Re: COA default configuration...Need help to test radclient
Awesome. Thanks Alan. That did the trick. I will ask more implementation questions if any issues. Sun May 16 01:43:19 2010 : Debug: Listening on authentication address * port 1812 Sun May 16 01:43:19 2010 : Debug: Listening on accounting address * port 1813 Sun May 16 01:43:19 2010 : Debug: Listening on coa address * port 3799 as server coa Sun May 16 01:43:19 2010 : Debug: Listening on command file /home/test/freeradius-2.1.9/var/run/radiusd/radiusd.sock Sun May 16 01:43:19 2010 : Debug: Listening on proxy address * port 1814 Sun May 16 01:43:19 2010 : Info: Ready to process requests. rad_recv: CoA-Request packet from host 127.0.0.1 port 33844, id=90, length=106 User-Name = "cisco" User-Password = ",>\247\262\374\222<\\\345\321\36543\201:\001" Cisco-AVPair = "subscriber:command=account-logon" Cisco-Account-Info = "S172.16.xx.xx" Sun May 16 01:43:22 2010 : Info: server coa { Sun May 16 01:43:22 2010 : Info: +- entering group recv-coa {...} Sun May 16 01:43:22 2010 : Info: ++[ok] returns ok Sun May 16 01:43:22 2010 : Info: +- entering group send-coa {...} Sun May 16 01:43:22 2010 : Info: ++[ok] returns ok Sun May 16 01:43:22 2010 : Info: } # server coa Sending CoA-ACK of id 90 to 127.0.0.1 port 33844 Sun May 16 01:43:22 2010 : Info: Finished request 0. Sun May 16 01:43:22 2010 : Debug: Going to the next request Sun May 16 01:43:22 2010 : Info: Cleaning up request 0 ID 90 with timestamp +3 Sun May 16 01:43:22 2010 : Info: Ready to process requests. Thanks. --- On Sat, 5/15/10, Alan DeKok wrote: From: Alan DeKok Subject: Re: COA default configuration...Need help to test radclient To: "FreeRadius users mailing list" Date: Saturday, May 15, 2010, 9:43 AM Eric Martell wrote: > Hi Alan, > Thanks for the reply. Pardon my ignorance but as you mentioned I did > not find raddb/sites-available/coa. >In 2.1.8, there's an example CoA server in raddb/sites-available/coa Ah... it's in 2.1.9, then. See http://git.freeradius.org/pre/ for a "pre-release" of 2.1.9. Use that instead of 2.1.8. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS and MAC Authentication
John McDonnell wrote: > I'm not doing any dynamic VLAN assignments over the wireless so I really > don't see any need for MAC authentication and just see it as unneeded > overhead. Is there any reason why I'm wrong with this assumption? It never hurts. You can do *both* EAP && MAC auth at the same time. It stops people who share their passwords. If you do login tracking, you can see if two MACs have logged in at the same time, too. This stops a large percentage of bad behavior. If you're *not* tracking MACs right now, you have no idea who's on your network. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: COA default configuration...Need help to test radclient
Eric Martell wrote: > Hi Alan, >Thanks for the reply. Pardon my ignorance but as you mentioned I did > not find raddb/sites-available/coa. >In 2.1.8, there's an example CoA server in raddb/sites-available/coa Ah... it's in 2.1.9, then. See http://git.freeradius.org/pre/ for a "pre-release" of 2.1.9. Use that instead of 2.1.8. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: COA default configuration...Need help to test radclient
Hi Alan, Thanks for the reply. Pardon my ignorance but as you mentioned I did not find raddb/sites-available/coa. In 2.1.8, there's an example CoA server in raddb/sites-available/coa I only see, # ls -lart sites-available/ total 124 -rw-r- 1 root root 2538 May 14 15:37 vmps -rw-r- 1 root root 849 May 14 15:37 virtual.example.com -rw-r- 1 root root 4042 May 14 15:37 status -rw-r- 1 root root 5057 May 14 15:37 robust-proxy-accounting -rw-r- 1 root root 8543 May 14 15:37 README -rw-r- 1 root root 982 May 14 15:37 proxy-inner-tunnel -rw-r- 1 root root 11757 May 14 15:37 inner-tunnel -rw-r- 1 root root 3340 May 14 15:37 example -rw-r- 1 root root 4544 May 14 15:37 dynamic-clients -rw-r- 1 root root 4506 May 14 15:37 dhcp -rw-r- 1 root root 16544 May 14 15:37 default -rw-r- 1 root root 3508 May 14 15:37 decoupled-accounting -rw-r- 1 root root 5342 May 14 15:37 copy-acct-to-home-server -rw-r- 1 root root 4095 May 14 15:37 buffered-sql -rw-r- 1 root root 2040 May 14 15:37 control-socket -rw-r- 1 root root 5266 May 14 15:56 originate-coa drwxr-x--- 2 root root 4096 May 15 12:42 . drwxr-xr-x 7 root root 4096 May 15 12:58 .. # Thanks and Regards. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html