Freeradius2.1.3 + Fedora9 + PEAP + AD = problem
Hi I configure Freeradius 2.1.3 how it describes in http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO but it doesn't work. here is debug output: FreeRADIUS Version 2.1.3, for host i386-redhat-linux-gnu, built on Dec 8 2008 at 16:00:08 Copyright (C) 1999-2008 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. Starting - reading configuration files ... including configuration file /etc/raddb/radiusd.conf including configuration file /etc/raddb/proxy.conf including configuration file /etc/raddb/clients.conf including files in directory /etc/raddb/modules/ including configuration file /etc/raddb/modules/echo including configuration file /etc/raddb/modules/smbpasswd including configuration file /etc/raddb/modules/ldap including configuration file /etc/raddb/modules/chap including configuration file /etc/raddb/modules/digest including configuration file /etc/raddb/modules/mac2vlan including configuration file /etc/raddb/modules/logintime including configuration file /etc/raddb/modules/mac2ip including configuration file /etc/raddb/modules/policy including configuration file /etc/raddb/modules/perl including configuration file /etc/raddb/modules/mschap including configuration file /etc/raddb/modules/checkval including configuration file /etc/raddb/modules/radutmp including configuration file /etc/raddb/modules/attr_filter including configuration file /etc/raddb/modules/linelog including configuration file /etc/raddb/modules/detail including configuration file /etc/raddb/modules/expiration including configuration file /etc/raddb/modules/attr_rewrite including configuration file /etc/raddb/modules/inner-eap including configuration file /etc/raddb/modules/preprocess including configuration file /etc/raddb/modules/detail.example.com including configuration file /etc/raddb/modules/passwd including configuration file /etc/raddb/modules/exec including configuration file /etc/raddb/modules/acct_unique including configuration file /etc/raddb/modules/files including configuration file /etc/raddb/modules/counter including configuration file /etc/raddb/modules/expr including configuration file /etc/raddb/modules/wimax including configuration file /etc/raddb/modules/sqlcounter_expire_on_login including configuration file /etc/raddb/modules/etc_group including configuration file /etc/raddb/modules/sradutmp including configuration file /etc/raddb/modules/pap including configuration file /etc/raddb/modules/detail.log including configuration file /etc/raddb/modules/always including configuration file /etc/raddb/modules/ippool including configuration file /etc/raddb/modules/realm including configuration file /etc/raddb/modules/sql_log including configuration file /etc/raddb/modules/unix including configuration file /etc/raddb/modules/pam including configuration file /etc/raddb/eap.conf including configuration file /etc/raddb/policy.conf including files in directory /etc/raddb/sites-enabled/ including configuration file /etc/raddb/sites-enabled/default including configuration file /etc/raddb/sites-enabled/control-socket including configuration file /etc/raddb/sites-enabled/inner-tunnel group = radiusd user = radiusd including dictionary file /etc/raddb/dictionary main { prefix = /usr localstatedir = /var logdir = /var/log/radius libdir = /usr/lib/freeradius radacctdir = /var/log/radius/radacct hostname_lookups = no max_request_time = 30 cleanup_delay = 5 max_requests = 1024 allow_core_dumps = no pidfile = /var/run/radiusd/radiusd.pid checkrad = /usr/sbin/checkrad debug_level = 0 proxy_requests = yes log { stripped_names = no auth = no auth_badpass = no auth_goodpass = no } security { max_attributes = 200 reject_delay = 1 status_server = yes } } client 10.6.0.0/16 { require_message_authenticator = no secret = secret shortname = cisco } client localhost { ipaddr = 127.0.0.1 require_message_authenticator = no secret = testing123 nastype = other } radiusd: Loading Realms and Home Servers proxy server { retry_delay = 5 retry_count = 3 default_fallback = no dead_time = 120 wake_all_if_all_dead = no } home_server localhost { ipaddr = 127.0.0.1 port = 1812 type = auth secret = testing123 response_window = 20 max_outstanding = 65536 zombie_period = 40 status_check = status-server ping_interval = 30 check_interval = 30 num_answers_to_alive = 3 num_pings_to_alive = 3 revive_interval = 120 status_check_timeout = 4 } home_server_pool
