Problem in configuring rlm_perl with FreeRADIUS Version 2.1.7
Hi, I have configured FreeRADIUS Version 2.1.7 up and running. I wanted to use rlm_perl to process Authenticat, Accounting and all RADIUS requests. I have tried configuring after going through http://wiki.freeradius.org/Rlm_perl In the web page its written to do the following steps: In the users file comment the 'DEFAULT Auth-Type = System' lines, and then add: DEFAULT Auth-Type = Perl Fall-Through = yes When I am adding this section in users file and running radiusd -X, I am getting the following error in the last 4 lines of startup it exits /etc/raddb/users[205]: Parse error (check) for entry DEFAULT: Unknown value Perl for attribute Auth-Type Errors reading /etc/raddb/users /etc/raddb/modules/files[7]: Instantiation failed for module files /etc/raddb/sites-enabled/inner-tunnel[111]: Failed to find module files. /etc/raddb/sites-enabled/inner-tunnel[34]: Errors parsing authorize section. Request help. Regards, Ratnesh - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
problem with packet management on freebsd
Hi, i have the problem with packet management running on freebsd: FreeBSD# pkg_add -r freeradius-mysql-1.1.8_4.tbz Error: Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/Latest/freeradius-mysql-1.1.8_4.tbz: File unavailable (e.g., file not found, no access) pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/Latest/freeradius-mysql-1.1.8_4.tbz' by URL but i can access by ftp ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/Latest/ and download freeradius-mysql-1.1.8_4.tbz what can be a problem? thanks -- View this message in context: http://freeradius.1045715.n5.nabble.com/problem-with-packet-management-on-freebsd-tp5051348p5051348.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem in configuring rlm_perl with FreeRADIUS Version 2.1.7
1, use freeradius 2.1.12 2, don't set auth-type, just add 'perl' module to the AAA sections in the virtual-servers that you need alan -- Message may be brief as it has been sent from my mobile - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem with packet management on freebsd
On Tue, Dec 6, 2011 at 3:01 PM, tolik_shavlov...@mail.ru tolik_shavlov...@mail.ru wrote: Hi, i have the problem with packet management running on freebsd: FreeBSD# pkg_add -r freeradius-mysql-1.1.8_4.tbz Error: Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/Latest/freeradius-mysql-1.1.8_4.tbz: File unavailable (e.g., file not found, no access) pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/Latest/freeradius-mysql-1.1.8_4.tbz' by URL but i can access by ftp ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/Latest/ and download freeradius-mysql-1.1.8_4.tbz what can be a problem? thanks You should really ask freebsd maintainters for that. It's unlikely that anyone on this list will be able to help you. I wouldn't recommend you use FR-1.x though. Following the link from http://wiki.freeradius.org/Packages: http://www.freebsd.org/cgi/ports.cgi?query=freeradiusamp;stype=allamp;sektion=net There's a link there for up-to-date 2.1.12. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem with packet management on freebsd
This isn't a freeradius problem. Ask on the FreeBSD mailing list, seems to be a pkg manager issue. However, 1.1.8 ??? Really ?? I'd strongly advise to leave that well alone (for a start, if you post questions to this list you'll be told to upgrade) and get latest 2.1.x release alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[2]: problem with packet management on freebsd
Hi, thanks for your answer. but your link http://www.freebsd.org/cgi/ports.cgi?query=freeradiusamp;stype=allamp;sektion=net has th anly fr-mysql version: freeradius-mysql-1.1.8_4 i need freebsd FR version with mysql. BR, 06 декабря 2011, 12:12 от Fajar A. Nugraha l...@fajar.net: On Tue, Dec 6, 2011 at 3:01 PM, tolik_shavlov...@mail.ru tolik_shavlov...@mail.ru wrote: Hi, i have the problem with packet management running on freebsd: FreeBSD# pkg_add -r freeradius-mysql-1.1.8_4.tbz Error: Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/Latest/freeradius-mysql-1.1.8_4.tbz: File unavailable (e.g., file not found, no access) pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/Latest/freeradius-mysql-1.1.8_4.tbz' by URL but i can access by ftp ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/Latest/ and download freeradius-mysql-1.1.8_4.tbz what can be a problem? thanks You should really ask freebsd maintainters for that. It's unlikely that anyone on this list will be able to help you. I wouldn't recommend you use FR-1.x though. Following the link from http://wiki.freeradius.org/Packages: http://www.freebsd.org/cgi/ports.cgi?query=freeradiusamp;stype=allamp;sektion=net There's a link there for up-to-date 2.1.12. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re[2]: problem with packet management on freebsd
2011/12/6 Толик Шавловский tolik_shavlov...@mail.ru: Hi, thanks for your answer. but your link http://www.freebsd.org/cgi/ports.cgi?query=freeradiusamp;stype=allamp;sektion=net has th anly fr-mysql version: freeradius-mysql-1.1.8_4 i need freebsd FR version with mysql. (1) Try 2.1.12, or ask freebsd maintainers, just in case it already has mysql support, OR (2) build it yourself: http://wiki.freeradius.org/Build If you have mysql header and libraries on your system, the resulting binary should have mysql support. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[4]: problem with packet management on freebsd
