R: help help help
I think you're asking us to do the homework for you ;-) Take a look on google for radius architecture and read radius rfcs . After reading it should be clear what radius can and cannot do. Regards, Francesco. Da: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Per conto di adnan deura Inviato: lunedì 14 gennaio 2008 12.26 A: freeradius-users@lists.freeradius.org Oggetto: help help help hello everybody i am given the task of installing freeradius 1.1.7 on fedora core 7 for my computer networking course's final project. my sir has a very little idea of freeRADIUS ., what should i do to get a good grade . i have installed ,configured( i think so ),and added a user in the 'user' file and it all works well . i do not know what to do next please tell me that what i can i do next or at least tell me what to do on google. how is a user going to access the radius server on my machine , and what are the things i can do with this tool to show to my lecturer, and what things are that i can do to avail the full features of freeRADIUS 1.1.7 waiting for your reply thanks in advance. Express yourself instantly with MSN Messenger! MSN Messenger http://clk.atdmt.com/AVE/go/onm00200471ave/direct/01/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: freeradius sql server with high loads
Hi A., I think the problem is that FR is trying to use more db connections than the ones available. You have to check MSSQL configuration and raise your incoming connections limit. Regards, Francesco Cristofori. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: Radius Load-Balancing concept
Hi Sebastian, But the most important thing for me is, if I get any trouble if both radius servers will write their accounting records into the same database. I'm not running postgres, but the concepts are the same. I set up a mysql replication (every dbms is slave of the other one) and one virtual ip which i configured in FR. When one server goes down the other takes the virtual ip address and continues to respond to radius requests. Accounting is consistent since both databases replicate each other. Uniqueness of accounting entry (remember that we have an auto_increment field in the radacct table) is guaranteed using different step increment values for the two dbms: the first server starts at 1 and increments two units (so: 1, 3, 5, ...), while the second server starts at 2 and increments two units (so: 2, 4, 6, ...). Sebastian I hope this helps, Sorry for my poor english, Francesco Cristofori. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: WPA HOWTO
Hi, and I have no bloody idea what to do. or have I tested your patience to it's limit? You should read the Debian Policy (at least the section about building packages from src) in order to understand how building from source works the Debian Way. :-) Briefly: 0) configure a deb-src for testing since 1.1.7 isn't available in stable (see apt howto for details) 1) apt-get source freeradius 2) apt-get build-dep freeradius (run this command as root) 3) dpkg-buildpackage -rfakeroot -uc -b (run this as normal user) 4) complain for bugs against debian bts ;-) Thanks in anticipation, build HTH, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: Sqlippool debian - sql_get_socket unresolved symbol
Try editing the Makefiles so that rlm_sqlippool links to rlm_sql. Maybe that will solve the problem. I tried to do this, but I'm not a good coder so I filed a bug against the debian package. Alan DeKok. Thanks, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: Sqlippool debian - sql_get_socket unresolved symbol
Update: assigned bug number #448699 . http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448699 Greetings, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Sqlippool debian - sql_get_socket unresolved symbol
Hi all, I know the topic has been discussed about a year ago, but I'd like to know if it's going to be solved. I know that Alan said it's not a FR issue (http://lists.cistron.nl/pipermail/freeradius-users/2006-October/057588. html), but many people says that turning on RTLD_GLOBAL is a security weakness, so perhaps it's overall good to fix the code to make it work even with RTLD_GLOBAL turned off. What do you think? Regards, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: Ip pool lease migration
Is it a good idea to use rlm_ippool_tool to extract leases from radA and then inserting them in radB with rlm_ippool_tool -n ? Why? Because I thought radrelay would send only accounting records and not ip lease information. :-) If you need to copy information from one server to another, see radrelay. I'm going to try it, thanks for the suggestion. Is it correct to set up two servers radA relaying to radB and radB relaying to radA ? I'd like to have an active/active radius server setup. Alan DeKok. Thanks for helping, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: Ip pool lease migration
