Re: Are there any Virtual NAS?
I have several Ascend Max I am not using. On Fri, 1 Jul 2005, Yam Biz wrote: > Date: Fri, 1 Jul 2005 20:03:06 -0700 (PDT) > From: Yam Biz <[EMAIL PROTECTED]> > Reply-To: FreeRadius users mailing list > > To: FreeRadius users mailing list > Subject: Re: Are there any Virtual NAS? > > Thank you, > But are there any Virtual NAS or something else can be replace a NAS? > You know, that is difficult to have a NAS, it is so expensive. > Thank again! > > Alan DeKok <[EMAIL PROTECTED]> wrote: > Yam Biz wrote: > > -I want to have a small FreeRadius Server with AAA, > > billing system but i don't have any NAS in NAS list, > > can you advise me? > > You can't bill anyone if you don't have a NAS that provides > accounting information. > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > __ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com -- Bill [EMAIL PROTECTED] http://www.brunton.net http://www.icu.net KA0SEP NNN0HQA/OK ATP CFII BE200 BE300 BE300F BE1900 BE2000 BE2000S CE500 The Internet... The place to be! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Are there any Virtual NAS?
Yam Biz <[EMAIL PROTECTED]> wrote: Thank you, But are there any Virtual NAS or something else can be replace a NAS? You know, that is difficult to have a NAS, it is so expensive. Thank again!Alan DeKok <[EMAIL PROTECTED]> wrote: Yam Biz <[EMAIL PROTECTED]>wrote:> -I want to have a small FreeRadius Server with AAA,> billing system but i don't have any NAS in NAS list,> can you advise me?You can't bill anyone if you don't have a NAS that providesaccounting information.Alan DeKok.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Yahoo! Sports Rekindle the Rivalries. Sign up for Fantasy Football - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Are there any Virtual NAS?
Thank you, But are there any Virtual NAS or something else can be replace a NAS? You know, that is difficult to have a NAS, it is so expensive. Thank again!Alan DeKok <[EMAIL PROTECTED]> wrote: Yam Biz <[EMAIL PROTECTED]>wrote:> -I want to have a small FreeRadius Server with AAA,> billing system but i don't have any NAS in NAS list,> can you advise me?You can't bill anyone if you don't have a NAS that providesaccounting information.Alan DeKok.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html__Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
how to populate Postgresql base with users ?
Dear Sirs, I want to implement PPTP server (either mpd or poptop) with CHAP+MPPE authentication against freeradius. I've successfully configured freeradius+postgresql, but I'm lost in the database, I've no idea how to populate database. Can anyone provide me some dump for example ? (including sample user, sample password and sample parameters for connection) Thanks! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Current CVS logging issue
Dinko Korunic <[EMAIL PROTECTED]> wrote: > Alan, is there any special reason for not answering on this message? It's fixed in CVS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radiusprofile entry don't work
alan walters ha scritto: Where is the ldif of the client file -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dusty Doris Sent: 01 July 2005 13:42 To: FreeRadius users mailing list Subject: Re: radiusprofile entry don't work I have tryed both solution but don't work!!! :'( this is the output: #ldapadd -x -D "cn=Manager,dc=unime,dc=it" -W -f example.ldif Enter LDAP Password: adding new entry "ou=radius, dc=unime,dc=it" adding new entry "ou=profiles, ou=radius,dc=unime,dc=it" adding new entry "ou=users, ou=radius,dc=unime,dc=it" adding new entry "cn=WLAN, ou=profiles,ou=radius,dc=unime,dc=it" ldap_add: Invalid syntax (21) additional info: objectclass: value #0 invalid per syntax I have forgotten: I have deleted the first entry: dn: dc=unime,dc=it objectClass: dcObject objectClass: organizationUnit ou: Unime.it Radius dc: unime because don't work absolutely. wtithout this entry the entryes for ou=radius ou=profiles ou=users works, and I have the error output above. With this entry I have a error on the first entry . Anyone can help me?? -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: Personalizza il tuo cellulare con le immagini più divertenti o con le foto di chi ami * Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=3117&d=30-6 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __ NOD32 1.1159 (20050630) Information __ This message was checked by NOD32 antivirus system. http://www.nod32.com can everyone post-me your RADIUS-LDAPv3.schema, only the section of objectclass radiusprofile??? -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: Libri e CD musicali - Oltre 12.000 titoli nuovi scontati dal 60 all'80%! * Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=1898&d=1-7 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Current CVS logging issue
On Mon, Jun 20, 2005 at 11:28:19AM +0200, Dinko Korunic wrote: > Hi. I believe that it might be a bug in current CVS. I've encountered an > issue that FreeRADIUS does not log nor into files, nor into syslog, no > matter what the configuration says [always dumps on stdout/stderr]. I've Alan, is there any special reason for not answering on this message? -- NAME:Dinko.kreator.Korunic NOTE:Standard.disclaimer.applies URL:kreator.esa.fer.hr IRC:kre ICQ:16965294 PGP:0xea160d0b - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius & kerberos preauth
