a look on NoCat or Chillispot It works fine , easy to deploy you can browse seattlewireless.net for more tips or a tons of wifi website regards Thomas Paulo Afonso Ribeiro Filho wrote: Somebody knows as or what to use to make an authentication it saw web for wireless? Yours truly Paulo Afonso - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: my radiusd stops working under high load
Hi, Could you paste a bit of logs ? or somethings ? ie, Nicolas Baradakis and I , have had some problems with radsqlrelay while working in high load mode = No more threads regards Thomas MARCHESSEAU shabanip wrote: what would be the potential causes? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius connections pool to oracle
Hello ! Is it really needed, if Oracle can work as shared server ? Why we reserve dedicated connections, if RADIUS server can use connections to shared server? And it's only need to configure this mode at oracle server side, no programming at radius-server side required. In the nature of requests from RADIUS-server it is ideal for shared server, not for dedicated: - many number of requests/second - each request is OLTP request - it's not heavy and it's make a number of relatively simple requests, which executes fast. Can rlm_sql module establish connection to DB only when radius-server need it ? If I'll administratively link radius connections to shared Oracle server, it will hold only dispatcher processes permanently? Thanks a lot. Ruslan A Dautkhanov [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: my radiusd stops working under high load
OK, i will try to capture more info? what is happening to me seems to be a deadlock on radius server.. Payam Shabanian shabanip -at- avapajoohesh.com Hi, Could you paste a bit of logs ? or somethings ? ie, Nicolas Baradakis and I , have had some problems with radsqlrelay while working in high load mode = No more threads regards Thomas MARCHESSEAU shabanip wrote: what would be the potential causes? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: tunning radiusd
On Fri, 25 Feb 2005, shabanip wrote: how can i tune radius for best performance (request/sec)? thanks, Payam Shabanian See doc/tuning_guide. Usually, most tuning should be done on the underlying database, not radius itself. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: launching extenral programs
On Fri, 25 Feb 2005, shabanip wrote: is there any way to run an external program for authetication, authorization and accouting? Yes. READ the server documentation and configuration files. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: user-defined attributes
On Fri, 25 Feb 2005, shabanip wrote: can i define or get unstanderds attributes in freeradius? Yes. Please stop asking questions without reading anything first. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: user-defined attributes
Sorry! i will go through the docs first. thanks, Payam Shabanian shabanip -at- avapajoohesh.com On Fri, 25 Feb 2005, shabanip wrote: can i define or get unstanderds attributes in freeradius? Yes. Please stop asking questions without reading anything first. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: use more radius-mysql databases
thanks, it was very helpful for me. now i have the effect, that i get also
entries in the radacct of all other accounts. that means, it's doesn't
select if the accounting comes from customer a or customer b
[EMAIL PROTECTED] wrote:
i have a freeradiusserver with a connection to a mysql db. now i want
to unstall a new customer. for this customer i want to use a seperate
database. how can i uinstall this?
You can define multiple instances of a module:
See doc/rlm_sql:
5. Instances
Just like any other module, multiple instances of the rlm_sql
module can be defined and used wherever you like.
The default .conf files for the different database types,
contain 1 instance without a name like so:
sql {
...
}
You can create multiple named instances like so:
sql sql_instance1 {
...
}
sql sql_instance2 {
...
}
And then you can use a specific instance in radiusd.conf, like
so:
authorize {
...
sql_instance1
...
}
accounting {
...
sql_instance1
sql_instance2
...
}
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DEFAULT profile in postgresql database?
On Fri, 25 Feb 2005, Vincent Chen wrote: I do have the following configuration in postgresql.conf default_user_profile = DEFAULT query_on_not_found = yes Do I need other options? In /etc/raddb/users, I have this profile: Presario 2135AD EAP-Type := EAP-TLS, NAS-IP-Address == 10.1.3.5 In postgresql database, I have following data rows: 11 | Presario 2135AD | EAP-Type | := | EAP-TLS 13 | Presario 2135AD | NAS-IP-Address| == | 10.1.3.5 15 | DEFAULT | Auth-Type | := | Reject If I use files module, this user will be rejected. If I switch to sql module, this user will be accepted. How can I tell whether DEFAULT profile choosed or not while using sql module? Thanks for your help, Vincent Chen I'm not sure how the sql module works with checkitems, but if its not honoring additional checkitems such as the nas-ip-address, then you probably have to use the checkval module. That will compare the attributes in the request with check items and based on your configuration, reject them if they don't match. -Dusty Doris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
../raddb/users file and MySQL?
