Re: Dialup Admin
Configure dialupadmin to use the correct mysql username / password.
freeradius is working well..
On Mon, Sep 19, 2011 at 8:44 AM, shawky skaff shawkyskaff...@hotmail.comwrote:
Hi,
I am having issues viewing content on the dialup screen, I can see the html
links, when I select one of them say acconuting I just receive a error
saying DEBUG(SQL,MYSQL DRIVER): Connect: User=root,Password=*
*I have allowed all sql options in site-enabled default file.
Running radiusd -X gives me the following output
[root@radius conf]# radiusd -X
FreeRADIUS Version 2.1.7, for host i686-redhat-linux-gnu, built on Mar 31
2010 at 00:25:31
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/proxy.conf
including configuration file /etc/raddb/clients.conf
including files in directory /etc/raddb/modules/
including configuration file /etc/raddb/modules/counter
including configuration file /etc/raddb/modules/etc_group
including configuration file /etc/raddb/modules/attr_rewrite
including configuration file /etc/raddb/modules/smbpasswd
including configuration file /etc/raddb/modules/mschap
including configuration file /etc/raddb/modules/logintime
including configuration file /etc/raddb/modules/always
including configuration file /etc/raddb/modules/ippool
including configuration file /etc/raddb/modules/sql_log
including configuration file /etc/raddb/modules/detail.log
including configuration file /etc/raddb/modules/expiration
including configuration file /etc/raddb/modules/echo
including configuration file /etc/raddb/modules/checkval
including configuration file /etc/raddb/modules/acct_unique
including configuration file /etc/raddb/modules/sradutmp
including configuration file /etc/raddb/modules/unix
including configuration file /etc/raddb/modules/exec
including configuration file /etc/raddb/modules/attr_filter
including configuration file /etc/raddb/modules/wimax
including configuration file /etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /etc/raddb/modules/perl
including configuration file /etc/raddb/modules/preprocess
including configuration file /etc/raddb/modules/pam
including configuration file /etc/raddb/modules/files
including configuration file /etc/raddb/modules/linelog
including configuration file /etc/raddb/modules/expr
including configuration file /etc/raddb/modules/otp
including configuration file /etc/raddb/modules/inner-eap
including configuration file /etc/raddb/modules/detail.example.com
including configuration file /etc/raddb/modules/digest
including configuration file /etc/raddb/modules/mac2ip
including configuration file /etc/raddb/modules/realm
including configuration file /etc/raddb/modules/radutmp
including configuration file /etc/raddb/modules/detail
including configuration file /etc/raddb/modules/cui
including configuration file /etc/raddb/modules/smsotp
including configuration file /etc/raddb/modules/mac2vlan
including configuration file /etc/raddb/modules/chap
including configuration file /etc/raddb/modules/passwd
including configuration file /etc/raddb/modules/policy
including configuration file /etc/raddb/modules/pap
including configuration file /etc/raddb/eap.conf
including configuration file /etc/raddb/sql.conf
including configuration file /etc/raddb/sql/mysql/dialup.conf
including configuration file /etc/raddb/policy.conf
including files in directory /etc/raddb/sites-enabled/
including configuration file /etc/raddb/sites-enabled/inner-tunnel
including configuration file /etc/raddb/sites-enabled/control-socket
including configuration file /etc/raddb/sites-enabled/default
group = radiusd
user = radiusd
including dictionary file /etc/raddb/dictionary
main {
prefix = /usr
localstatedir = /var
logdir = /var/log/radius
libdir = /usr/lib/freeradius
radacctdir = /var/log/radius/radacct
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
allow_core_dumps = no
pidfile = /var/run/radiusd/radiusd.pid
checkrad = /usr/sbin/checkrad
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = no
auth_badpass = no
auth_goodpass = no
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
radiusd: Loading Realms and Home Servers
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
Re: Dialup Admin
Hi,
radiusd -X is of no use in debugging dialup admin. It's a PHP tool
running on a web server, whereas FreeRADIUS' radiusd is a stand-alone
process doing RADIUS.
Their only interface is that FreeRADIUS writes into a DB, and dialup
admin reads data from that same DB; the two sides of it use a common
schema. You need to configure both sides regarding database hostname,
username, password. Setting it in raddb/* is NOT doing any good.