Colubris-AVPairs
Hi, I have a problem with Freeradius returning Colubris-AVPairs. I have a CN3300 (Colubris AP) set up to authenticate from my radius server (FR), which in turn passes it information such as login pages, access lists, etc. All these attributes are defined in my radgroupreply table (3 in all), which look something as follows: 151 colubris_group Colubris-AVPair := access-list=loginserver, ACCEPT, tcp, x.x.x.138, ALL 152 colubris_group Colubris-AVPair := use-access-list=loginserver 153 colubris_group Colubris-AVPair := login-url=http://x.x.x.138/colubris/login.html When I attempt to authenticate the AP, the Access-Accept response has only the first Colubris-AVPair, whichever it might be (i've tried different orders). Is there any reason for this kind of behaviour? Do attributes have to have unique names? (since all three are called Colubris-AVPair). Thanks for any help. -Andrey - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
AVPair question
Hey List, Quick question about AVPair. I have a Colubris Access Point which wants me to use the Colubris-AVPair attribute. The attribute is defined in a dictionary file, which is included in the main dictionary. This is what it looks like: # Colubris dictionary - dictionary.colubris # # Enable by putting the line $INCLUDE dictionary.colubris into # the main dictionary file. # # VENDOR Colubris8744 # # Vendor-specific attributes # ATTRIBUTE Colubris-AVPair 0 string Colubris ATTRIBUTE Colubris-Intercept 1 integer Colubris When I try to authenticate, I get unknown-vendor 8744, size 30 = '' for my attributes dump. What am I missing? Is there a separate file for defining vendors? Any help appreciated. - Andrey - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[Q] Access-Reject logging
Hello, I have rlm_perl module which performs some checks of Access-Request and if rlm_perl returns RLM_MODULE_REJECT freeradius sends Access-Reject, but this Access-Reject doesn't appear in detail log. is there any way to log Access-Reject's generated in authorize section ? Best regards. -- Andrey Panin| Linux and UNIX system administrator [EMAIL PROTECTED] | PGP key: wwwkeys.pgp.net signature.asc Description: Digital signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: [Q] Access-Reject logging
On 181, 06 30, 2005 at 11:47:31AM +0200, Nicolas Baradakis wrote: Andrey Panin wrote: I have rlm_perl module which performs some checks of Access-Request and if rlm_perl returns RLM_MODULE_REJECT freeradius sends Access-Reject, but this Access-Reject doesn't appear in detail log. is there any way to log Access-Reject's generated in authorize section ? See http://www.freeradius.org/radiusd/doc/Post-Auth-Type Been here, done that. It doesn't help, looks like Access-Reject's generated during authorize phase are never passed to post_auth phase. -- Andrey Panin| Linux and UNIX system administrator [EMAIL PROTECTED] | PGP key: wwwkeys.pgp.net signature.asc Description: Digital signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: [Q] Access-Reject logging
On 181, 06 30, 2005 at 01:29:48PM +0200, Nicolas Baradakis wrote: Andrey Panin wrote: I have rlm_perl module which performs some checks of Access-Request and if rlm_perl returns RLM_MODULE_REJECT freeradius sends Access-Reject, but this Access-Reject doesn't appear in detail log. is there any way to log Access-Reject's generated in authorize section ? See http://www.freeradius.org/radiusd/doc/Post-Auth-Type Been here, done that. It doesn't help, looks like Access-Reject's generated during authorize phase are never passed to post_auth phase. Are you using the latest release of FreeRADIUS? It was a bug in version 1.0.2 and earlier. CVS snapshot. -- Andrey Panin| Linux and UNIX system administrator [EMAIL PROTECTED] | PGP key: wwwkeys.pgp.net signature.asc Description: Digital signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: [Q] Access-Reject logging