Hi Just a question: There are any way to use the ../raddb/users file so that the GroupName value especified to the Group attribute be a MySQL-Group-Name and set the check attributes and the reply items values for the MySQL-Group here instead of the RadGroupCheck,and RadGroupReply MySQL database tables. Something like this: ../etc/raddb/users file: . . . DEFAULT Service-Type == Framed-User, Group == MySQLGroupName Service-Type = Framed-User, Framed-Filter-Id = MyFilter, Cisco-AVPair= Any, Session-Timeout = xxx, Idle-Timeout = xxx . . . or probably there are an other attribute instead of Group ? Thanks you. - Este mensaje fue enviado usando el servicio de correo en web de Infomed http://webmail.sld.cu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_policy
Where can I found documentation about rlm_policy, how to compile and how to use it, in wich files ? Marc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Quick Disconnects
I am having issues with customers dialing up, connecting, and going through the whole process. It appears as if they connect, but 1 second later, they are disconnected. Ive stopped and started FR. Ive rebooted the server. Ive rebooted the RAS. Looks like about 50% of my users are having this issue. The others connect fine. I have an APX-8000 as my RAS box. Using FreeRADIUS v.07. Getting loads of errors in radius.log looking like: Error: rlm_sql: Stop packet with zero session length. (user '', nas 'ip-protected') Radiusd X looks like this, on failed users: rad_recv: Accounting-Request packet from host ip-protected:9169, id=11, length=188 Event-Timestamp = Feb 24 2005 NAS-IP-Address = ip-protected NAS-Identifier = ras001.mydomain.net NAS-Port = 20931 NAS-Port-Type = Async Acct-Status-Type = Stop Acct-Delay-Time = 0 Acct-Session-Id = 444535794 X-Ascend-Disconnect-Cause = 185 X-Ascend-Connect-Progress = 30 X-Ascend-Data-Rate = 64000 X-Ascend-PreSession-Time = 12 X-Ascend-Pre-Input-Octets = 0 X-Ascend-Pre-Output-Octets = 0 X-Ascend-Pre-Input-Packets = 0 X-Ascend-Pre-Output-Packets = 0 X-Ascend-Xmit-Rate = 64000 X-Ascend-Modem-PortNo = 9 X-Ascend-Modem-SlotNo = 23 X-Ascend-Modem-ShelfNo = 1 Calling-Station-Id = number protected Called-Station-Id = number protected - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: ../raddb/users file and MySQL?
Use the SQL-Group attribute, so your check line would look like this: DEFAULT Service-Type == Framed-User, SQL-Group == MySQLGroupName --Mike --- Michael Griego Wireless LAN Project Manager The University of Texas at Dallas [EMAIL PROTECTED] wrote: Hi Just a question: There are any way to use the ../raddb/users file so that the GroupName value especified to the Group attribute be a MySQL-Group-Name and set the check attributes and the reply items values for the MySQL-Group here instead of the RadGroupCheck,and RadGroupReply MySQL database tables. Something like this: ../etc/raddb/users file: . . . DEFAULT Service-Type == Framed-User, Group == MySQLGroupName Service-Type = Framed-User, Framed-Filter-Id = MyFilter, Cisco-AVPair= Any, Session-Timeout = xxx, Idle-Timeout = xxx . . . or probably there are an other attribute instead of Group ? Thanks you. - Este mensaje fue enviado usando el servicio de correo en web de Infomed http://webmail.sld.cu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
questions about the clients.conf file
Hi, I have two questions about the clients.conf file: _ when I define a client on this file, I need to write the ip or the hostname or a network... it's possible to enable all client to execute an AAA request (it's for testing) ? _ it's possible to move the clients.conf informations to a Mysql table ? Thank you Luca
Re: Quick Disconnects
I am having issues with customers dialing up, connecting, and going through the whole process. It appears as if they connect, but 1 second later, they are disconnected. Ive stopped and started FR. Ive rebooted the server. Ive rebooted the RAS. Looks like about 50% of my users are having this issue. The others connect fine. I have an APX-8000 as my RAS box. Using FreeRADIUS v.07. If radius is authenticating your users and then they get dropped, this is a problem with your RAS. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radrelay and coredumps...