So, if your dialup admin throws an error - look at the web server's
error log. It will help you much more.
Greetings,
Stefan Winter
Am 19.09.2011 05:14, schrieb shawky skaff:
Hi,
I am having issues viewing content on the dialup screen, I can see the
html links, when I select one of them say acconuting I just receive a
error saying DEBUG(SQL,MYSQL DRIVER): Connect: User=root,Password=*
*I have allowed all sql options in site-enabled default file.
Running radiusd -X gives me the following output
[root@radius conf]# radiusd -X
FreeRADIUS Version 2.1.7, for host i686-redhat-linux-gnu, built on Mar
31 2010 at 00:25:31
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/proxy.conf
including configuration file /etc/raddb/clients.conf
including files in directory /etc/raddb/modules/
including configuration file /etc/raddb/modules/counter
including configuration file /etc/raddb/modules/etc_group
including configuration file /etc/raddb/modules/attr_rewrite
including configuration file /etc/raddb/modules/smbpasswd
including configuration file /etc/raddb/modules/mschap
including configuration file /etc/raddb/modules/logintime
including configuration file /etc/raddb/modules/always
including configuration file /etc/raddb/modules/ippool
including configuration file /etc/raddb/modules/sql_log
including configuration file /etc/raddb/modules/detail.log
including configuration file /etc/raddb/modules/expiration
including configuration file /etc/raddb/modules/echo
including configuration file /etc/raddb/modules/checkval
including configuration file /etc/raddb/modules/acct_unique
including configuration file /etc/raddb/modules/sradutmp
including configuration file /etc/raddb/modules/unix
including configuration file /etc/raddb/modules/exec
including configuration file /etc/raddb/modules/attr_filter
including configuration file /etc/raddb/modules/wimax
including configuration file /etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /etc/raddb/modules/perl
including configuration file /etc/raddb/modules/preprocess
including configuration file /etc/raddb/modules/pam
including configuration file /etc/raddb/modules/files
including configuration file /etc/raddb/modules/linelog
including configuration file /etc/raddb/modules/expr
including configuration file /etc/raddb/modules/otp
including configuration file /etc/raddb/modules/inner-eap
including configuration file /etc/raddb/modules/detail.example.com
including configuration file /etc/raddb/modules/digest
including configuration file /etc/raddb/modules/mac2ip
including configuration file /etc/raddb/modules/realm
including configuration file /etc/raddb/modules/radutmp
including configuration file /etc/raddb/modules/detail
including configuration file /etc/raddb/modules/cui
including configuration file /etc/raddb/modules/smsotp
including configuration file /etc/raddb/modules/mac2vlan
including configuration file /etc/raddb/modules/chap
including configuration file /etc/raddb/modules/passwd
including configuration file /etc/raddb/modules/policy
including configuration file /etc/raddb/modules/pap
including configuration file /etc/raddb/eap.conf
including configuration file /etc/raddb/sql.conf
including configuration file /etc/raddb/sql/mysql/dialup.conf
including configuration file /etc/raddb/policy.conf
including files in directory /etc/raddb/sites-enabled/
including configuration file /etc/raddb/sites-enabled/inner-tunnel
including configuration file /etc/raddb/sites-enabled/control-socket
including configuration file /etc/raddb/sites-enabled/default
group = radiusd
user = radiusd
including dictionary file /etc/raddb/dictionary
main {
prefix = /usr
localstatedir = /var
logdir = /var/log/radius
libdir = /usr/lib/freeradius
radacctdir = /var/log/radius/radacct
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
allow_core_dumps = no
pidfile = /var/run/radiusd/radiusd.pid
checkrad = /usr/sbin/checkrad
debug_level = 0
proxy_requests = yes
log {
TWO NAS but NASIPAddress is 127.0.0.1 ?
client 127.0.0.1
{
secret = test123
shortname = localhost
nastype = other
}
client 175.222.xxx.xx
{
secret = test111
shortname = 175.222.xxx.xx
}
NAS localhost user
select * from radippool where UserName='nas1user';
NASIPAddress=127.0.0.1
NAS 175.222.xxx.xx user
select * from radippool where UserName='nas2user';
NASIPAddress=127.0.0.1
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: TWO NAS but NASIPAddress is 127.0.0.1 ?