On 181, 06 30, 2005 at 10:30:47PM +1000, Mitchell, Michael J wrote: Been here, done that. It doesn't help, looks like Access-Reject's generated during authorize phase are never passed to post_auth phase. Are you using the latest release of FreeRADIUS? It was a bug in version 1.0.2 and earlier. CVS snapshot. Why is authorization failing? I know in 1.0.1 post-auth is not processed if the authorization module returns RLM_USERLOCK (eg in LDAP the access attribute has denied access). It fails in perl script used to glue freeradius server with existing authentication database. Perl authorization function returns RLM_MODULE_REJECT. -- Andrey Panin| Linux and UNIX system administrator [EMAIL PROTECTED] | PGP key: wwwkeys.pgp.net signature.asc Description: Digital signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: How can I using postgres NAS table
. wrote: How can I using postgres NAS table? I not found info about this :( rlm_sql/drivers/rlm_sql_postgresql/db_postgresql.sql: /* * Table structure for table 'nas' * This is not currently used by FreeRADIUS but is usefull for reporting * anyway. */ CREATE TABLE nas ( ... -- WBR, Andrey V. Elsukov - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Running radiusd as an unprivileged user
Hi Andrey. Edit your radiusd.conf and uncomment: #user = nobody #group = nobody done that. You can manually add new users the radius will run as. Propaly the easiest way is to run vipw and copy line from some other service, change the uid, gid and the username, edit /etc/group and put there your group as well. have that. Something like this should do on FreeBSD: radiusd:*:101:101::0:0:Radius Daemon:/var/log/radius:/usr/sbin/nologin Or Linux radiusd:x:101:101:Radius Daemon:/var/log/radius:/bin/false and in /etc/group radiusd:*:101: chown -R radiusd:radiusd your log file and propaly the config files chowned the log and config files. Then it should look something like: #ps auxww | grep rad radiusd 81708 0.0 1.0 9316 4944 ?? Ss 11:26PM 0:00.01 /usr/local/sbin/radiusd Cheers, Marcin RESULT: It looks like it's working, but it doesn't authenticate anybody. It doesn't necessarily give an Access-Reject, but it also doesn't let anyone stay online. Lets users log in and then kicks them off 15 seconds later. Any ideas? Thanks for the suggestions. On Wed, 1 Jun 2005 16:49:37 -0400 Andrey [EMAIL PROTECTED] wrote: Hi everyone, Just a quick question about running radiusd as a user other than root. Do I need to compile the server as that user? And do I need to do anything else other than uncomment the lines in radius.conf? Is there a help/doc file about this? Thanks a bunch. Andrey - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Running radiusd as an unprivileged user
Hi everyone, Just a quick question about running radiusd as a user other than root. Do I need to compile the server as that user? And do I need to do anything else other than uncomment the lines in radius.conf? Is there a help/doc file about this? Thanks a bunch. Andrey - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: autentificacion TLS
Very true, most people here understand English a lot better :-) Andrey Quoting Ernesto Freyre Ramírez [EMAIL PROTECTED]: Hola Juan Carlos , te recomiendo que a esta lista escribas en Ingles, será muy raro que alguien te responda en castellano Ernesto Freyre Ramírez Jefe de Operaciones Qnet Soluciones Tecnológicas Av. Paseo de la República 4675 - Lima 34 Telf.: (511) 241-4122 Anexo 2245 Fax: (511) 446-8135 Visítenos en: www.qnet.com.pe - Original Message - From: Juan Carlos Arévalo To: freeradius-users@lists.freeradius.org Sent: Wednesday, May 25, 2005 2:55 PM Subject: autentificacion TLS muy buenos dias !! la intencion de este correo es la de solicitar informacion sobre el radius a ver si me puedes ayudar !! te comento tengo montado un serviodr radius en suse 9.2 el cual esta corriendo bien o eso parece cuando lo coloco a validar los usuarios por MAC Address por medio de un AP1100 de cisco esto lo hace de maravilla. La otra cuestion es que tengo un servidor LDAP donde esta la base de datos de toda la empresa cuando realizo pruebas con el NTRadping el servidor contesta perfecto. Pero cuando lo intento hacer por el AP1100 no lo hace como es devido le tengo configurado para