Terry J Fike Jr [EMAIL PROTECTED] wrote: Is there something else i can do/try to dig the info you need out of this file? Probably not. I'm not sure what else to suggest. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Huntgroups
Hello I have a large number of Cisco routers/switches which authenticate back to FreeRADIUS 1.0.1 on a Debian box. At present, anyone with a RADIUS login may log in to any of the devices. I've been asked to set up certain users so they are only able to log in to a subset of the devices - typically, local administrators at a site. Working with huntgroups appears to be the simplest way to do this, however I can't work out how to do it. Documentation appears a little sparse. I'm assuming I need to assign each user in the users file in to a group, and FreeRADIUS will take care of the authentication. Does anyone have a working configuration they could post here, and that I can hack around to suit my environment? Best wishes, Peter. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PEAP, Odyssey, Cisco 1200 fails with: No SSL info available. Waiting for more SSL data.
Mike Ingle [EMAIL PROTECTED] wrote: I am trying to set up FreeRADIUS 1.0.2 with OpenSSL 0.9.7e to do PEAP authentication. The wireless device is a Cisco 1200 (IOS) and the client is Odyssey 3.03.0.1194 Odyssey has problems doing PEAP to FreeRADIUS. I don't know what the problem is, but it doesn't appear to work. I compared this log with a successful one I downloaded. Below this log is the successful one. Please don't include such information. We know what successful logs look like. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PPTP + RADIUS+LDAP
Anderson Alves de Albuquerque [EMAIL PROTECTED] wrote: I have freeradius with LDAP to do users authentication, now I need to use VPN (pptp) connect freeradius to do users authetication. Is this possible? Yes. I am doing the steps in http://poptop.sourceforge.net/dox/radius_mysql.html, but I have problems with authentication. Does someone known like help me? If you're not going to post any information about what's wrong (see the FAQ), then it is impossible for anyone to help you. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: invalid keyword ATTRIB_NMC
[EMAIL PROTECTED] wrote: Our secondary radius server is running freeradius-0.8.1. I am in the process of upgrading our primary radius server and have installed freeradius-1.0.1. I went ahead and scp the configuration files from our secondary radius server to this new machine. The problem that I am running into is handling ATTRIB_NMC. We do need to include dictionary.usr. Commenting out dictionary.usr in the dictionary file does allow the radiusd to run at start-up, else I get the error below: You MUST use the 1.0.1 dictionaries with the 1.0.1 server. The make install process prints out big warnings about the dictionaries not being upgraded. If you haven't edited the 0.8.1 dictionaries, then copy the raddb/dictionary file from where-ever you built the server (source), to /etc/raddb/dictionary. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius connections pool to oracle
Ruslan A Dautkhanov [EMAIL PROTECTED] wrote: Can rlm_sql module establish connection to DB only when radius-server need it ? No. It tries to keep a pool of connections open. The idea is that the server is usually busy, so the connections will nearly always be in use. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: ../raddb/users file and MySQL?
[EMAIL PROTECTED] wrote: There are any way to use the ../raddb/users file so that the GroupName value especified to the Group attribute be a MySQL-Group-Name No. The Group and Group-Name attributes are for Unix groups only. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_policy
Marc-Henri Boisis-Delavaud [EMAIL PROTECTED] wrote: Where can I found documentation about rlm_policy, how to compile and how to use it, in wich files ? It's an experimental module. configure --with-experimental... The documentation is in the man page. Examples are in raddb/policy.txt. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Quick Disconnects
[EMAIL PROTECTED] wrote: I am having issues with customers dialing up, connecting, and going through the whole process. It appears as if they connect, but 1 second later, they are disconnected. Ok... I've stopped and started FR. I've rebooted the server. That won't do anything. X-Ascend-Disconnect-Cause = 185 Ask Ascend what that number means. That will tell you the disconnect cause. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PPTP + RADIUS+LDAP
