Re: newbie new freeradius install fails to start...
John Williams wrote: OK Thanks for pointing out my Fedora install didn't have make installed. I have updated the Fedora RPM spec file to declare freeradius has a dependency on make (e.g. Requires: make). After this fix is deployed yum will insure make is installed when it installs freeradius and this problem shouldn't occur. -- John Dennis jden...@redhat.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: newbie new freeradius install fails to start...
John Dennis wrote: I have updated the Fedora RPM spec file to declare freeradius has a dependency on make (e.g. Requires: make). After this fix is deployed yum will insure make is installed when it installs freeradius and this problem shouldn't occur. A different solution is to fix the bootstrap script to just run the commands directly. I've done that now. i.e. make -n bootstap git commit bootstrap Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: NLTM_AUTH (PAP) and MS-CHAP2 together?
Mike Diggins wrote: How do I stop it from sending the same Reply message when the user enters a incorrect password. Right now the Reject responds like this: Sending Access-Reject of id 22 to 192.168.2.2 port 1025 Reply-Message = Group=NetWorkers Use attr_filter to delete it. Or, update the rules to add the Reply-Message in the post-auth section. Also, my client (a cisco ASA5500 VPN Server) has an authorization check box. When I check it, it sends a Radius request with the username and password both filled in with the username. FreeRadius seems to treat it as another authentication request. What is its purpose? shrug Ask Cisco. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
somewhat ot: Check radius server name on linux supplicant
Hi, I'm stuck with a problem to which I haven't found an easy solution. Let's say we use either EAP-PEAP or EAP-TTLS. Both on Windows you cave ways to check not only ca certificate but also radius server name. I've tried: *NetworkManager: It can't check radius server name. *wicd: You could use customized scripts but make things harder and replace NetworkManager which is the default network tool on modern distros. *kwlan: It's like wicd an more KDE oriented. *wpasupplicant: It can check server name! But also on Fedora 10 I haven't found a way for NetworkManager apply its config file. Mostly modern and end users distros don't pay attention to wpasupplicant config file. On Windows (and I am not presicely a MS fan) you can check server name either by itself or by SecureW2. On Mac it prompts you showing radius server name. Sadly, I haven't found on Linux to check radius server name. I fear this: Let's say I have a radius server which use a certificate signed by WhateverSign. You get a certificate signed by WhateverSign too. You use a trustable ca certificate, don't you? Well, you config a cheating Access Point. Then a user come and connect to that cheating Access Point. Please tell me if that risk exists and if is wothy of worrying. If it is, how I can do for check radius server name on modern distro Linux? Thanks in advance and happy new year -- -- Open Kairos http://www.openkairos.com Watch More TV http://sebelk.blogspot.com Sergio Belkin - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re:freeradius doesn't sent information to mysql
In vpn server or accounting server? To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-users or, via email, send a message with subject or body 'help' to freeradius-users-requ...@lists.freeradius.org rad_recv: Accounting-Request packet from host 10.10.10.3:11858, id=133, length=260 Acct-Status-Type = Start Acct-Delay-Time = 0 NAS-IP-Address = 10.10.10.3 Service-Type = Framed-User Framed-Protocol = PPP NAS-Port = 4 MS-RAS-Vendor = 311 MS-RAS-Version = MSRASV5.20 NAS-Port-Type = Virtual Tunnel-Type:0 = PPTP Tunnel-Medium-Type:0 = IP Calling-Station-Id = 192.168.201.59 Tunnel-Client-Endpoint:0 = 192.168.201.59 Microsoft-Attr-35 = 0x4d5352415356352e3130 Microsoft-Attr-34 = 0x4d535241532d302d312d34304432454332364243374334 Acct-Session-Id = 118382 User-Name = school Framed-IP-Address = 10.10.10.4 Framed-MTU = 1400 Session-Timeout = 389554 Idle-Timeout = 1200 Acct-Multi-Session-Id = 953 Acct-Link-Count = 1 Event-Timestamp = Dec 31 2008 15:45:03 IRST Acct-Authentic = RADIUS MS-MPPE-Encryption-Types = 0x Sending Accounting-Response of id 133 to 10.10.10.3 port 11858 You haven't got anything configured in the accounting section. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html