"Roy D. Hockett" <[EMAIL PROTECTED]> wrote: > In kerberos v5 you can require what is referred to as preauth, and > this means that the KDC doesn return a TGT until the client has > authenticated. So I am asking if anyone have freeradius with the > kerberos module working with a Kerberos KDC that requires > preauthentication. Hmm... I'm not sure the interaction of RADIUS & Kerberos allows for that. So far as the FreeRADIUS server is concerned, kerberos is just another "database", that returns OK/Fail for user/password authentication. The user doesn't even know that FreeRADIUS is doing kerberos. I thnk the answer to your question is "No". The user isn't doing kerberos, so any "pre-auth" or TGT stuff just won't work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radiusprofile entry don't work
Dusty Doris ha scritto: I have tryed both solution but don't work!!! :'( this is the output: #ldapadd -x -D "cn=Manager,dc=unime,dc=it" -W -f example.ldif Enter LDAP Password: adding new entry "ou=radius, dc=unime,dc=it" adding new entry "ou=profiles, ou=radius,dc=unime,dc=it" adding new entry "ou=users, ou=radius,dc=unime,dc=it" adding new entry "cn=WLAN, ou=profiles,ou=radius,dc=unime,dc=it" ldap_add: Invalid syntax (21) additional info: objectclass: value #0 invalid per syntax Did you include the RADIUS-LDAPv3.schema into slapd.conf? You need to tell openldap about the objectclass radiusprofile. in slapd.conf include/yourpathto/openldap/schema/RADIUS-LDAPv3.schema - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __ NOD32 1.1159 (20050630) Information __ This message was checked by NOD32 antivirus system. http://www.nod32.com yes, of course... I have copied the RADIUS-LDAPv3.schema from the doc/ directory to my directory /usr/local/etc/openldap/schema, and I import it in the slapd.conf. this is my ldif file: dn: ou=radius, dc=unime,dc=it objectclass: organizationalunit ou: radius dn: ou=profiles, ou=radius,dc=unime,dc=it objectclass: organizationalunit ou: profiles dn: ou=users, ou=radius,dc=unime,dc=it objectclass: organizationalunit ou: users dn: cn=WLAN, ou=profiles,ou=radius,dc=unime,dc=it objectClass: radiusProfile cn: WLAN radiusServiceType: Framed-User radiusFramedProtocol: PPP radiusFramedIPNetmask: 255.255.255.0 radiusFramedRouting: None dn: cn=Felice, ou=users,ou=radius,dc=unime,dc=it objectclass: radiusProfile cn: Felice radiusGroupName: WLAN -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: Giornata faticosa? Rilassati con il Cuscino per Massaggi che vibra! Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=2742&d=1-7 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius & kerberos preauth
Alan, In kerberos v4 a client would request a Ticket Granting Ticket (TGT) from the Kerberos KDC, and the KDC would comply and send it. In kerberos v5 you can require what is referred to as preauth, and this means that the KDC doesn return a TGT until the client has authenticated. So I am asking if anyone have freeradius with the kerberos module working with a Kerberos KDC that requires preauthentication. Thanks, -Roy // /* Roy Hockett * Telephone: (734) 763-7325*/ /* Network Engineer, * FAX: (734) 615-1727*/ /* ITCom, *Internet: [EMAIL PROTECTED] */ /* University of Michigan **/ // On Fri, 1 Jul 2005, Alan DeKok wrote: "Roy D. Hockett" <[EMAIL PROTECTED]> wrote: I ahve looked on the web and haven't found anything afirming that freeradius will support or not support preauth with kerberos v5. "preauth"? There's an rlm_krb5 module, if that's what you're looking for. Alan DekOk. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius & kerberos preauth
"Roy D. Hockett" <[EMAIL PROTECTED]> wrote: > I ahve looked on the web and haven't found anything afirming that > freeradius will support or not support preauth with kerberos v5. "preauth"? There's an rlm_krb5 module, if that's what you're looking for. Alan DekOk. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Multiple realms: need help
Normando Marcolongo <[EMAIL PROTECTED]> wrote: > I would like to have freeradius behave like this: > - realm 'alwaysok' would always accept authentication > - realme 'checkthis' would always check against mysql Sure, but they're not really realms. > Is there a more elegant way of doing this? Yes. You can look for the Realm in the users file. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP problem
"Graham, Robert" <[EMAIL PROTECTED]> wrote: > rlm_eap: Identity does not match User-Name, setting from EAP Identity > > I did more searches on this error, and tried several suggestions, from > using the hints file: > > DEFAULT Prefix == "MEM\\", Strip-User-Name = Yes That would cause the problem. The default configuration of the server DOES NOT have rlm_eap produce that message. You've added something to create the problem. Start off with the default configuration of the server, and test it. Make changes, test them, and repeat, until you have the configuration you want. > I have attached the debug output: .. > rad_lowerpair: User-Name now 'mem\rgraham' Why have you configured that? It's causing the problem. The debug output is telling you that the User-Name doesn't match something else, and it's ALSO telling you that you've configured it to change the User-Name, So don't change the User-Name. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Client with Window OS?