My RAdius show me this: rad_recv: Access-Request packet from host 146.164.247.230:32776, id=41, length=70 Service-Type = Framed-User Framed-Protocol = PPP User-Name = marcelo Calling-Station-Id = X.X.Y.198 NAS-IP-Address = X.X.Y.230 NAS-Port = 0 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module digest returns noop for request 3 rlm_realm: No '@' in User-Name = marcelo, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop for request 3 rlm_ldap: - authorize rlm_ldap: performing user authorization for marcelo radius_xlat: '(uid=marcelo)' radius_xlat: 'dc=domain,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=domain,dc=com, with filter (uid=marcelo) rlm_ldap: Added password teste in check items rlm_ldap: looking for check items in directory... rlm_ldap: Adding radiusAuthType as Auth-Type, value CHAP op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: Adding Cisco-AVPair as Cisco-AVPair, value h323-ivr-in=terminal-alias:marcelo,025983355 op=11 rlm_ldap: user marcelo authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module ldap returns ok for request 3 modcall: group authorize returns ok for request 3 rad_check_password: Found Auth-Type CHAP auth: type CHAP Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 3 rlm_ldap: - authenticate rlm_ldap: Attribute User-Password is required for authentication. modcall[authenticate]: module ldap returns invalid for request 3 ERROR: No Digest-Nonce: Cannot perform Digest authentication modcall[authenticate]: module digest returns invalid for request 3 rlm_chap: Attribute CHAP-Password is required for authentication. modcall[authenticate]: module chap returns invalid for request 3 rlm_mschap: No MS-CHAP-Challenge in the request modcall[authenticate]: module mschap returns reject for request 3 modcall: group Auth-Type returns reject for request 3 auth: Failed to validate the user. - PS: My radius is okay whith GNUGK authentication. On Fri, 25 Feb 2005, Alan DeKok wrote: Anderson Alves de Albuquerque [EMAIL PROTECTED] wrote: I have freeradius with LDAP to do users authentication, now I need to use VPN (pptp) connect freeradius to do users authetication. Is this possible? Yes. I am doing the steps in http://poptop.sourceforge.net/dox/radius_mysql.html, but I have problems with authentication. Does someone known like help me? If you're not going to post any information about what's wrong (see the FAQ), then it is impossible for anyone to help you. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Huntgroups
In huntgroups
TESTNAS-IP-Address == 1.2.3.4
in users
DEFAULT Huntgroup-Name = TEST, Autz-Type := ADMIN
in radiusd.conf
modules {
ldap ADMIN_user {
server = ldap
...
access_attr = memberUid
filter=((cn=member_list)(memberUid=%{Stripped-User-Name:-%{User-Name}}))
...
access_attr_used_for_allow = yes
}
...
authorize {
...
Autz-Type ADMIN {
redundant {
ADMIN_User
ADMIN_User_backup_ldap_server
}
notfound = reject
}
...
or
in users
DEFAULT Huntgroup-Name = TEST, Ldap-Group := ADMIN_user-Ldap-Group
On Fri, 2005-02-25 at 09:47, Peter Hicks wrote:
Hello
I have a large number of Cisco routers/switches which authenticate back to
FreeRADIUS 1.0.1 on a Debian box. At present, anyone with a RADIUS login
may log in to any of the devices.
I've been asked to set up certain users so they are only able to log in to
a subset of the devices - typically, local administrators at a site.
Working with huntgroups appears to be the simplest way to do this, however I
can't work out how to do it.
Documentation appears a little sparse. I'm assuming I need to assign each
user in the users file in to a group, and FreeRADIUS will take care of the
authentication.
Does anyone have a working configuration they could post here, and that I
can hack around to suit my environment?
Best wishes,
Peter.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: questions about the clients.conf file
Q1: split the internet in half: 0.0.0.0/1 and 128.0.0.0/1 Q2: read sql docs and configuration files - Original Message - From: Lists To: freeradius-users@lists.freeradius.org Sent: Friday, February 25, 2005 5:34 PM Subject: questions about the clients.conf file Hi, I have two questions about the clients.conf file: _ when I define a client on this file, I need to write the ip or the hostname or a network... it's possible to enable all client to execute an AAA request (it's for testing) ? _ it's possible to move the clients.conf informations to a Mysql table ? Thank you Luca - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: invalid keyword ATTRIB_NMC
[EMAIL PROTECTED] wrote: Our secondary radius server is running freeradius-0.8.1. I am in the process of upgrading our primary radius server and have installed freeradius-1.0.1. I went ahead and scp the configuration files from our secondary radius server to this new machine. The problem that I am running into is handling ATTRIB_NMC. We do need to include dictionary.usr. Commenting out dictionary.usr in the dictionary file does allow the radiusd to run at start-up, else I get the error below: You MUST use the 1.0.1 dictionaries with the 1.0.1 server. The make install process prints out big warnings about the dictionaries not being upgraded. If you haven't edited the 0.8.1 dictionaries, then copy the raddb/dictionary file from where-ever you built the server (source), to /etc/raddb/dictionary. Alan DeKok. Hello Alan, Thank you for your input. I went ahead and did what you suggested. Yes, the 1.0.1 server's radiusd does start at start-up, but this is the error I get when I use one of our other server to test authentication: --cut-- Fri Feb 25 10:14:55 2005 : Info: Using