I'm going to try it, thanks for the suggestion. Is it correct to set up two servers radA relaying to radB and radB relaying to radA ? I'd like to have an active/active radius server setup. Sorry, I didn't read the docs. :-) I have both servers using the same sql backend for accounting (not sql_ippool at the moment), so I have a doubt: If I relay one request to radB, will radB write an entry in radacct so I end up with two accounting records for the same accounting request? How could I prevent this from happening? Thanks in advance, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: R: Ip pool lease migration
Then there's a lot less reason to run two servers. You still have one central point of failure: the SQL server. The sql server is actually a mysql master/master replication cluster with one virtual IP address I pointed the servers to. I think this solution avoids s.p.o.f., isn't it? If you're insistent on running just one SQL server, you don't need to do anything on the RADIUS side for IP pools. Just point both RADIUS servers to the same SQL DB and tables, and the SQL server will sort it out. H... But ip pools are managed through local files on each radius server, the sql backend stores sessions but not ip assignement. Do I miss something? Thanks, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: R: R: Ip pool lease migration
You didn't say that... Sorry, I thought it wasn't so relevant. :-) Use sqlippool. It's the easiest way to get what you want. Ok, thanks for helping. Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: merging accounting records from two databases
Hi, Hi Stella, I ran in your problem just quite weeks ago and I solved this way: - Use mysql replication for syncing the two database (you have to make db1 slave of db2 and db2 slave of db1: every record inserted in one db will be automatically inserted in the other one) - Use heartbeat (or whatever you like most) to configure a virtual ip for the two db servers. (eg: db1 has 10.0.0.1 , db2 has 10.0.0.2, virtual ip is 10.0.0.3) - Configure sql module to point to the virtual ip (eg: 10.0.0.3) so the radius servers are unaware of the underlying mysql cluster. You can find lots of docs on google about every topi listed above. Cheers, Stella Hth, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: LSB initscript compliance
Nicolas wrote: I've written an initscript with the LSB functions for the Debian package. You may look at debian/freeradius.init in CVS head. Thanks for the hint. It's exactly what I was looking for. Nicolas Baradakis Bye, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: R: LSB initscript compliance
Hi Michael, if you write a patch, why don't you implement all of the ocf features? Writing an OCF resource is not related to freeradius, but to Linux-ha project. So I think perhaps I'll be writing that OCF resource, but no further discussion will go on on this list since (imho) it's a bit off topic. :-) Michael. Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
LSB initscript compliance
Hi all, I'd like to integrate FR 1.1.7 installation with Heartbeat-2 but it seems that the initscript /etc/init.d/freeradius is not LSB compliant, so integration is not straightforward. Is there anybody working on this (very small) issue? Greetings, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: LSB initscript compliance
What isn't compliant? The script /etc/init.d/freeradius is not compliant with these guidelines: http://www.linuxbase.org/spec/refspecs/LSB_3.0.0/LSB-Core-generic/LSB-Co re-generic/iniscrptact.html The script does not implement the status action and isn't compliant to the behavour described in the docs above. Is there anybody working on this (very small) issue? Nope. Send a patch. Ok, I'll write it asap. Alan DeKok. Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
sql failover doubt
Hi all, I set up sql failover using the redundant feature as stated in the documentation, but I still have a doubt. When I start freeradius if all mysql backend servers are up everything goes fine. If one server is down, radiusd complains because it is unable to create the corresponding module: is there a way to avoid this behavior? Thanks in advance, Francesco Cristofori. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: db_mysql.sql
Is it possible to use the one from 1.0.1 or some other version? Yes, if you use the mathing sql.conf you can use any db schema (so you don't have to convert old databases to new schemas). Joel HTH, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: R: Cisco VRF + Radius
You don't need to set up vrf templates if everyone is going to use the default radius server and default authentication and au6thorization groups. It's optional. Thanks Ivan, now it's clear I don't need templates... What does debug radius and debug ppp negotiation on Cisco say about why was the Framed-IP-Address rejected. If it fails on IPCP then your route is the problem. Since it all goes well without it ... Yes, the problem was on the nas side. Now it seems to understand and correctly assign the IP address to the cpe. Ivan Kalik Kalik Informatika ISP Thanks, Francesco Cristofori. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: Cisco VRF + Radius