Yam Biz <[EMAIL PROTECTED]> wrote: > -I want to have a small FreeRadius Server with AAA, > billing system but i don't have any NAS in NAS list, > can you advise me? You can't bill anyone if you don't have a NAS that provides accounting information. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RFC Info
Jeff Fern <[EMAIL PROTECTED]> wrote: > Can anyone advise me if (and where) the ability to do this is actually in > the Radius RFC, and therefore must be supported by other Radius servers, > or if it is an extra feature of freeRadius? The RFC's describe the protocol, not the configuration of a RADIUS server. Matching user names with a regex, and th e"proxy-to-realm" attribute are implementation-specific configurations. One reason so many people use FreeRADIUS is that it has features other RADIUS servers don't have. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Chap password failing with Cisco
Brent Smith schrieb: > I am trying to get freeradius to authenticate chap for a > ISDN backup call on a cisco. I am running version 1.0.1. > I am in control of server and clients, so I know the > passwords match, but the logs say they do not. IIRC earlier 1.0.x releases have problems with MD5 (and this CHAP) an some hardware (e.g. 64-bit (like AMD-64) or big-endian (like SPARC) processors), so if you're running one of those, an update might be helpful. Search the mailing list archives for details... Also, if all is fine in that respect, your paket seems to contain CHAP-Password only, no "CHAP-Challenge". IIRC, there's a rule on how to automatically derive a CHAP-Challenge from the rest of the RADIUS paket, but I have no idea how well this is supported by server and various clients, so maybe there some problem hidden there? Regards, Stefan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
dialup_admin problem
The problem is its not the sql server that's denying access but the config of the php and dialup_admin scripts that's not working. I can connect to the mysql database from anyother other method except via the web interface. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius & kerberos preauth
I ahve looked on the web and haven't found anything afirming that freeradius will support or not support preauth with kerberos v5. Is anyone using preauth with kerberos v5 and freeradius? If there is documentation on this please point me in the right direction. Thanks, -Roy -- // /* Roy Hockett * Telephone: (734) 763-7325*/ /* Network Engineer, * FAX: (734) 615-1727*/ /* ITCom, *Internet: [EMAIL PROTECTED] */ /* University of Michigan **/ // - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RFC Info
Hello all, I am using freeRadius as a proxy server for requests, however instead of proxying with [EMAIL PROTECTED], I am using: DEFAULT User-Name =~ "12357.*", Proxy-To-Realm := "Realm" with a regular expression for the start of the username (there will be several of these lines). Can anyone advise me if (and where) the ability to do this is actually in the Radius RFC, and therefore must be supported by other Radius servers, or if it is an extra feature of freeRadius? Any info on this would be gratefully recieved, Regards, -Jeff Fern - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: radiusprofile entry don't work
Where is the ldif of the client file -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dusty Doris Sent: 01 July 2005 13:42 To: FreeRadius users mailing list Subject: Re: radiusprofile entry don't work > I have tryed both solution but don't work!!! :'( > this is the output: > > #ldapadd -x -D "cn=Manager,dc=unime,dc=it" -W -f example.ldif > Enter LDAP Password: > adding new entry "ou=radius, dc=unime,dc=it" > > adding new entry "ou=profiles, ou=radius,dc=unime,dc=it" > > adding new entry "ou=users, ou=radius,dc=unime,dc=it" > > adding new entry "cn=WLAN, ou=profiles,ou=radius,dc=unime,dc=it" > ldap_add: Invalid syntax (21) > additional info: objectclass: value #0 invalid per syntax > > > > I have forgotten: > I have deleted the first entry: > > dn: dc=unime,dc=it > objectClass: dcObject > objectClass: organizationUnit > ou: Unime.it Radius > dc: unime > > > because don't work absolutely. > > wtithout this entry the entryes for ou=radius ou=profiles ou=users > works, and I have the error output above. > With this entry I have a error on the first entry . > > Anyone can help me?? > > > > > > -- > Email.it, the professional e-mail, gratis per te: http://www.email.it/f > > Sponsor: > Personalizza il tuo cellulare con le immagini più divertenti o con le foto > di chi ami > * > Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=3117&d=30-6 > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radiusprofile entry don't work