deprecated realms file. Support for this will go away soon. Fri Feb 25 10:14:58 2005 : Info: Ready to process requests. Fri Feb 25 10:18:30 2005 : Error: Invalid operator for item Suffix: reverting to '==' Fri Feb 25 10:18:30 2005 : Error: Invalid operator for item Suffix: reverting to '==' Fri Feb 25 10:18:30 2005 : Error: Invalid operator for item Suffix: reverting to '==' --cut-- These are the same logs I was getting when I was using the 0.8.1 dictionaries, but commented out the dictionary.usr in the dictionary file. Here are the logs running radiusd in debug mode: --cut-- rad_recv: Access-Request packet from host xx.xxx.xx.xx:x, id=xx, length=xx User-Name = user User-Password = password Service-Type = Outbound-User NAS-IP-Address = xx.xxx.xx.xx NAS-Port = 1 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 Invalid operator for item Suffix: reverting to '==' Invalid operator for item Suffix: reverting to '==' Invalid operator for item Suffix: reverting to '==' modcall[authorize]: module preprocess returns ok for request 0 modcall[authorize]: module chap returns noop for request 0 modcall[authorize]: module mschap returns noop for request 0 rlm_realm: No '@' in User-Name = user, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop for request 0 users: Matched user at x modcall[authorize]: module files returns ok for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type System auth: type System Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module unix returns notfound for request 0 modcall: group authenticate returns notfound for request 0 auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- .. --cut-- Thank you, Jane - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: questions about the clients.conf file
Thanks for Q1... And for Q2: I have analized the file sql db_mysql.sql The table nas isn't imported on mysql, because have a syntax error. I can't set the id field to DEFAULT '0' if is NOT NULL and AUTO_INCREMENT !!! The same error for dictionary table # # Table structure for table 'nas' # CREATE TABLE nas ( id int(10) DEFAULT '0' NOT NULL auto_increment, change to id int(10) NOT NULL auto_increment, nasname varchar(128) NOT NULL, shortname varchar(32), type varchar(30) DEFAULT 'other', ports int(5), secret varchar(60) DEFAULT 'secret' NOT NULL, community varchar(50), description varchar(200) DEFAULT 'RADIUS Client', PRIMARY KEY (id), KEY nasname (nasname) ); -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thor Spruyt Sent: venerdì, 25. febbraio 2005 19:08 To: freeradius-users@lists.freeradius.org Subject: Re: questions about the clients.conf file Q1: split the internet in half: 0.0.0.0/1 and 128.0.0.0/1 Q2: read sql docs and configuration files - Original Message - From: Lists To: freeradius-users@lists.freeradius.org Sent: Friday, February 25, 2005 5:34 PM Subject: questions about the clients.conf file Hi, I have two questions about the clients.conf file: _ when I define a client on this file, I need to write the ip or the hostname or a network... it's possible to enable all client to execute an AAA request (it's for testing) ? _ it's possible to move the clients.conf informations to a Mysql table ? Thank you Luca - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
SecureW2 on a wired network
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hello This question isnt specific to freeradius, but I think there could be members on this list, who experienced the same problem. Here we go: We have windows xp clients running sp2 and securew2 as 802.1x clients, which are connected to different nortel baystacks 5510/5520 or cisco catalyst switches. The authentification against freeradius works fine, if I choose securew2 in the network connection properties tab. But when we move the client to another switch, which is unknown to this specific client, the client no longer authenticates. Windows tries to be smart and sets the authentication method back to smartcard :( For a standard workstation, that doesnt roam often, this isnt a problem. But for our notebook users. In order to solve this problem, we examined the registry to find the location, where windows keeps track of known switches. There is a list of the switches in the eapol folder in the registry, where it stores the authentification method, the password, the securew2 profile name, etc for each known switch. But we didnt find any hint, where it stores the default authentification method... Is there a way to set securew2 as the default authentification method, even for an unknown switch/nas? thanks in advance for any help... Carsten - -- - Carsten Karl ~ Max-Planck-Institut fuer Informatik ~ Stuhlsatzenhausweg 85, 66123 Saarbruecken, Germany ~ Phone +49 681 9325-804 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with MultiZilla - http://enigmail.mozdev.org iD8DBQFCH3o5zcqMa51Y3qsRAoL0AJoC3dFf2QSuqciTZtxekGFhE6x2AgCbB03h ZupmmssexNQv95dbFv7okbU= =VcX5 -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_perl reply operators
Is there a way to specify different operators when adding something to the
$RAD_REPLY hash?
Such as.