que funcione con EAP/PEAP y me pide un certificado el cual ya se lo configure pero me da un error muy extraño que no entiendo les colocare el error a ver quien me puede ayudar Wed May 25 13:26:38 2005 : Debug: rlm_eap_tls: TLS 1.0 Alert [length 0002], fatal unknown_ca Wed May 25 13:26:38 2005 : Error: TLS Alert read:fatal:unknown CA Wed May 25 13:26:38 2005 : Error: TLS_accept:failed in SSLv3 read client certificate A 16174:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1052:SSL alert number 48 16174:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:837: Wed May 25 13:26:38 2005 : Error: rlm_eap_tls: SSL_read failed in a system call (-1), TLS session fails. Wed May 25 13:26:38 2005 : Debug: In SSL Handshake Phase Wed May 25 13:26:38 2005 : Debug: In SSL Accept mode de verdad que si me pueden ayudar seria muy bueno !! -- Juan Carlos Arevalo [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Auth-Type = System and DSL Static IP
Not to be mean or anything, but you don't seem to have read the whole email or the full correspondence. The problem only occurs when the Auth-Type is set to System. I have bunch of other accounts (Auth-Type: Local) that work absolutely fine. And to answer your questions, I DID post debug info, and the override is set to no. Thanks for the suggestions though. Andrey Quoting Dustin Doris [EMAIL PROTECTED]: On Tue, 10 May 2005, Andrey wrote: Hi List, I have a question about Auth-Type = System. I have several accounts that need to be authenticated through System and it works great as long as the IP is assigned dynamically. As soon as I switch an account to static IP, it authenticates but does not assign the desired ip address. I'm guessing it's to do with the order in which things are checked: 1) check sql - auth-type: system; 2) system - authenticate; 3) assign dynamic ip, since it's not going back to sql, but of course it might be something else. When you say dynamic are you referring to rlm_ip_pool? If so, make sure you have override = no in your config. If you set it to override = yes, then ippool will override the reply item you already have configured for the user. When you say switch the account to static IP what do you mean by that. Does that mean that you are assigning the reply item of Framed-IP-Address? If so, that should not be overwriten by ip_pool so long as you have override = no. Otherwise - post some debug output (radiusd -X) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Auth-Type = System and DSL Static IP
Dustin, I appreciate your help, but everything is working fine now, so you can drop the issue, okay? Thanks. Andrey Quoting Dustin Doris [EMAIL PROTECTED]: On Thu, 12 May 2005, Andrey wrote: Not to be mean or anything, but you don't seem to have read the whole email or the full correspondence. The problem only occurs when the Auth-Type is set to System. I have bunch of other accounts (Auth-Type: Local) that work absolutely fine. And to answer your questions, I DID post debug info, and the override is set to no. Thanks for the suggestions though. Andrey Not to be mean to you, but I feel you have not read the full correspondance. You posted the debug output of an accounting packet. As Alan said in his reply to you, accounting requests don't set IP addresses. Please post the debug log of an authentication request. This is where your problem lies. You did not specify before whether or not override is set to no previously. Without seeing your debug output of an authentication request, I have no way of telling what is going on and whether or not that was set. Quoting Dustin Doris [EMAIL PROTECTED]: On Tue, 10 May 2005, Andrey wrote: Hi List, I have a question about Auth-Type = System. I have several accounts that need to be authenticated through System and it works great as long as the IP is assigned dynamically. As soon as I switch an account to static IP, it authenticates but does not assign the desired ip address. I'm guessing it's to do with the order in which things are checked: 1) check sql - auth-type: system; 2) system - authenticate; 3) assign dynamic ip, since it's not going back to sql, but of course it might be something else. When you say dynamic are you referring to rlm_ip_pool? If so, make sure you have override = no in your config. If you set it to override = yes, then ippool will override the reply item you already have configured for the user. When you say switch the account to static IP what do you mean by that. Does that mean that you are assigning the reply item of Framed-IP-Address? If so, that should not be overwriten by ip_pool so long as you have override = no. Otherwise - post some debug output (radiusd -X) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Auth-Type = System and DSL Static IP