I used version 2.1.12 and it didn't have mysql driver . thats from my previous version: FreeBSD# locate rlm_sql /usr/local/lib/freeradius-2.1.9/rlm_sql-2.1.9.la /usr/local/lib/freeradius-2.1.9/rlm_sql-2.1.9.so /usr/local/lib/freeradius-2.1.9/rlm_sql.a /usr/local/lib/freeradius-2.1.9/rlm_sql.la /usr/local/lib/freeradius-2.1.9/rlm_sql.so /usr/local/lib/freeradius-2.1.9/rlm_sql_log-2.1.9.la /usr/local/lib/freeradius-2.1.9/rlm_sql_log-2.1.9.so /usr/local/lib/freeradius-2.1.9/rlm_sql_log.a /usr/local/lib/freeradius-2.1.9/rlm_sql_log.la /usr/local/lib/freeradius-2.1.9/rlm_sql_log.so /usr/local/lib/freeradius-2.1.9/rlm_sqlcounter-2.1.9.la /usr/local/lib/freeradius-2.1.9/rlm_sqlcounter-2.1.9.so /usr/local/lib/freeradius-2.1.9/rlm_sqlcounter.a /usr/local/lib/freeradius-2.1.9/rlm_sqlcounter.la /usr/local/lib/freeradius-2.1.9/rlm_sqlcounter.so /usr/local/lib/freeradius-2.1.9/rlm_sqlippool-2.1.9.la /usr/local/lib/freeradius-2.1.9/rlm_sqlippool-2.1.9.so /usr/local/lib/freeradius-2.1.9/rlm_sqlippool.a /usr/local/lib/freeradius-2.1.9/rlm_sqlippool.la /usr/local/lib/freeradius-2.1.9/rlm_sqlippool.so /usr/local/man/man5/rlm_sql.5.gz /usr/local/man/man5/rlm_sql_log.5.gz /usr/local/share/doc/freeradius/rlm_sql /usr/local/share/doc/freeradius/rlm_sqlcounter /usr/local/share/doc/freeradius/rlm_sqlippool 06 декабря 2011, 12:45 от Fajar A. Nugraha-2 [via FreeRadius] ml-node+s1045715n5051444...@n5.nabble.com: 2011/12/6 Толик Шавловский [hidden email]: Hi, thanks for your answer. but your link http://www.freebsd.org/cgi/ports.cgi?query=freeradiusamp;stype=allamp;sektion=net has th anly fr-mysql version: freeradius-mysql-1.1.8_4 i need freebsd FR version with mysql. (1) Try 2.1.12, or ask freebsd maintainers, just in case it already has mysql support, OR (2) build it yourself: http://wiki.freeradius.org/Build If you have mysql header and libraries on your system, the resulting binary should have mysql support. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- If you reply to this email, your message will be added to the discussion below: http://freeradius.1045715.n5.nabble.com/problem-with-packet-management-on-freebsd-tp5051348p5051444.html To unsubscribe from problem with packet management on freebsd, click here. NAML -- View this message in context: http://freeradius.1045715.n5.nabble.com/problem-with-packet-management-on-freebsd-tp5051348p5051456.html Sent from the FreeRadius - User mailing list archive at Nabble.com.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re[4]: problem with packet management on freebsd
On Tue, Dec 6, 2011 at 3:54 PM, tolik_shavlov...@mail.ru tolik_shavlov...@mail.ru wrote: I used version 2.1.12 and it didn't have mysql driver . Then build the package yourself. It shouldn't bee too hard. I you had used Ubuntu, I can give you the link for the latest package. But since you use freebsd, then you're on your own :) -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[6]: problem with packet management on freebsd
ok. thanks for helps. 06 декабря 2011, 13:01 от Fajar A. Nugraha l...@fajar.net: On Tue, Dec 6, 2011 at 3:54 PM, tolik_shavlov...@mail.ru tolik_shavlov...@mail.ru wrote: I used version 2.1.12 and it didn't have mysql driver . Then build the package yourself. It shouldn't bee too hard. I you had used Ubuntu, I can give you the link for the latest package. But since you use freebsd, then you're on your own :) -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Expiration email
Thanks for the reply. I am also trying same but couldn't compare with the field on the database as Expiration attribute use character value. I wish someone give me any idea on comparing those parameter inside database. From: Marinko Tarlać mangi...@gmail.com To: freeradius-users@lists.freeradius.org Sent: Tuesday, December 6, 2011 1:33 PM Subject: Re: Expiration email If you're asking me, I wouldn't mess with freeradius. Maybe the better idea is to create a small cron script which can read the database and send email according to the date and the time diff you want (1, 2, 3 etc days before the expiration) On 12/6/2011 3:54 AM, john decot wrote: Hi, I am looking for how to send email before expiration of account. The value used for the expiration in radius is character format. So, I would like to know how to compare the expiration data and send email accordingly. Thanks in advance. John. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Expiration email
On Tue, Dec 6, 2011 at 7:22 PM, john decot johnde...@yahoo.com wrote: Thanks for the reply. I am also trying same but couldn't compare with the field on the database as Expiration attribute use character value. I wish someone give me any idea on comparing those parameter inside database. Several ways I can think of (completely untested): (1) Use http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html#function_str-to-date (or whatever equivalent function in your db) to convert the column to date before comparison (2) Pick a time to alert the user (e.g. ONE WEEK before expiration), then use whatever programming language of your choice (e.g. php) to convert the date into the format used in expiration attribute (e.g. using date_format). Then you only need to compare for exact string match. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Expiration email
Everything can be found via Google in less than 1 minute. On 12/6/2011 1:22 PM, john decot wrote: Thanks for the reply. I am also trying same but couldn't compare with the field on the database as Expiration attribute use character value. I wish someone give me any idea on comparing those parameter inside database. *From:* Marinko Tarlać mangi...@gmail.com *To:* freeradius-users@lists.freeradius.org *Sent:* Tuesday, December 6, 2011 1:33 PM *Subject:* Re: Expiration email If you're asking me, I wouldn't mess with freeradius. Maybe the better idea is to create a small cron script which can read the database and send email according to the date and the time diff you want (1, 2, 3 etc days before the expiration) On 12/6/2011 3:54 AM, john decot wrote: Hi, I am looking for how to send email before expiration of account. The value used for the expiration in radius is character format. So, I would like to know how to compare the expiration data and send email accordingly. Thanks in advance. John. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP/TLS authentication in 2050