Putting a User into a certain VRF is quite simple: vrfuser User-Password == topsecret Cisco-AVPair += lcp:interface-config#1=ip vrf forwarding \ VRFNAME, Thank you Gerald, this is what I need to do. I tried using this method, but I end up with access-accept reply (from radiusd -X) like this: Sending Access-Accept of id 20 to x.y.159.252 port 1645 Service-Type = Framed-User Framed-Protocol = PPP Framed-IP-Netmask = 255.255.255.255 Ascend-Client-Primary-DNS = x.y.z.1 Ascend-Client-Secondary-DNS = x.y.z.2 Session-Timeout = 2 Cisco-AVPair = lcp:interface-config#1=ip vrf forwarding Satcom Framed-IP-Address = x.y.129.239 This seems correct to me, but the NAS ignores the Framed-IP-Address so the cpe never gets an Ip address. The IP address is taken from an ippool, the other attributes are stored in sql, everything works fine without that cisco-avpair attribute. Any hint? Thanks in advance, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: Cisco VRF + Radius
Hi Kalik, thanks for your reply. I had a look at the cisco doc on vrf forwarding, but I think it's not what I need to do. I don't need to put all template items in fr, but only to select the vrf based on group which the user belongs to. Did I miss the point? Do I need to configure Templates inside radius? Thanks, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cisco VRF + Radius
Hi all, anybody has experience in setting up FR to support IP VRF for cisco equipments? Can you point me to some clear and simple configuration guide for doing that? TIA, Francesco. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius-1.1.6 - mysql failover issue - bus error -
= INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0}) SECOND), '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}', '%{Acct-Input-Octets}', '%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Acct-Terminate-Cause}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{Acct-Delay-Time}') sql: group_membership_query = SELECT GroupName FROM usergroup WHERE UserName='%{SQL-User-Name}' sql: connect_failure_retry_delay = 60 sql: simul_count_query = sql: simul_verify_query = SELECT RadAcctId, AcctSessionId, UserName, NASIPAddress, NASPortId, FramedIPAddress, CallingStationId, FramedProtocol FROM radacct WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0 sql: postauth_query = INSERT into radpostauth (id, user, pass, reply, date) values ('', '%{User-Name}', '%{User-Password:-Chap-Password}', '%{reply:Packet-Type}', NOW()) sql: safe-characters = @abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: / rlm_sql (mysql1): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (mysql1): Attempting to connect to [EMAIL PROTECTED]:3306/radius rlm_sql (mysql1): starting 0 rlm_sql (mysql1): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 Bus error Here's the relevant output from strace radiusd -X : write(1, rlm_sql (mysql1): starting 0\n, 29rlm_sql (mysql1): starting 0 ) = 29 time(NULL) = 1183449009 time(NULL) = 1183449009 write(1, rlm_sql (mysql1): Attempting to ..., 57rlm_sql (mysql1): Attempting to connect rlm_sql_mysql #0 ) = 57 time(NULL) = 1183449009 write(1, rlm_sql_mysql: Starting connect ..., 55rlm_sql_mysql: Starting connect to MySQL server for #0 ) = 55 open(/etc/services, O_RDONLY) = 5 fcntl64(5, F_GETFD) = 0 fcntl64(5, F_SETFD, FD_CLOEXEC) = 0 fstat64(5, {st_mode=S_IFREG|0644, st_size=18274, ...}) = 0 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf7a6a000 read(5, # Network services, Internet sty..., 8192) = 8192 read(5, otus Note\nlotusnote\t1352/udp\tlot..., 8192) = 8192 close(5)= 0 munmap(0xf7a6a000, 8192)= 0 rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_DFL}, 0xf7b188f8, 4294967295) = 0 stat64(/etc/mysql/my.cnf, {st_mode=S_IFREG|0644, st_size=3636, ...}) = 0 open(/etc/mysql/my.cnf, O_RDONLY|O_LARGEFILE) = 5 fstat64(5, {st_mode=S_IFREG|0644, st_size=3636, ...}) = 0 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf7a6a000 read(5, #\n# The MySQL database server co..., 8192) = 3636 open(/etc/mysql/conf.d/, O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY|0x4) = 6 fstat64(6, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 fcntl64(6, F_SETFD, FD_CLOEXEC) = 0 getdents64(6, /* 2 entries */, 8192)= 48 getdents64(6, /* 0 entries */, 8192)= 0 close(6)= 0 read(5, , 8192) = 0 close(5)= 0 munmap(0xf7a6a000, 8192)= 0 stat64(/root/.my.cnf, 0xffc8c908) = -1 ENOENT (No such file or directory) stat64(/usr/etc/my.cnf, 0xffc8c908) = -1 ENOENT (No such file or directory) socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 5 fcntl64(5, F_SETFL, O_RDONLY) = 0 fcntl64(5, F_GETFL) = 0x2 (flags O_RDWR) open(/etc/hosts, O_RDONLY)= 6 fcntl64(6, F_GETFD) = 0 fcntl64(6, F_SETFD, FD_CLOEXEC) = 0 fstat64(6, {st_mode=S_IFREG|0644, st_size=392, ...}) = 0 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf7a6a000 read(6, 127.0.0.1\tlocalhost\n10.3.0.170\tr..., 8192) = 392 --- SIGBUS (Bus error) @ 0 (0) --- +++ killed by SIGBUS +++ Any hints? Thanks in advance, Francesco Cristofori. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: freeradius-1.1.6 - mysql failover issue - bus error -