$RAD_REPLY{'Attribute'} = += Value;
Thanks
Dusty Doris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problem getting core dumps
I'm having a problem in getting the FreeRADIUS server (ver 1.0.2 ) to core dump when there is a segmentation fault ( this happens when it receives the first Access Request from the Radius Client). I went through the following steps to enable core dumps, as described in bugs.dat: Built with developer mode enabled $ ./configure --enable-developer $ make $ make install Set allow_core_dumps to yes in radius.conf Enabled core dumps in my system with ulimit -c unlimited Started the OpenRADIUS server with radiusd -X. When it segfaults, however, I don't get a core dump. Did I miss anything? Any constructive feedback is much appreciated. Thank you! -Areg - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Dialup Admin ?
I had asked a question about Dialup Admin and didn't see any replies back. So I was wondering is this maybe not the list to ask about Dialup Admin. If not is there a list for Dialup Admin and could someone send the link to it. Thanks, Joel - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: SecureW2 on a wired network
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Carsten Karl wrote: | | hello | | This question isnt specific to freeradius, but I think there could be | members on this list, who experienced the same problem. Here we go: | | We have windows xp clients running sp2 and securew2 as 802.1x clients, | which are connected to different nortel baystacks 5510/5520 or cisco | catalyst switches. The authentification against freeradius works fine, | if I choose securew2 in the network connection properties tab. But when | we move the client to another switch, which is unknown to this specific | client, the client no longer authenticates. Windows tries to be smart | and sets the authentication method back to smartcard :( For a standard | workstation, that doesnt roam often, this isnt a problem. But for our | notebook users. | | In order to solve this problem, we examined the registry to find the | location, where windows keeps track of known switches. There is a list | of the switches in the eapol folder in the registry, where it stores the | authentification method, the password, the securew2 profile name, etc | for each known switch. But we didnt find any hint, where it stores the | default authentification method... | | Is there a way to set securew2 as the default authentification method, | even for an unknown switch/nas? | | thanks in advance for any help... | | Carsten | Please replace any occurence of authentification with authentication ;) - -- - Carsten Karl ~ Max-Planck-Institut fuer Informatik ~ Stuhlsatzenhausweg 85, 66123 Saarbruecken, Germany ~ Phone +49 681 9325-804 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with MultiZilla - http://enigmail.mozdev.org iD8DBQFCH4N5zcqMa51Y3qsRAg60AJ43HaOzs2cJ6z/IoxEx6tiEpBT0sACgrODz tAxNkCXKpycKEgquvTR4ch0= =gP0t -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: [radius] RE: Dialup Admin ?
- Original Message - From: Joel Eddy [EMAIL PROTECTED] To: Free Radius Org freeradius-users@lists.freeradius.org Sent: Friday, February 25, 2005 1:50 PM Subject: [radius] RE: Dialup Admin ? I had asked a question about Dialup Admin and didn't see any replies back. So I was wondering is this maybe not the list to ask about Dialup Admin. If not is there a list for Dialup Admin and could someone send the link to it. Thanks, Joel Generaly yes this is the place but there is so much info in the achives most here expect you to look it up through the archives. They really dont like to repeat things here in this list. Nick Marino - IT Solutions -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.4.0 - Release Date: 2/22/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: [radius] RE: Dialup Admin ?
Okay. I'll dig through and see if I can find what I'm looking for. Thanks. Joel- Original Message - From: Nick Marino [EMAIL PROTECTED] To: freeradius-users@lists.freeradius.org Sent: Friday, February 25, 2005 2:26 PM Subject: Re: [radius] RE: Dialup Admin ? - Original Message - From: Joel Eddy [EMAIL PROTECTED] To: Free Radius Org freeradius-users@lists.freeradius.org Sent: Friday, February 25, 2005 1:50 PM Subject: [radius] RE: Dialup Admin ? I had asked a question about Dialup Admin and didn't see any replies back. So I was wondering is this maybe not the list to ask about Dialup Admin. If not is there a list for Dialup Admin and could someone send the link to it. Thanks, Joel Generaly yes this is the place but there is so much info in the achives most here expect you to look it up through the archives. They really dont like to repeat things here in this list. Nick Marino - IT Solutions -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.4.0 - Release Date: 2/22/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: [radius] RE: Dialup Admin ?
- Original Message - From: Joel Eddy [EMAIL PROTECTED] To: freeradius-users@lists.freeradius.org Sent: Friday, February 25, 2005 2:33 PM Subject: Re: [radius] RE: Dialup Admin ? Okay. I'll dig through and see if I can find what I'm looking for. Thanks. If you want to email me directly maybe I can help -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.4.0 - Release Date: 2/22/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems with the AcctStartTime and AcctStopTime
On Wed, 23 Feb 2005 [EMAIL PROTECTED] wrote:
Hello List.