why? really, why? wat purpose does testing these dates have - you really think your current infrastructure, and techologies such as 802.1X are going to be around in the same format in even 20 years time? No, of course not:) This is my curiosity led me to test such date. anywayI'm guessing these are 32 bit server and client OS ? you may find, in that case, that your tests will work until you set the date beyond 2037 - 32bit OS have problems with dates after 2038 so, try this with KNOWN parameters - eg 2020 , within the 2038 timeframe and things should work. The server is running SLES 11 SP1 (x86_64), a workstation running Windows XP SP3 (32bit). Authentication is successful until February 1, 2050, ie for example if you logged in December 31, 2049, then the authentication is successful. A little later, try the client computer under the control of 64bit. the results announced later. I tried on a 64 bit computer. The same result. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Linking Shared/Static library in Freeradius Module
Hello, I am writing a FreeRadius (Version 2) module for version Freeradius 2.1.10 . The module works fine. When i want to link a shared/static library from the Makefile of the module i get errors. I link to a static library and i run radius server with the module ( radiusd -X) then i get the error: /usr/local/etc/raddb/radiusd.conf[665]: Failed to link to module 'rlm_itap': file not found makefile of the freeradius module : *VERS = 2.1.10 CFLAGS = -DNDEBUG -Wall -I/usr/include \ -I/usr/ports/net/freeradius2/work/freeradius-server-$(VERS)/src LIBS= -lc -L. icc-wrapper.a ALL:rlm_itap.o rlm_itap-$(VERS).so* rlm_itap is the name of my module. When i remove *icc-wrapper.a , everything works fine. *For the shared library case. Everything works fine until the function from the shared library is called inside the module. I got the error: /libexec/ld-elf.so.1: /usr/local/lib/freeradius-2.1.10/rlm_itap.so: Undefined symbol sendiccmsg in that case. sendiccmsg is the only function i have in my shared library. The makefile of the freeradius module: VERS = 2.1.10 CFLAGS = -DNDEBUG -Wall -I/usr/include \ -I/usr/ports/net/freeradius2/work/freeradius-server-$(VERS)/src LIBS= -lc icc-wrapper.so ALL:rlm_itap.o rlm_itap-$(VERS).so rlm_itap.o:rlm_itap.c cc -g -fPIC -DPIC -c $(CFLAGS) rlm_itap.c rlm_itap-$(VERS).so:rlm_itap.o cc -g -shared -Wl,-soname,rlm_itap-$(VERS).so \ -o rlm_itap-$(VERS).so rlm_itap.o $(LIBS) install:ALL install rlm_itap-$(VERS).so /usr/local/lib/freeradius-$(VERS) ln -fs rlm_itap-$(VERS).so /usr/local/lib/freeradius-$(VERS)/rlm_itap.so clean: rm rlm_itap*.o rlm_itap*.so The static/shred library i am using is compiled as a C++ library with extern C in front of function definitions. Regards Resit Sahin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius2 installation error
freeradius-2.1.12 depends on executable: gmake - found === freeradius-2.1.12 depends on file: /usr/local/bin/perl5.12.4 - found === freeradius-2.1.12 depends on file: /usr/local/bin/autoconf-2.68 - found === freeradius-2.1.12 depends on package: libtool=2.4 - found === freeradius-2.1.12 depends on shared library: gdbm.4 - found === freeradius-2.1.12 depends on shared library: krb5.26 - not found ===Verifying install for krb5.26 in /usr/ports/security/heimdal === heimdal-1.4_1 depends on file: /usr/local/lib/libcrack.a - found === heimdal-1.4_1 depends on file: /usr/local/bin/autoconf-2.68 - found === heimdal-1.4_1 depends on package: libtool=2.4 - found === heimdal-1.4_1 depends on executable: pkg-config - found === heimdal-1.4_1 depends on shared library: ldap-2.4.8 - not found ===Verifying install for ldap-2.4.8 in /usr/ports/net/openldap24-client === Vulnerability check disabled, database not found === License OPENLDAP accepted by the user === Found saved configuration for openldap-client-2.4.26 === Extracting for openldap-sasl-client-2.4.26 = SHA256 Checksum OK for openldap-2.4.26.tgz. === Patching for openldap-sasl-client-2.4.26 === Applying FreeBSD patches for openldap-sasl-client-2.4.26 === openldap-sasl-client-2.4.26 depends on package: libtool=2.4 - found === openldap-sasl-client-2.4.26 depends on shared library: sasl2.2 - not found ===Verifying install for sasl2.2 in /usr/ports/security/cyrus-sasl2 === cyrus-sasl-2.1.25_1 is marked as broken: SQLITE and SQLITE3 are mutually exclusive.. *** Error code 1 Stop in /usr/ports/security/cyrus-sasl2. *** Error code 1 Stop in /usr/ports/net/openldap24-client. *** Error code 1 Stop in /usr/ports/net/openldap24-client. *** Error code 1 Stop in /usr/ports/security/heimdal. *** Error code 1 Stop in /usr/ports/security/heimdal. *** Error code 1 Stop in /usr/ports/net/freeradius2. *** Error code 1 Stop in /usr/ports/net/freeradius2. == Hi, freeradius2 has error while installing under freebsd. I made (make clean), and againt make install clean ...always the same error. what can be the problem? thanks -- View this message in context: http://freeradius.1045715.n5.nabble.com/freeradius2-installation-error-tp5052326p5052326.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius2 installation error
On Tue, Dec 6, 2011 at 9:59 PM, tolik_shavlov...@mail.ru tolik_shavlov...@mail.ru wrote: freeradius-2.1.12 depends on executable: gmake - found === freeradius-2.1.12 depends on file: /usr/local/bin/perl5.12.4 - found == Hi, freeradius2 has error while installing under freebsd. I made (make clean), and againt make install clean ...always the same error. what can be the problem? Did you folllow http://wiki.freeradius.org/Build#Building+from+Source ? If you did, it should work, and it shouldn't generate those messages. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[2]: freeradius2 installation error