sekchel lee wrote: Ask a question. It's not hard. If this issue is not important enough to write a useful message, it's not important enough for us to give a useful reply. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Proxy(-like)+Cache configuration
hi. can I make a configuration where I have a radius server which authenticates over an external radius (basically a proxy), but caches the successful logins, so that known users won't get asked upstream (at least for a certain time)? I don't want to replicate the backend database. Thanks. -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ Via Carlo Torri Tarelli 19 - 23900 Lecco - ITALY - Tel 0341 220 205 - Fax 178 6070 222 GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it D.Lgs. 196/2003 Si avverte che tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile. Grazie. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Proxy(-like)+Cache configuration
On 19/09/11 11:10, Lorenzo Milesi wrote: hi. can I make a configuration where I have a radius server which authenticates over an external radius (basically a proxy), but caches the successful logins, so that known users won't get asked upstream (at least for a certain time)? If the authentication protocol is PAP, yes. You would need to use the post-auth section to create some kind of cache entry, and check it on future requests. But it's a bad idea. For any other authentication protocol (CHAP, EAP), no. I don't want to replicate the backend database. Just replicate it. It'll be far easier than trying to hack something up. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MySQL performance
Hi. I have a Freeradius server with MySQL backend, which has worked great so far. Right now we're increasing the users accounting here, and we're facing some login issues. Freeradius is used as an accounting service for Chillispot. I tried increasing num_sql_socks to 14, and raised thread_concurrency to 8 in my.cnf, but yet on the client I get radius errors. Could it be related to database performance? Server load is normally below 0.10, cpu mostly unused. In radius.log I see no errors. But on the client: radius.c: 235: No such id in radius queue: 76! radius.c: 1473: Matching request was not found in queue: 76! chilli.c: 3696: radius_ind() failed! which can mean slow response times from the server. Sadly I have no way to increase radius request timeout on the client. I believe it's not an issue with connection because I'm seeing this problem also on clients which always ran fine before the user increase. How can I check FreeRadius is not suffering too many requests? thanks -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ Via Carlo Torri Tarelli 19 - 23900 Lecco - ITALY - Tel 0341 220 205 - Fax 178 6070 222 GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it D.Lgs. 196/2003 Si avverte che tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile. Grazie. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Proxy(-like)+Cache configuration
On Mon, Sep 19, 2011 at 5:10 PM, Lorenzo Milesi lorenzo.mil...@yetopen.it wrote: hi. can I make a configuration where I have a radius server which authenticates over an external radius (basically a proxy), but caches the successful logins, so that known users won't get asked upstream (at least for a certain time)? I don't want to replicate the backend database. There's cache module, but it's still marked as experimental: https://github.com/alandekok/freeradius-server/blob/v2.1.x/raddb/experimental.conf (look for cache) You need to recompile from source and use ./configure --with-experimental-modules. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
sqlippool problem 2 NAS
--no Problem-- nas1 (localhost) Only one NAS login and logout No problem --Problem-- nas1 (localhost) nas2(remote) Username NASIPAddress CalledStationIdCallingStationID expiry_timepool_key user1 127.0.0.1 1xx.2xx.3xx.1 2011-09-19 20:00:00 0 user2 127.0.0.1 1xx.3xx.3xx.22011-09-29 20:21:13 10 user3 127.0.0.1 1xx.4xx.3xx.32011-09-29 20:21:13 9 user4 127.0.0.1 1xx.5xx.3xx.42011-09-29 20:21:13 4 Now time is 2011-09-19 20:00:00 user5 login... Username NASIPAddress CalledStationIdCallingStationID expiry_timepool_key user1 2011-09-19 20:00:00 0 user2 127.0.0.1 1xx.3xx.3xx.22011-09-29 20:21:13 10 user3 127.0.0.1 1xx.4xx.3xx.32011-09-29 20:21:13 9 user4 127.0.0.1 1xx.5xx.3xx.42011-09-29 20:21:13 4 user5 127.0.0.1 1xx.6xx.3xx.52011-09-29 20:21:13 0 NASIPAddress,CallingStationID,pool_key is random over time nas1 10 user connect nas2 8 user connect but sqlippool is Username NASIPAddress CalledStationIdCallingStationID expiry_timepool_key user1 2011-09-19 20:00:00 0 user2 127.0.0.1 1xx.3xx.3xx.22011-09-29 20:21:13 10 user3 127.0.0.1 1xx.4xx.3xx.32011-09-29 20:21:13 9 user4 127.0.0.1 1xx.5xx.3xx.42011-09-29 20:21:13 4 user5 127.0.0.1 1xx.6xx.3xx.52011-09-29 20:21:13 0 user6 2011-09-19 20:00:00 0 user7 2011-09-19 20:00:00 0 user8 2011-09-19 20:00:00 0 user5 127.0.0.1 1xx.9xx.3xx.92011-09-29 20:21:13 20 .. .. nas1(localhost) no problem nas1(localhost) + nas2(remote) == This problem Help me. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need a little regex help
I found a nifty little tool a while back that has really helped me with
difficult regex's it's called RegexDesigner and runs fine on 64bit Win 7.