Hi all, further investigations show that it's a name resolution problem (if I put IP addresses in mysql1.conf and mysql2.conf everything works fine). So it doesn't seem to be a FR problem. Regards, Francesco Cristofori. -Messaggio originale- Da: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] freeradius .org]Per conto di Francesco Cristofori Inviato: martedì 3 luglio 2007 9.54 A: freeradius-users@lists.freeradius.org Oggetto: freeradius-1.1.6 - mysql failover issue - bus error - Hi all, I'm setting up module fail-over for mysql backend following the guide from the wiki, but something goes wrong. I included two sql.conf (mysql1.conf and mysql2.conf) in the modules section and radiusd -X reports the two files are included, but I only see the parameters from the first file get loaded and everything stops with bus error when trying to connect to the server. I checked name resolution, mysql user/password, network reachability and everything it's ok. I also set a tcpdump session on mysql1 but no packets for mysql are coming in. Then I straced radiusd execution and I noticed it fails after reading /etc/hosts (?!?). Here's the relevant output from radiusd -X: Module: Loaded SQL sql: driver = rlm_sql_mysql sql: server = mysql1.satcom.it sql: port = 3306 sql: login = radius sql: password = radius sql: radius_db = radius sql: nas_table = nas sql: sqltrace = no sql: sqltracefile = /var/log/freeradius/sqltrace.sql sql: readclients = no sql: deletestalesessions = yes sql: num_sql_socks = 100 sql: sql_user_name = %{User-Name} sql: default_user_profile = sql: query_on_not_found = no sql: authorize_check_query = SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id sql: authorize_reply_query = SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id sql: authorize_group_check_query = SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribu te,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id sql: authorize_group_reply_query = SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribu te,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id sql: accounting_onoff_query = UPDATE radacct SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime), AcctTerminateCause='%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}' WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime = '%S' sql: accounting_update_query = UPDATE radacct ? SET FramedIPAddress = '%{Framed-IP-Address}', ? AcctSessionTime = '%{Acct-Session-Time}', ? AcctInputOctets = '%{Acct-Input-Octets}', ? AcctOutputOctets = '%{Acct-Output-Octets}' ? WHERE AcctSessionId = '%{Acct-Session-Id}' ? AND UserName = '%{SQL-User-Name}' ? AND NASIPAddress= '%{NAS-IP-Address}' sql: accounting_update_query_alt = INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S',INTERVAL (%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0}) SECOND), '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Acct-Input-Octets}', '%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0') sql: accounting_start_query = INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0') sql: accounting_start_query_alt = UPDATE radacct SET AcctStartTime = '%S', AcctStartDelay = '%{Acct-Delay-Time
1.0.0 - 1.1.6 DB Schema conversion
Hi all, perhaps my question is not totally in topic, I apologize if it hurts someone. I'm going to upgrade freeradius from v.1.0.0 to v.1.1.6 and I noticed that the database structure has changed. Are there any tools to quickly migrate the db? I have checked the differences and I think it's suitable to do a smart mysqldump of the tables that changed, so I can have the dump imported in the new database. Greetings, Francesco Cristofori. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius, wireless access point and password authentication
Roberto ha scritto: Hello, I'm new to freeradius... Hi Roberto, I want to realize a sort of hot spot using freeradius, mysql (with a graphical interface creating users on it) and some access points (linksys, d-link, etc...). It seems you want to make an Authentication Gateway, so you can have a look at this: http://tldp.org/HOWTO/Authentication-Gateway-HOWTO/index.html Hth, Francesco. signature.asc Description: OpenPGP digital signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: Session section misconfiguration?
Alan, thanks for quick answering. You should probably upgrade to 1.1.3. It's the next thing in the todo list, after I have understood configuration. :-) Are there any particular caveats on upgrading or best practices I should know? If you're not using it, sure. Hmmm... I need to make a little investigation on this, but I think the only thing we use is Dialup Admin interface, and it should use sql session accounting, isn't it? Alan DeKok. Thanks again, Francesco Cristofori. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html