but i want to build from /usr/ports, beacause such freeradisu propose mysql module. freeradius-2.1.2 form source doesn't include mysql module. 06 декабря 2011, 19:16 от Fajar A. Nugraha-2 [via FreeRadius] ml-node+s1045715n5052385...@n5.nabble.com: On Tue, Dec 6, 2011 at 9:59 PM, [hidden email] [hidden email] wrote: freeradius-2.1.12 depends on executable: gmake - found === freeradius-2.1.12 depends on file: /usr/local/bin/perl5.12.4 - found == Hi, freeradius2 has error while installing under freebsd. I made (make clean), and againt make install clean ...always the same error. what can be the problem? Did you folllow http://wiki.freeradius.org/Build#Building+from+Source ? If you did, it should work, and it shouldn't generate those messages. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- If you reply to this email, your message will be added to the discussion below: http://freeradius.1045715.n5.nabble.com/freeradius2-installation-error-tp5052326p5052385.html To unsubscribe from freeradius2 installation error, click here. NAML -- View this message in context: http://freeradius.1045715.n5.nabble.com/freeradius2-installation-error-tp5052326p5052422.html Sent from the FreeRadius - User mailing list archive at Nabble.com.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP/TLS authentication in 2050
Victor Guk wrote: I tried on a 64 bit computer. The same result. Ask the OpenSSL people why their library can't handle dates after 2050. FreeRADIUS can't handle dates after 2038, due to 32-bit limitations of the timestamp in RADIUS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius2 installation error
Hi, but i want to build from /usr/ports, beacause such freeradisu propose mysql module. freeradius-2.1.2 form source doesn't include mysql module. ??? it does here - something that the BSD people have done to the port?? alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Linking Shared/Static library in Freeradius Module
Resit Sahin wrote: I am writing a FreeRadius (Version 2) module for version Freeradius 2.1.10 . The module works fine. When i want to link a shared/static library from the Makefile of the module i get errors. You didn't follow the FreeRADIUS build process. makefile of the freeradius module : /VERS = 2.1.10 CFLAGS = -DNDEBUG -Wall -I/usr/include \ -I/usr/ports/net/freeradius2/work/freeradius-server-$(VERS)/src LIBS= -lc -L. icc-wrapper.a ALL:rlm_itap.o rlm_itap-$(VERS).so/ Uh... *why* did you do this? The server ships with *many* examples of building modules. The build system for the server takes care of all of the necessary magic to make it Just Work. By creating your own Makefile you've done more work than necessary, and ensured that the resulting module won't work with FreeRADIUS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re[2]: freeradius2 installation error
On Tue, Dec 6, 2011 at 10:31 PM, tolik_shavlov...@mail.ru tolik_shavlov...@mail.ru wrote: but i want to build from /usr/ports, Then ask ports maintaners. Really. beacause such freeradisu propose mysql module. freeradius-2.1.2 form source doesn't include mysql module. How did you reach that conclusion? Did you think the ports maintainer magically create a module that's not included in the source? Did you even TRY to build from the source when you actually HAVE mysql headers and libraries installed? -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Linking Shared/Static library in Freeradius Module
I have followed the steps here : http://wiki.freeradius.org/Modules2#Testing The makefile is almost the same with the makefile there. It is recommended to use your own make file in the wiki entry My module works fine without linking libraries. The problems arise when i try to link external libraries. Resit On 12/06/2011 05:36 PM, Alan DeKok wrote: Resit Sahin wrote: I am writing a FreeRadius (Version 2) module for version Freeradius 2.1.10 . The module works fine. When i want to link a shared/static library from the Makefile of the module i get errors. You didn't follow the FreeRADIUS build process. makefile of the freeradius module : /VERS = 2.1.10 CFLAGS = -DNDEBUG -Wall -I/usr/include \ -I/usr/ports/net/freeradius2/work/freeradius-server-$(VERS)/src LIBS= -lc -L. icc-wrapper.a ALL:rlm_itap.o rlm_itap-$(VERS).so/ Uh... *why* did you do this? The server ships with *many* examples of building modules. The build system for the server takes care of all of the necessary magic to make it Just Work. By creating your own Makefile you've done more work than necessary, and ensured that the resulting module won't work with FreeRADIUS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Mustafa Reşit Şahin Endersys İş Tel: 0216 470 94 23 Dahili:306 Cep Tel:0507 707 68 12 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[4]: freeradius2 installation error
Dear Fajar, i failed to intergate FR + mysql, i was informed that my FR is without mysql module. i am in process of building from the source. so, after: 1. i build mysql-server 2. install mysql driver for Rf correct? 06 декабря 2011, 19:40 от Fajar A. Nugraha-2 [via FreeRadius] ml-node+s1045715n5052460...@n5.nabble.com: On Tue, Dec 6, 2011 at 10:31 PM, [hidden email] [hidden email] wrote: but i want to build from /usr/ports, Then ask ports maintaners. Really. beacause such freeradisu propose mysql module. freeradius-2.1.2 form source doesn't include mysql module. How did you reach that conclusion? Did you think the ports maintainer magically create a module that's not included in the source? Did you even TRY to build from the source when you actually HAVE mysql headers and libraries installed? -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- If you reply to this email, your message will be added to the discussion below: http://freeradius.1045715.n5.nabble.com/freeradius2-installation-error-tp5052326p5052460.html To unsubscribe from freeradius2 installation error, click here. NAML -- View this message in context: http://freeradius.1045715.n5.nabble.com/freeradius2-installation-error-tp5052326p5052502.html Sent from the FreeRadius - User mailing list archive at Nabble.com.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Linking Shared/Static library in Freeradius Module