There is a simple GUI that shows you the regex, and helps you build it, then
you can give it some input and it will how you the outcome ... handy little
tool.
Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton, Texas
76513
Fone: 254-295-4658
Phax: 254-295-4221
-Original Message-
From: freeradius-users-bounces+jake.sallee=umhb@lists.freeradius.org
[mailto:freeradius-users-bounces+jake.sallee=umhb@lists.freeradius.org] On
Behalf Of Commonn Systems
Sent: Friday, September 16, 2011 8:51 PM
To: FreeRadius users mailing list
Subject: Re: Need a little regex help
I guess all the regex gurus will laugh at my request I figured it out, for
others, looks like this works: .*:SSID_ABC !
On 9/16/2011 6:22 PM, Commonn Systems wrote:
Hello list!
After reading the list pretty much everyday for a month now, going
through the docs, manuals and a lot of googling (which always brought
me back to the list anyway), I have finally decided which way to go to
filter access to two SSIDs, for 2 groups.
I am using FR 2.1.11 on Debian squeeze, against an AD domain with LDAP
membership lookup. I have 5 AP registered with FR, they each have 2
SSIDs that show in the request as MACADDRESS:SSID_ABC.
Based on Phil Mayers on this post,
http://freeradius.1045715.n5.nabble.com/How-do-I-have-one-Freeradius-server-hosting-multiple-ldap-instances-and-associate-each-SSID-with-pare-td2847210.html#a2850433
,
I would like to match the last 8 characters of the Called-Station-Id,
SSID_ABC
authorize {
if (Called-Sation-Id == SOMEREGEX:SSID_ABC) {
update request {
Tmp-String-0 = Staff
}
}
elsif (Called-Sation-Id == SOMEREGEX:SSID_DEF) {
update request {
Tmp-String-0 = Students
}
}
}
Everything is working great, this is the last piece of the puzzle to
finalize the project.
I understand, this does not have anything to do with the wonderful
software that freeradius is, but from what I have read, lots of people
on this list are very skilled with regex. Thank you so much for all
the work and help you put in here.
Tossi
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MySQL performance
On Mon, Sep 19, 2011 at 7:33 PM, Lorenzo Milesi lorenzo.mil...@yetopen.it wrote: Hi. I have a Freeradius server with MySQL backend, which has worked great so far. Right now we're increasing the users accounting here, and we're facing some login issues. Freeradius is used as an accounting service for Chillispot. I tried increasing num_sql_socks to 14, and raised thread_concurrency to 8 in my.cnf, but yet on the client I get radius errors. Could it be related to database performance? Server load is normally below 0.10, cpu mostly unused. is the db on the same server as freeradius? In radius.log I see no errors. But on the client: radius.c: 235: No such id in radius queue: 76! radius.c: 1473: Matching request was not found in queue: 76! chilli.c: 3696: radius_ind() failed! which can mean slow response times from the server. Sadly I have no way to increase radius request timeout on the client. I believe it's not an issue with connection because I'm seeing this problem also on clients which always ran fine before the user increase. How can I check FreeRadius is not suffering too many requests? there should be something on FR log file. If not, then run the server in debug mode and see which part is slow or spitting out errors. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MySQL performance
Lorenzo Milesi wrote: Hi. I have a Freeradius server with MySQL backend, which has worked great so far. Right now we're increasing the users accounting here, and we're facing some login issues. Freeradius is used as an accounting service for Chillispot. I tried increasing num_sql_socks to 14, and raised thread_concurrency to 8 in my.cnf, but yet on the client I get radius errors. Could it be related to database performance? Yes. Fix the database. Server load is normally below 0.10, cpu mostly unused. In radius.log I see no errors. But on the client: radius.c: 235: No such id in radius queue: 76! radius.c: 1473: Matching request was not found in queue: 76! chilli.c: 3696: radius_ind() failed! which can mean slow response times from the server. Sadly I have no way to increase radius request timeout on the client. Don't. Fix the database so that it isn't too slow. I believe it's not an issue with connection because I'm seeing this problem also on clients which always ran fine before the user increase. How can I check FreeRadius is not suffering too many requests? See the logs. If the DB is slow, the logs will usually say. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius Performance
Freeradius Performance My computer Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz RAM 2GB CentOS 5.5 NAS Client pptp and openvpn each NAS user 100 ~ 300 How many NAS Client ? The ? NAS How much bandwidth? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: 2.1.12 potential problem...