Can anyone help me.
I have problems for insert the row AcctStartTime in the query
accounting_stop_query_alt by example in sql.conf exist it ,
DATE_SUB('%S',
INTERVAL (%{Acct-Session-Time:-0} +
%{Acct-Delay-Time:-0}) SECOND), but en mssql.conf no exist it.
DATE_SUB() is a mysql function. Maybe MS-SQL supports something like that.
If
you find it, post a patch back so that it can be included in future
releases.
anyone has same idea.
Thanks a lot.
Vicente.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
Now,can be included in future releases.
in the file mssql.conf
tested very good.
# accounting_start_query: Inserting of RadAcctId and AcctStopTime was
# removed. These fields are processing by a database
accounting_start_query = INSERT into ${acct_table1} (AcctSessionId,
AcctUniqueId, UserName, Realm,
GatewayId,CallType,CallOrigin,NASIPAddress, NASPort, NASPortType,
AcctStartTime, AcctStopTime,AcctSessionTime, AcctAuthentic,
ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets,
CalledStationId, CallingStationId, AcctTerminateCause, ServiceType,
FramedProtocol, FramedIPAddress, CiscoNASPort,CallId,AcctStartDelay,
AcctStopDelay) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}',
'%{Realm}','%{h323-gw-id}','%{h323-call-type}','%{h323-call-origin}','%{NAS-IP-Address}',
'%{NAS-Port-Id}',
'%{NAS-Port-Type}','%S',DATEADD(SECOND,CONVERT(INT,'+%{Acct-Session-Time}'),CONVERT(DATETIME,'%S',102)),
'0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0',
'%{Called-Station-Id}', '%{Calling-Station-Id}',
'%{h323-disconnect-cause}', '%{Service-Type}', '%{h323-voice-quality}',
'%{h323-remote-address}','%{Cisco-NAS-Port}','%{h323-conf-id}'
,'%{Acct-Delay-Time}', '0')
# accounting_stop_query_alt
# Inserting of RadAcctId and AcctStartTime was
# removed. These fields are processing by a database
accounting_stop_query_alt = INSERT into ${acct_table2} (AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPort,
NASPortType,AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic,
ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets,
CalledStationId, CallingStationId,
GatewayId,CallType,CallOrigin,CiscoNASPort,AcctTerminateCause,
ServiceType, FramedProtocol, FramedIPAddress,CallId,AcctStartDelay,
AcctStopDelay) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port-Id}',
'%{NAS-Port-Type}',DATEADD(SECOND,CONVERT(INT,'-%{Acct-Session-Time}'),CONVERT(DATETIME,'%S',102)),'%S',
'%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}',
'%{Acct-Input-Octets}', '%{Acct-Output-Octets}', '%{Called-Station-Id}',
'%{Calling-Station-Id}','%{h323-gw-id}','%{h323-call-type}','%{h323-call-origin}','%{Cisco-NAS-Port}','%{h323-disconnect-cause}',
'%{Service-Type}', '%{h323-voice-quality}',
'%{h323-remote-address}','%{h323-conf-id}','0', '%{Acct-Delay-Time}')
}
Kostas
esto es mi aporte para futuras descargas, ya sale bien.
Vicente Barrientos Valdivia.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PPTP + RADIUS+LDAP
Anderson Alves de Albuquerque [EMAIL PROTECTED] wrote: My RAdius show me this: Use radiusd -X, as suggested in the README, FAQ, and everywhere else. auth: type CHAP Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 3 rlm_ldap: - authenticate rlm_ldap: Attribute User-Password is required for authentication. To me, that looks like you've drastically edited the default radiusd.conf, and done some very curious things to it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: invalid keyword ATTRIB_NMC
[EMAIL PROTECTED] wrote: I went ahead and did what you suggested. Yes, the 1.0.1 server's radiusd does start at start-up, but this is the error I get when I use one of our other server to test authentication: Ok... These are the same logs I was getting when I was using the 0.8.1 dictionaries, but commented out the dictionary.usr in the dictionary file. Here are the logs running radiusd in debug mode: auth: type System Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module unix returns notfound for request 0 modcall: group authenticate returns notfound for request 0 So... what's the problem? The user doesn't exist in /etc/passwd, and the server is telling you that. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radrelay and coredumps...