Mustafa Reşit Şahin wrote: I have followed the steps here : http://wiki.freeradius.org/Modules2#Testing Well, it's wrong. I'm not sure it was ever correct. I've deleted that example from the Wiki. Look at src/modules/rlm_example/Makefile. It works, and is correct. Edit it to build your module. It's a *lot* simpler. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re[4]: freeradius2 installation error
On Tue, Dec 6, 2011 at 10:51 PM, tolik_shavlov...@mail.ru tolik_shavlov...@mail.ru wrote: Dear Fajar, i failed to intergate FR + mysql, i was informed that my FR is without mysql module. then why didn't you ask that in the first place? It'd save lots of time. i am in process of building from the source. so, after: 1. i build mysql-server Not necessarily. Binary tar/package from http://dev.mysql.com/downloads/mysql should also work. Personally, I'd avoid having to build mysql from source. It takes a VERY long time. Also, you don't really need the server. FR only needs the client part (with corresponding headers/libs). Anyway, whatever method you use (build from ports, compile manually, installing binary package, whatever) you need to make sure that mysql headers and libraries are available. One way (though not the ONLY way) to verify this is by running mysql_config, then look at include and libs output, then see if the files are there. For example, on my Ubuntu box: #= $ mysql_config Usage: /usr/bin/mysql_config [OPTIONS] Options: --cflags [-I/usr/include/mysql -fno-omit-frame-pointer -g -pipe -Wno-uninitialized -DUNIV_LINUX] --include[-I/usr/include/mysql] --libs [-Wl,-Bsymbolic-functions -rdynamic -L/usr/lib/mysql -lmysqlclient -L/usr/lib/ -lssl -lcrypto] --libs_r [-Wl,-Bsymbolic-functions -rdynamic -L/usr/lib/mysql -lmysqlclient_r -L/usr/lib/ -lssl -lcrypto] --plugindir [/usr/lib/mysql/plugin] --socket [/var/run/mysqld/mysqld.sock] --port [0] --version[5.3.2-MariaDB-beta] --libmysqld-libs [-Wl,-Bsymbolic-functions -rdynamic -L/usr/lib/mysql -lmysqld -ldl -lwrap -lrt -L/usr/lib/ -lssl -lcrypto] $ ls /usr/include/mysql/ client_plugin.h my_alloc.h my_getopt.h mysqld_ername.h my_valgrind.h services.h typelib.h decimal.hmy_attribute.h my_global.h mysqld_error.h my_xml.h service_thd_alloc.h errmsg.h my_compiler.hmy_list.hmysql_embed.h plugin_auth_common.h sql_common.h keycache.h my_config.h my_net.h mysql.h plugin_auth.h sql_state.h ma_dyncol.h my_dbug.hmy_no_pthread.h mysql_time.h plugin.h sslopt-case.h m_ctype.hmy_decimal_limits.h my_pthread.h mysql_version.h service_my_snprintf.h sslopt-longopts.h m_string.h my_dir.h mysql_com.h my_sys.h service_progress_report.h sslopt-vars.h $ ls /usr/lib/*mysqlclient* /usr/lib/libmysqlclient.a /usr/lib/libmysqlclient_r.so /usr/lib/libmysqlclient_r.so.16.0.0 /usr/lib/libmysqlclient.so.16 /usr/lib/libmysqlclient.la/usr/lib/libmysqlclient_r.so.15 /usr/lib/libmysqlclient.so /usr/lib/libmysqlclient.so.16.0.0 /usr/lib/libmysqlclient_r.a /usr/lib/libmysqlclient_r.so.15.0.0 /usr/lib/libmysqlclient.so.15 /usr/lib/libmysqlclient_r.la /usr/lib/libmysqlclient_r.so.16 /usr/lib/libmysqlclient.so.15.0.0 #= 2. install mysql driver for Rf correct? Just build freeradius following the simple instruction in the wiki. IF mysql headers and drivers are there, AND you have a working mysql_config somewhere (/usr/bin/, /usr/local/bin, whatever) then mysql support should be built in by default. However, IF the headers/libs are NOT in the default places, you might have to specify some parameters to configure: --with-mysql-include-dir=DIR Directory where the mysql includes may be found --with-mysql-lib-dir=DIR Directory where the mysql libraries may be found --with-mysql-dir=DIRBase directory where mysql is installed In any case, make sure you READ the output from ./configure. Hint: it's easier to do so if you redirect the output to a file, something like ./configure | tee configure-output.txt The output should show whether the configure script was able to find mysql headers/libs or not. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[6]: freeradius2 installation error
cd freeradius2 freebsd_v8# make === Vulnerability check disabled, database not found === License GPLv2 accepted by the user === Found saved configuration for freeradius-2.1.12 === Extracting for freeradius-2.1.12 = SHA256 Checksum OK for freeradius-server-2.1.12.tar.bz2. === freeradius-2.1.12 depends on file: /usr/local/bin/perl5.12.4 - found === Patching for freeradius-2.1.12 === freeradius-2.1.12 depends on file: /usr/local/bin/perl5.12.4 - found === Applying FreeBSD patches for freeradius-2.1.12 === freeradius-2.1.12 depends on executable: gmake - found === freeradius-2.1.12 depends on file: /usr/local/bin/perl5.12.4 - found === freeradius-2.1.12 depends on file: /usr/local/bin/autoconf-2.68 - found === freeradius-2.1.12 depends on package: libtool=2.4 - found === freeradius-2.1.12 depends on shared library: gdbm.4 - found === freeradius-2.1.12 depends on shared library: krb5.26 - not found === Verifying install for krb5.26 in /usr/ports/security/heimdal === heimdal-1.4_1 depends on file: /usr/local/lib/libcrack.a - found === heimdal-1.4_1 depends on file: /usr/local/bin/autoconf-2.68 - found === heimdal-1.4_1 depends on package: libtool=2.4 - found === heimdal-1.4_1 depends on executable: pkg-config - found === heimdal-1.4_1 depends on shared library: ldap-2.4.8 - not found === Verifying install for ldap-2.4.8 in /usr/ports/net/openldap24-client === openldap-sasl-client-2.4.26 depends on package: libtool=2.4 - found === openldap-sasl-client-2.4.26 depends on shared library: sasl2.2 - not found === Verifying install for sasl2.2 in /usr/ports/security/cyrus-sasl2 === cyrus-sasl-2.1.25_1 is marked as broken: SQLITE and SQLITE3 are mutually exclusive.. *** Error code 1 Stop in /usr/ports/security/cyrus-sasl2. *** Error code 1 Stop in /usr/ports/net/openldap24-client. *** Error code 1 Stop in /usr/ports/net/openldap24-client. *** Error code 1 Stop in /usr/ports/security/heimdal. *** Error code 1 Stop in /usr/ports/security/heimdal. *** Error code 1 Stop in /tmp/freeradius2. *** Error code 1 Stop in /tmp/freeradius2. the same while installing from source(( 06 декабря 2011, 20:12 от Fajar A. Nugraha-2 [via FreeRadius] ml-node+s1045715n5052587...@n5.nabble.com: On Tue, Dec 6, 2011 at 10:51 PM, [hidden email] [hidden email] wrote: Dear Fajar, i failed to intergate FR + mysql, i was informed that my FR is without mysql module. then why didn't you ask that in the first place? It'd save lots of time. i am in process of building from the source. so, after: 1. i build mysql-server Not necessarily. Binary tar/package from http://dev.mysql.com/downloads/mysql should also work. Personally, I'd avoid having to build mysql from source. It takes a VERY long time. Also, you don't really need the server. FR only needs the client part (with corresponding headers/libs). Anyway, whatever method you use (build from ports, compile manually, installing binary package, whatever) you need to make sure that mysql headers and libraries are available. One way (though not the ONLY way) to verify this is by running mysql_config, then look at include and libs output, then see if the files are there. For example, on my Ubuntu box: #= $ mysql_config Usage: /usr/bin/mysql_config [OPTIONS] Options: --cflags [-I/usr/include/mysql -fno-omit-frame-pointer -g -pipe -Wno-uninitialized -DUNIV_LINUX] --include [-I/usr/include/mysql] --libs [-Wl,-Bsymbolic-functions -rdynamic -L/usr/lib/mysql -lmysqlclient -L/usr/lib/ -lssl -lcrypto] --libs_r [-Wl,-Bsymbolic-functions -rdynamic -L/usr/lib/mysql -lmysqlclient_r -L/usr/lib/ -lssl -lcrypto] --plugindir [/usr/lib/mysql/plugin] --socket [/var/run/mysqld/mysqld.sock] --port [0] --version [5.3.2-MariaDB-beta] --libmysqld-libs [-Wl,-Bsymbolic-functions -rdynamic -L/usr/lib/mysql -lmysqld -ldl -lwrap -lrt -L/usr/lib/ -lssl -lcrypto] $ ls /usr/include/mysql/ client_plugin.h my_alloc.h my_getopt.h mysqld_ername.h my_valgrind.h services.h typelib.h decimal.h my_attribute.h my_global.h mysqld_error.h my_xml.h service_thd_alloc.h errmsg.h my_compiler.h my_list.h mysql_embed.h plugin_auth_common.h sql_common.h keycache.h my_config.h my_net.h mysql.h plugin_auth.h sql_state.h ma_dyncol.h my_dbug.h my_no_pthread.h mysql_time.h plugin.h sslopt-case.h m_ctype.h my_decimal_limits.h my_pthread.h mysql_version.h service_my_snprintf.h sslopt-longopts.h m_string.h my_dir.h mysql_com.h my_sys.h service_progress_report.h sslopt-vars.h $ ls /usr/lib /*mysqlclient* /usr/lib/libmysqlclient.a /usr/lib/libmysqlclient_r.so /usr/lib/libmysqlclient_r.so.16.0.0
Re: freeradius2 installation error
tolik_shavlov...@mail.ru wrote: cd freeradius2 freebsd_v8# make === Vulnerability check disabled, database not found Go ask the FreeBSD people why their ports are broken. We didn't write that software, and can't help you fix it. the same while installing from source(( No. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[2]: freeradius2 installation error
Dear Alan, its from the source. but error is the same as with ports. 06 декабря 2011, 20:31 от Alan DeKok al...@deployingradius.com: tolik_shavlov...@mail.ru wrote: cd freeradius2 freebsd_v8# make === Vulnerability check disabled, database not found Go ask the FreeBSD people why their ports are broken. We didn't write that software, and can't help you fix it. the same while installing from source(( No. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius2 installation error
Hi, Dear Alan, its from the source. but error is the same as with ports. you need the development package for MySQL - or FreeRADIUS build process wont find the required headers and includes. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Linking Shared/Static library in Freeradius Module
2.1.10 yerine en son surum olan 2.1.12 kullanirsan daha yararli (http://freeradius.org/ dan indirebilirsin) 2011/12/6 Mustafa Reşit Şahin resitsa...@gmail.com I have followed the steps here : http://wiki.freeradius.org/**Modules2#Testinghttp://wiki.freeradius.org/Modules2#Testing The makefile is almost the same with the makefile there. It is recommended to use your own make file in the wiki entry My module works fine without linking libraries. The problems arise when i try to link external libraries. Resit On 12/06/2011 05:36 PM, Alan DeKok wrote: Resit Sahin wrote: I am writing a FreeRadius (Version 2) module for version Freeradius 2.1.10 . The module works fine. When i want to link a shared/static library from the Makefile of the module i get errors. You didn't follow the FreeRADIUS build process. makefile of the freeradius module : /VERS = 2.1.10 CFLAGS = -DNDEBUG -Wall -I/usr/include \ -I/usr/ports/net/freeradius2/**work/freeradius-server-$(VERS) **/src LIBS= -lc -L. icc-wrapper.a ALL:rlm_itap.o rlm_itap-$(VERS).so/ Uh... *why* did you do this? The server ships with *many* examples of building modules. The build system for the server takes care of all of the necessary magic to make it Just Work. By creating your own Makefile you've done more work than necessary, and ensured that the resulting module won't work with FreeRADIUS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/** list/users.html http://www.freeradius.org/list/users.html -- Mustafa Reşit Şahin Endersys İş Tel: 0216 470 94 23 Dahili:306 Cep Tel:0507 707 68 12 - List info/subscribe/unsubscribe? See http://www.freeradius.org/** list/users.html http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[6]: freeradius2 installation error