Hi,
I have upgraded to version 2.1.12 but its givin error for
rlm_sql_postgresql. (For solving the problem on post Reverting
Accept-Reject to Access-Accept.
radiusd -X
FreeRADIUS Version 2.1.12, for host i686-pc-linux-gnu, built on Sep 19 2011
at 17:42:41
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/rediswho
including configuration file /usr/local/etc/raddb/modules/opendirectory
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/smsotp
including configuration file /usr/local/etc/raddb/modules/dynamic_clients
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/otp
including configuration file /usr/local/etc/raddb/modules/replicate
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/cui
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file
/usr/local/etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /usr/local/etc/raddb/modules/redis
including configuration file /usr/local/etc/raddb/modules/soh
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file /usr/local/etc/raddb/modules/perl
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/ntlm_auth
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/sql.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/default
including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
including configuration file
/usr/local/etc/raddb/sites-enabled/control-socket
main {
allow_core_dumps = no
}
including dictionary file /usr/local/etc/raddb/dictionary
main {
name = radiusd
prefix = /usr/local
localstatedir = /usr/local/var
sbindir = /usr/local/sbin
logdir = /usr/local/var/log/radius
run_dir = /usr/local/var/run/radiusd
libdir = /usr/local/lib
radacctdir = /usr/local/var/log/radius/radacct
RE: Freeradius Performance
There is a tool to test the maximum RADIUS requests per second your setup can handle. As for the max number of clients / NAS, that will be determined by the hardware of the NAS. As for what type of NAS ... do you really expect us to do your shopping for you? By bandwidth, I assume you mean RADIUS bandwidth. That will depend on the type of authentication and NAS used. But for 300 clients almost any user class broadband connection will suffice (in my opinion, others may know better) Please, if there is a language barrier here that is stopping you from posting sensible questions and supporting information, at least seek out an online translator so we may rake through broken English. Very few of us have time to attempt to decode your messages. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: freeradius-users-bounces+jake.sallee=umhb@lists.freeradius.org [mailto:freeradius-users-bounces+jake.sallee=umhb@lists.freeradius.org] On Behalf Of sekchel lee Sent: Monday, September 19, 2011 9:55 AM To: freeradius-users Subject: Freeradius Performance Freeradius Performance My computer Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz RAM 2GB CentOS 5.5 NAS Client pptp and openvpn each NAS user 100 ~ 300 How many NAS Client ? The ? NAS How much bandwidth? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: 2.1.12 potential problem...
denizaydin wrote: Hi, I have upgraded to version 2.1.12 but its givin error for rlm_sql_postgresql. (For solving the problem on post Reverting Accept-Reject to Access-Accept. ... Could not link driver rlm_sql_postgresql: rlm_sql_postgresql.so: cannot open shared object file: No such file or directory Make sure it (and all its dependent libraries!) are in the search path of your system's ld. /usr/local/etc/raddb/sql.conf[21]: Instantiation failed for module sql /usr/local/etc/raddb/sites-enabled/default[14]: Failed to load module sql. /usr/local/etc/raddb/sites-enabled/default[14]: Failed to parse sql entry. shrug See the FAQ. See also the configure and make process. Read the output. Nothing else can debug the reason why the postgresql module isn't there. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius + Fedora-DS + EAP-MSCHAPv2 for WIFI/AP authentication
Hello.