Thanks Alan for all your help! anyone know of any other good paid for radius servers?? cause unfortunetly...with this not working...i'm going to have to come up with something new :( and i really like this one...very easy to install, very user friendly (with configs and with errors) and VERY stable (pretty much takes a user fubar to break it) you guys have done great work i'll be sad to see it go... -- Terry J Fike Jr System Administrator MTA Solutions 907-793-4100 [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: SQL Query to get total bandwidth used per user per month.
Hyperlink Admin wrote: Hi Guys, Ok, what I would like to do is the following: I would like to create a seperate radacct for each month. It would be nice to have them going radacct1, raddact2, and so on. and then when it get to next year this time, just carry on with radacct13, radacct14 and so on, otherwise Ill just restart with radacct1 next year. Does anybody know how I would go about setting this up ? Would it be possible to do this automatically ? or would I have to change the config file to write to a different radacctno each month ? Maybe a second table for radacct_historical_data would be suitalbe? Move the data to the historical table and then delete it from your working radacct table. So for example: radacct and radacct_historical_data and then have a script just adding the data to the end of the radacct_historical_data table each month, and clearing the radacct table ? Would I do this with a SQL query ? If so, what would the query look like ? Then I can just create a script executing the query every month. that would be something like: INSERT INTO radacct_historical SELECT * FROM radacct WHERE acctstoptime whenever; of course, it's still neccessary to remove the data from radacct. I'll let you figure that out. However, I think the whole exercise is possibly overkill. Then, my second question: I need to get monthly total bandwidth transfer (both incomming and outgoing traffic) for each user. This I got figured out with the following SQL SELECT * FROM (SELECT username, sum(acctinputoctets+acctoutputoctets) AS total FROM radacct GROUP BY username) AS fooradius- WHERE total 3221225472; Works great !!! Thank you ! Im sure there is a way to do it, but I have never really worked with MySQL or any queries. What I got here, I patched together from reading around on the net and on this list. Let me rephrase - Ive never used any sort of sql. Most Ive done with databases is a little access database. Last thing. And here I think I am actually pushing my luck. Will it be possible (when the previous query actaully works) to automatically take all the users listed in the results of the previous query and moved them from one group (profile) to another. Well I'd suggest triggers which get fired on updates on the radacct table, which update a separate table with username, month, and data (plus whatever else you need to keep on a monthly basis). Your trigger would have the benefit of being fired automatically rather than relying on human intervention. Or you could use cron, and have an external script which checks the db regularly, and massages the data according to your needs. Ok, im kinda lost. Triggers ? How would I add a trigger ? How does it work ? Sorry, Like I said, im kind new to this The I would suggest you look a the documentation of your database of choice. If triggers are beyond your ken, use batch processing and cron. Thanks, Graeme - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: questions about the clients.conf file
On Fri, 25 Feb 2005, Luca Lafranchi list wrote: Thanks for Q1... And for Q2: I have analized the file sql db_mysql.sql The table nas isn't imported on mysql, because have a syntax error. I can't set the id field to DEFAULT '0' if is NOT NULL and AUTO_INCREMENT !!! The same error for dictionary table Fixed, thanks. The dictionary table is not used so don't bother with it. # # Table structure for table 'nas' # CREATE TABLE nas ( id int(10) DEFAULT '0' NOT NULL auto_increment, change to id int(10) NOT NULL auto_increment, nasname varchar(128) NOT NULL, shortname varchar(32), type varchar(30) DEFAULT 'other', ports int(5), secret varchar(60) DEFAULT 'secret' NOT NULL, community varchar(50), description varchar(200) DEFAULT 'RADIUS Client', PRIMARY KEY (id), KEY nasname (nasname) ); -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thor Spruyt Sent: venerd?, 25. febbraio 2005 19:08 To: freeradius-users@lists.freeradius.org Subject: Re: questions about the clients.conf file Q1: split the internet in half: 0.0.0.0/1 and 128.0.0.0/1 Q2: read sql docs and configuration files - Original Message - From: Lists To: freeradius-users@lists.freeradius.org Sent: Friday, February 25, 2005 5:34 PM Subject: questions about the clients.conf file Hi, I have two questions about the clients.conf file: _ when I define a client on this file, I need to write the ip or the hostname or a network... it's possible to enable all client to execute an AAA request (it's for testing) ? _ it's possible to move the clients.conf informations to a Mysql table ? Thank you Luca - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems with characters in CallerStationId and CallingStationId
Hello to all, I use mssql.conf i don´t found the directive safe-characters. I have to do something in special. Thanks. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