Hi List, I have a question about Auth-Type = System. I have several accounts that need to be authenticated through System and it works great as long as the IP is assigned dynamically. As soon as I switch an account to static IP, it authenticates but does not assign the desired ip address. I'm guessing it's to do with the order in which things are checked: 1) check sql - auth-type: system; 2) system - authenticate; 3) assign dynamic ip, since it's not going back to sql, but of course it might be something else. Has anyone had this problem before? I have other static ip accounts that authenticate from sql, and those work just fine. Just the ones that are from System. Any suggestions most appreciated. Andrey - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius accounting question
My guess would be that you need to set the Session-Timeout variable. 2 hours would be 7200 and 1 hour would be 3600. hope this helps. Andrey Quoting Software Development Group [EMAIL PROTECTED]: Hello, I have compiled and installed freeradius and it is working fine. My question now is: At this point a user logs in with a password, is authenticated and enters the system but if I want to set user x to only have 2 hours connection time only and user y to only have 1 hour of connection, how can I do this? Thanks. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Counting number of open sessions in RADIUS
the easiest way off the top of my head would be to run: %radius_dir%/bin/radwho | grep -c that will pipe all your logged-in users to grep, which will tell you how many of them there are. Andrey Quoting Sonali Karmarkar [EMAIL PROTECTED]: Hi I am using freeradius 0.9.3 with mysql on linux. What is the correct way to count number of open sessions for freeradius server ? -SK - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Auth-Type = System and DSL Static IP
The output doesn't really show anything unusual. As soon as the user connects, radius assigns a Framed-IP-Address, which unfortunately is not the one in radreply table. The output is as follows: The desired ip is supposed to be x.x.x.248, which instead is set to x.x.x.135 Finished request 206 Going to the next request Waking up in 6 seconds... rad_recv: Accounting-Request packet from host x.x.x.186:1646, id=158, length=182 NAS-IP-Address = x.x.x.186 NAS-Port = 30 NAS-Port-Type = ISDN User-Name = [EMAIL PROTECTED] Acct-Status-Type = Alive Acct-Authentic = RADIUS Service-Type = Framed-User Acct-Session-Id = 3E36 Framed-Protocol = PPP Tunnel-Server-Endpoint:0 = x.x.x.5 Tunnel-Client-Endpoint:0 = x.x.x.6 Tunnel-Type:0 = L2F Tunnel-Client-Auth-Id:0 = blah1 Tunnel-Server-Auth-Id:0 = blhablahblah Acct-Tunnel-Connection = 123456789 Framed-IP-Address = x.x.x.135 Acct-Delay-Time = 0 Processing the preacct section of radiusd.conf modcall: entering group preacct for request 207 modcall[preacct]: module preprocess returns noop for request 207 rlm_acct_unique: Hashing 'NAS-Port = 30,Client-IP-Address = x.x.x.186,NAS-IP-Address = x.x.x.186,Acct-Session-Id = blahblah,User-Name = [EMAIL PROTECTED]' rlm_acct_unique: Acct-Unique-Session-ID = 5284d1027702b79c. modcall[preacct]: module acct_unique returns ok for request 207 rlm_realm: Looking up realm ourdomain.com for User-Name = [EMAIL PROTECTED] rlm_realm: Found realm ourdomain.com rlm_realm: Adding Stripped-User-Name = testuser rlm_realm: Proxying request from user testuser to realm ourdomain.com rlm_realm: Adding Realm = ourdomain.com rlm_realm: Accounting realm is LOCAL. modcall[preacct]: module suffix returns noop for request 207 modcall[preacct]: module files returns noop for request 207 modcall: group preacct returns ok