People, i've read a lot about the WIFI/AP authentication over Freeradius
using LDAP but it seems i cannot make it work unless i use clear-text
password or Nt/Lmpassword which as far as i know implies in Samba + LDAP
integration.
My question is, is that really the only way to make freeradius authenticate
users using a LDAP database?
Do i need to have samba + ldap to authenticate WIFI users using freeradius +
LDAP with EAP-MSCHAPv2?
If so, is there any other solution to authenticate Windows WIFI users
without using a 3rd party wifi supplicant?
Definetely, theres no other way i can use freeradius and fedora-ds without
Samba/clear-text password OR a 3rd party supplicant that supports EAP/PAP?
With my current configuration i was able to authenticate LDAP users with
clear-text password but thats not i really want as a WIFI authentication
solution. My goal is to use freeradius to authenticate WIFI users using a
LDAP database and without the need of use a non-native Windows application.
Here goes my debug using a encrypted user password (which fails):
*FreeRADIUS Version 2.1.10, for host x86_64-redhat-linux-gnu, built on Mar
25 2011 at 10:54:38
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/proxy.conf
including configuration file /etc/raddb/clients.conf
including files in directory /etc/raddb/modules/
including configuration file /etc/raddb/modules/pap
including configuration file /etc/raddb/modules/mac2vlan
including configuration file /etc/raddb/modules/sradutmp
including configuration file /etc/raddb/modules/pam
including configuration file /etc/raddb/modules/exec
including configuration file /etc/raddb/modules/radutmp
including configuration file /etc/raddb/modules/mschap
including configuration file /etc/raddb/modules/ldap
including configuration file /etc/raddb/modules/ippool
including configuration file /etc/raddb/modules/wimax
including configuration file /etc/raddb/modules/smbpasswd
including configuration file /etc/raddb/modules/attr_filter
including configuration file /etc/raddb/modules/realm
including configuration file /etc/raddb/modules/detail.log
including configuration file /etc/raddb/modules/passwd
including configuration file /etc/raddb/modules/perl
including configuration file /etc/raddb/modules/inner-eap
including configuration file /etc/raddb/modules/ntlm_auth
including configuration file /etc/raddb/modules/sql_log
including configuration file /etc/raddb/modules/dynamic_clients
including configuration file /etc/raddb/modules/otp
including configuration file /etc/raddb/modules/cui
including configuration file /etc/raddb/modules/expiration
including configuration file /etc/raddb/modules/opendirectory
including configuration file /etc/raddb/modules/unix
including configuration file /etc/raddb/modules/attr_rewrite
including configuration file /etc/raddb/modules/linelog
including configuration file /etc/raddb/modules/checkval
including configuration file /etc/raddb/modules/detail.example.com
including configuration file /etc/raddb/modules/policy
including configuration file /etc/raddb/modules/acct_unique
including configuration file /etc/raddb/modules/chap
including configuration file /etc/raddb/modules/expr
including configuration file /etc/raddb/modules/smsotp
including configuration file /etc/raddb/modules/logintime
including configuration file /etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /etc/raddb/modules/etc_group
including configuration file /etc/raddb/modules/always
including configuration file /etc/raddb/modules/mac2ip
including configuration file /etc/raddb/modules/counter
including configuration file /etc/raddb/modules/preprocess
including configuration file /etc/raddb/modules/echo
including configuration file /etc/raddb/modules/digest
including configuration file /etc/raddb/modules/files
including configuration file /etc/raddb/modules/detail
including configuration file /etc/raddb/eap.conf
including configuration file /etc/raddb/policy.conf
including files in directory /etc/raddb/sites-enabled/
including configuration file /etc/raddb/sites-enabled/inner-tunnel
including configuration file /etc/raddb/sites-enabled/default
including configuration file /etc/raddb/sites-enabled/control-socket
main {
user = radiusd
group = radiusd
allow_core_dumps = no
}
including dictionary file /etc/raddb/dictionary
main {
prefix = /usr
localstatedir = /var
logdir = /var/log/radius
libdir = /usr/lib64/freeradius
radacctdir = /var/log/radius/radacct
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests
Multiple NAS configuration
Hello all, How to configure multiple NAS (NAS-IP-Address) in freeradius? Which radius database's table should I add NAS-IP-Address attributes? Anyone advise me? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