thanks for great explanation. i could install Fr from ports (the main problem was in ldap, so i installed without ldap) BR 06 декабря 2011, 20:13 от Fajar A. Nugraha l...@fajar.net: On Tue, Dec 6, 2011 at 10:51 PM, tolik_shavlov...@mail.ru tolik_shavlov...@mail.ru wrote: Dear Fajar, i failed to intergate FR + mysql, i was informed that my FR is without mysql module. then why didn't you ask that in the first place? It'd save lots of time. i am in process of building from the source. so, after: 1. i build mysql-server Not necessarily. Binary tar/package from http://dev.mysql.com/downloads/mysql should also work. Personally, I'd avoid having to build mysql from source. It takes a VERY long time. Also, you don't really need the server. FR only needs the client part (with corresponding headers/libs). Anyway, whatever method you use (build from ports, compile manually, installing binary package, whatever) you need to make sure that mysql headers and libraries are available. One way (though not the ONLY way) to verify this is by running mysql_config, then look at include and libs output, then see if the files are there. For example, on my Ubuntu box: #= $ mysql_config Usage: /usr/bin/mysql_config [OPTIONS] Options: --cflags [-I/usr/include/mysql -fno-omit-frame-pointer -g -pipe -Wno-uninitialized -DUNIV_LINUX] --include[-I/usr/include/mysql] --libs [-Wl,-Bsymbolic-functions -rdynamic -L/usr/lib/mysql -lmysqlclient -L/usr/lib/ -lssl -lcrypto] --libs_r [-Wl,-Bsymbolic-functions -rdynamic -L/usr/lib/mysql -lmysqlclient_r -L/usr/lib/ -lssl -lcrypto] --plugindir [/usr/lib/mysql/plugin] --socket [/var/run/mysqld/mysqld.sock] --port [0] --version[5.3.2-MariaDB-beta] --libmysqld-libs [-Wl,-Bsymbolic-functions -rdynamic -L/usr/lib/mysql -lmysqld -ldl -lwrap -lrt -L/usr/lib/ -lssl -lcrypto] $ ls /usr/include/mysql/ client_plugin.h my_alloc.h my_getopt.h mysqld_ername.h my_valgrind.h services.h typelib.h decimal.hmy_attribute.h my_global.h mysqld_error.h my_xml.h service_thd_alloc.h errmsg.h my_compiler.hmy_list.hmysql_embed.h plugin_auth_common.h sql_common.h keycache.h my_config.h my_net.h mysql.h plugin_auth.h sql_state.h ma_dyncol.h my_dbug.hmy_no_pthread.h mysql_time.h plugin.h sslopt-case.h m_ctype.hmy_decimal_limits.h my_pthread.h mysql_version.h service_my_snprintf.h sslopt-longopts.h m_string.h my_dir.h mysql_com.h my_sys.h service_progress_report.h sslopt-vars.h $ ls /usr/lib/*mysqlclient* /usr/lib/libmysqlclient.a /usr/lib/libmysqlclient_r.so /usr/lib/libmysqlclient_r.so.16.0.0 /usr/lib/libmysqlclient.so.16 /usr/lib/libmysqlclient.la/usr/lib/libmysqlclient_r.so.15 /usr/lib/libmysqlclient.so /usr/lib/libmysqlclient.so.16.0.0 /usr/lib/libmysqlclient_r.a /usr/lib/libmysqlclient_r.so.15.0.0 /usr/lib/libmysqlclient.so.15 /usr/lib/libmysqlclient_r.la /usr/lib/libmysqlclient_r.so.16 /usr/lib/libmysqlclient.so.15.0.0 #= 2. install mysql driver for Rf correct? Just build freeradius following the simple instruction in the wiki. IF mysql headers and drivers are there, AND you have a working mysql_config somewhere (/usr/bin/, /usr/local/bin, whatever) then mysql support should be built in by default. However, IF the headers/libs are NOT in the default places, you might have to specify some parameters to configure: --with-mysql-include-dir=DIR Directory where the mysql includes may be found --with-mysql-lib-dir=DIR Directory where the mysql libraries may be found --with-mysql-dir=DIRBase directory where mysql is installed In any case, make sure you READ the output from ./configure. Hint: it's easier to do so if you redirect the output to a file, something like ./configure | tee configure-output.txt The output should show whether the configure script was able to find mysql headers/libs or not. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Forced Reauthentication
Hello, I'm trying to force reauthentication of my strongswan IPSec clients where EAP-TLS is being used, but nothing seems to work. Now, this is something that I would like to do on a per-client basis, so I'm modifying the session-timeout attribute of the access-accept packet to include my new session time. This insertion is performed from JRADIUS, where it is called in the post-auth stage. All of this appears to be working since the FreeRADIUS output prints out the new session-timeout value along with the other access-accept data when it sends the access-accept packet. I have also tried to globally set the session-timeout by including it in the FreeRADIUS users file, but none of these methods seem to work. Is anyone aware of a way to force a connecting client to reauthenticate? Am I missing something with the methods I've tried thus far? Lester Houston 111 Boeing Research Technology Electronics Prototyping and Integration Center (EPIC) lester.l.houston-...@boeing.com 314-234-0621 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Forced Reauthentication
On Wed, Dec 7, 2011 at 5:31 AM, Houston-III, Lester L
lester.l.houston-...@boeing.com wrote:
Hello,
I’m trying to force reauthentication of my strongswan IPSec clients where
EAP-TLS is being used, but nothing seems to work. Now, this is something
that I would like to do on a per-client basis, so I’m modifying the
session-timeout attribute of the access-accept packet to include my new
session time.