for request 207 Processing the accounting section of radiusd.conf modcall: entering group accounting for request 207 radius_xlat: '/usr/local/radius/var/log/radius/radacct/x.x.x.186/detail-20050510' rlm_detail: /usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /usr/local/radius/var/log/radius/radacct/x.x.x.186/detail-20050510 modcall[accounting]: module detail returns ok for request 207 modcall[accounting]: module unix returns noop for request 207 radius_xlat: '/usr/local/radius/var/log/radius/radutmp' radius_xlat: '[EMAIL PROTECTED]' modcall[accounting]: module radutmp returns ok for request 207 radius_xlat: 'testuser' rlm_sql (sql): sql_set_user escaped user -- 'testuser' radius_xlat: 'UPDATE radacct ? SET FramedIPAddress = 'x.x.x.135', ? AcctSessionTime = '', ? AcctInputOctets = '', ? AcctOutputOctets = '' ? WHERE AcctSessionId = '3E36' ? AND UserName = 'testuser' ? AND NASIPAddress= 'x.x.x.186'' rlm_sql (sql): Reserving sql socket id: 2 rlm_sql (sql): Released sql socket id: 2 modcall[accounting]: module sql returns ok for request 207 modcall: group accounting returns ok for request 207 Sending Accounting-Response of id 158 to x.x.x.186:1646 Finished request 207 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Thanks your suggestions and time on this. Andrey Quoting Alan DeKok [EMAIL PROTECTED]: Andrey [EMAIL PROTECTED] wrote: I have other static ip accounts that authenticate from sql, and those work just fine. Just the ones that are from System. Any suggestions most appreciated. Run the server in debugging mode and read the output. There's really no other way. As soon as I switch an account to static IP, it authenticates but does not assign the desired ip address. I'm guessing it's to do with the order in which things are checked: No. It's something else. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MySQL Accounting in Freeradius
Hi, I have a question about the uniqueness of the AcctUniqueId field. Everytime the user connects, the id is always the same. AcctSessionId is always the same as well. All that would be fine, except that the times get messed up by being updated to the last AcctStopTime. The update query is as follows: UPDATE radacct SET AcctStopTime = '2005-05-05 16:08:00', AcctSessionTime = '', AcctInputOctets = '', AcctOutputOctets = '', AcctTerminateCause = '', AcctStopDelay = '', ConnectInfo_stop = '' WHERE AcctSessionId = '00-0f-3d-52-2b-13' AND UserName = 'dialup_username' AND NASIPAddress = 'x.x.x.x' which consequently updates all the records from before that have the same AcctSessionId (i.e. all the previous logins by that user). Is this the way it was intended to work? For some reason I doubt it, but thought I'd ask just to make sure. If that's a bug, how would I go about fixing it? Thanks for your time! -Andrey - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
xlat
Hi! Freeradius modify char # to =23 in all attributes. In the radacct/detail: Called-Station-Id = 12378#7095507 In the postgresql.conf: accounting_stop_query = INSERT INTO ${acct_table} \ (id, calledstationip, calledstationid) \ VALUES \ (DEFAULT, '%{h323-remote-address:-127.0.0.1}', '%{Called-Station-Id}') But in sqltrace calledstationid = '12378=237095507' I need write Called-Station-Id without modifying! radiusd.conf: preacct { preprocess } accounting { detail sql } How i can configure Freeradius without rewriting # char or without using xlat for some pairs? -- Lance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Fall-Through in acct_users
Hello, Is it possible to use Fall-Through in acct_users like in users file ? -- Andrey Lakhno, land-ripe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Fall-Through in acct_users
Hello, On Tue, 13 Jul 2004, Alan DeKok wrote: Is it possible to use Fall-Through in acct_users like in users file ? Try it and see. It does not work. May be I done something incorrectly ? acct_users: DEFAULT NAS-IP-Address == x.x.x.x, Acct-Status-Type == Stop Exec-Program = /home/voip/aaa/acct_call_generic, Fall-Through = Yes DEFAULT NAS-IP-Address == x.x.x.x, Acct-Status-Type == Stop Exec-Program = /home/voip/aaa/test -- Andrey Lakhno, land-ripe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html