> I have tryed both solution but don't work!!! :'( > this is the output: > > #ldapadd -x -D "cn=Manager,dc=unime,dc=it" -W -f example.ldif > Enter LDAP Password: > adding new entry "ou=radius, dc=unime,dc=it" > > adding new entry "ou=profiles, ou=radius,dc=unime,dc=it" > > adding new entry "ou=users, ou=radius,dc=unime,dc=it" > > adding new entry "cn=WLAN, ou=profiles,ou=radius,dc=unime,dc=it" > ldap_add: Invalid syntax (21) > additional info: objectclass: value #0 invalid per syntax > Did you include the RADIUS-LDAPv3.schema into slapd.conf? You need to tell openldap about the objectclass radiusprofile. in slapd.conf include/yourpathto/openldap/schema/RADIUS-LDAPv3.schema - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radiusprofile entry don't work
> I have tryed both solution but don't work!!! :'( > this is the output: > > #ldapadd -x -D "cn=Manager,dc=unime,dc=it" -W -f example.ldif > Enter LDAP Password: > adding new entry "ou=radius, dc=unime,dc=it" > > adding new entry "ou=profiles, ou=radius,dc=unime,dc=it" > > adding new entry "ou=users, ou=radius,dc=unime,dc=it" > > adding new entry "cn=WLAN, ou=profiles,ou=radius,dc=unime,dc=it" > ldap_add: Invalid syntax (21) > additional info: objectclass: value #0 invalid per syntax > > > > I have forgotten: > I have deleted the first entry: > > dn: dc=unime,dc=it > objectClass: dcObject > objectClass: organizationUnit > ou: Unime.it Radius > dc: unime > > > because don't work absolutely. > > wtithout this entry the entryes for ou=radius ou=profiles ou=users > works, and I have the error output above. > With this entry I have a error on the first entry . > > Anyone can help me?? > > > > > > -- > Email.it, the professional e-mail, gratis per te: http://www.email.it/f > > Sponsor: > Personalizza il tuo cellulare con le immagini più divertenti o con le foto > di chi ami > * > Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=3117&d=30-6 > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Fw: Logging authentication
i was having problems with logging both good and bad logins and so i upgraded to Freeradius 1.0.4 but am still not seeing anything in radius.log i can send my config files if someone can help me i would be very grateful Michael J. Humphries Network Engineer Delcomp/SOFTEK 1431 N. 26th Street Escanaba, MI 49829 Phone: 906-786-3583, ext 39 Fax: 906-786-4300 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: dialup_admin problem
Check mysql logs. If mysql server refuses connection by any reason you will see it in logs. Standard location of mysql logs in mysql data directory. Normal operations are logged in file your_machine_name.log, errors in your_machine_name.err. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
dialup_admin problem
I've changed the following ... sql_server: 127.0.0.1 ( don't work ) sql_server: 1.2.3.4 ( where it is a substitute for the real ip address ) If I look at the fields below sql_type: mysql ( is the default ) and if I use that then get this error when clicking on statistics on the dialup admin homepage < Could not connect to the SQL database > If I change the string to sql_type: mysq ( another string ) and use that then I get the error when clicking on statistucs on the dialup admin homepage < Could not include SQL library functions. Aborting > I reckon the problem is something in the connection string because as mentioned connecting to mysql through a client works perfectly , its only the web interface that refuses to connect to the db with freeradius running no matter what the syntax , suggestions ? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
using freeradius and chillispot
hello, I want to ask about using freeradius and chillispot in one PC. there is need to configure the freeradius to using chillispot?? thanks for your attention Discover Yahoo! Have fun online with music videos, cool games, IM & more. Check it out!- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Multiple realms: need help
Hi! I would like to have freeradius behave like this: - realm 'alwaysok' would always accept authentication - realme 'checkthis' would always check against mysql Since now I'd have done this by telling freeradius to proxy one of the realms to another freeradius the would behave accordingly leaving the former to do the processing for the other realm. Is there a more elegant way of doing this? Thank you! Normando -- | Normando Marcolongo | Micso s.r.l. | | via Tiburtina, 318 | I-65128 Pescara, Italy| |tel/fax (+39)08554105 | mob. (+39)3386296362 | begin:vcard fn:Normando Marcolongo n:Marcolongo;Normando org:Micso s.r.l.;System & Network Engineer adr:;;via Tiburtina, 318;Pescara;;65128;Italy email;internet:[EMAIL PROTECTED] tel;work:+3908554105 tel;fax:+3908554105 tel;cell:+393386296362 x-mozilla-html:FALSE url:http://www.micso.com version:2.1 end:vcard - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html