Does the NAS (strongswan?) support session-timeout?
If you don't know, ask its support/forum/list. It's unlikely that
you'll find the answer here.
This insertion is performed from JRADIUS, where it is called
in the post-auth stage.
Why would you need jradius? why not just use an unlang block in freeradius?
update reply {
...
}
--
Fajar
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Forced Reauthentication
I will ask the strongswan folks. JRADIUS is used for some other post
authentication processing that determines whether the user truly granted or
denied access to the system.
-Original Message-
From:
freeradius-users-bounces+lester.l.houston-iii=boeing@lists.freeradius.org
[mailto:freeradius-users-bounces+lester.l.houston-iii=boeing@lists.freeradius.org]
On Behalf Of Fajar A. Nugraha
Sent: Tuesday, December 06, 2011 6:40 PM
To: FreeRadius users mailing list
Subject: Re: Forced Reauthentication
On Wed, Dec 7, 2011 at 5:31 AM, Houston-III, Lester L
lester.l.houston-...@boeing.com wrote:
Hello,
I'm trying to force reauthentication of my strongswan IPSec clients where
EAP-TLS is being used, but nothing seems to work. Now, this is something
that I would like to do on a per-client basis, so I'm modifying the
session-timeout attribute of the access-accept packet to include my new
session time.
Does the NAS (strongswan?) support session-timeout?
If you don't know, ask its support/forum/list. It's unlikely that
you'll find the answer here.
This insertion is performed from JRADIUS, where it is called
in the post-auth stage.
Why would you need jradius? why not just use an unlang block in freeradius?
update reply {
...
}
--
Fajar
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Set reply attributes based on LDAP attribute
Thank you both for the quick replies. I ended up using a switch statement to determine which Tunnel-Private-Group-ID the person requires. Now to try and test this to ensure its working for all users. Thanks again -- View this message in context: http://freeradius.1045715.n5.nabble.com/Set-reply-attributes-based-on-LDAP-attribute-tp5047676p5054214.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Expiration email
thanks Fajar, Let me give a try. From: Fajar A. Nugraha l...@fajar.net To: john decot johnde...@yahoo.com; FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tuesday, December 6, 2011 6:38 PM Subject: Re: Expiration email On Tue, Dec 6, 2011 at 7:22 PM, john decot johnde...@yahoo.com wrote: Thanks for the reply. I am also trying same but couldn't compare with the field on the database as Expiration attribute use character value. I wish someone give me any idea on comparing those parameter inside database. Several ways I can think of (completely untested): (1) Use http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html#function_str-to-date (or whatever equivalent function in your db) to convert the column to date before comparison (2) Pick a time to alert the user (e.g. ONE WEEK before expiration), then use whatever programming language of your choice (e.g. php) to convert the date into the format used in expiration attribute (e.g. using date_format). Then you only need to compare for exact string match. -- Fajar- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Linksys WIFI Authentication using freeradius?
hello I have a Linksys WRT-110 router which supports various security mechanisms: WPA WPA2 Personal, WPA Enterprise and Radius authentication. Today WPA2 Personal use where all my clients use the same key or password to connect. I want to change this so that each user can connect with username and password in a personal way, I was thinking my router to authenticate against a radius server. google search and it turns out all the variations I have encountered are implementing freeradius with PEAP TLS and mysql which should generate certificates and then configure the client and in turn install these certificates to the exchange between the server and client. I was wondering, there is some other simpler way that does not imply that this set up or install certificates on the client side? Well, I have several clients with different operating systems: Windows, Linux, Apple. Something as simple as putting the username and password. It OpenWrt I saw as another variant to follow and the router does not appear in the list of supported devices. Ideas? Michel -- Webmail, servicio de correo electronico Casa de las Americas - La Habana, Cuba. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Linksys WIFI Authentication using freeradius?
On Wed, Dec 7, 2011 at 1:15 PM, mic...@casa.co.cu wrote: google search and it turns out all the variations I have encountered are implementing freeradius with PEAP TLS and mysql which should generate certificates and then configure the client and in turn install these certificates to the exchange between the server and client. I was wondering, there is some other simpler way that does not imply that this set up or install certificates on the client side? PEAP-TTLS, PEAP-MSCHAPv2, PEAP-GTC, etc. On these setup there's only one certificate: the server. Depending on your OS/supplicant, the client can be set up to ignore the certificate validation, or to have a pop up asking whether they trust the server certicate. Note that the CLIENT choose which authentication method to use. Setup on NAS (i.e. access point) side is the same. Well, I have several clients with different operating systems: Windows, Linux, Apple. Something as simple as putting the username and password. Once you get pass certificate trust issue, it's a matter of putting username and password. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
