RE: Problem with CA.all

2009-07-29 Thread Julio Villacis Guevara 
Hi please how i do?

Thnak in advance

Ing. Julio Villacís G.
Ingeniero de Servicios
Comware S.A.
(593 4) 2690170 Ext. 4500
www.comware.com.ec
Guayaquil-Ecuador
 

-Mensaje original-
De: Alan Buxey [mailto:a.l.m.bu...@lboro.ac.uk] 
Enviado el: Wednesday, July 29, 2009 10:32 AM
Para: jvill...@comware.com.ec; FreeRadius users mailing list
CC: 'Alan DeKok'
Asunto: Re: Problem with CA.all

Hi,
> Hi How generate the certificates??

there is a new makefile and script to do the work.

alan


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Problem with CA.all

2009-07-29 Thread Julio Villacis Guevara 
Hi How generate the certificates??

Thank in advance.

Ing. Julio Villacís G.
Ingeniero de Servicios
Comware S.A.
(593 4) 2690170 Ext. 4500
www.comware.com.ec
Guayaquil-Ecuador
 
-Mensaje original-
De: Alan DeKok [mailto:al...@deployingradius.com] 
Enviado el: Wednesday, July 29, 2009 2:16 AM
Para: jvill...@comware.com.ec; FreeRadius users mailing list
Asunto: Re: Problem with CA.all

Julio Villacis Guevara wrote:
> Hi i am upgrade the version yet but the CA.all not generate serial.

  In version 2, CA.all isn't necessary.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Problem with CA.all

2009-07-28 Thread Julio Villacis Guevara 
Hi i am upgrade the version yet but the CA.all not generate serial. I find a
fix in the file CA.pl and line to create serial and this moment is ok.

The link of the fix is
http://fixunix.com/openssl/156838-ca-all-script-problem-openssl-freeradius.h
tml


Thank you 

Ing. Julio Villacís G.
Ingeniero de Servicios
Comware S.A.
(593 4) 2690170 Ext. 4500
www.comware.com.ec
Guayaquil-Ecuador
 

-Mensaje original-
De: Ivan Kalik [mailto:t...@kalik.net] 
Enviado el: Tuesday, July 28, 2009 12:21 PM
Para: jvill...@comware.com.ec; FreeRadius users mailing list
Asunto: Re: Problem with CA.all

> Hi i have a problema when execute CA.all generate the follwing messages

Upgrade to version 2.

Ivan Kalik
Kalik Informatika ISP


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Problem with CA.all

2009-07-28 Thread Julio Villacis Guevara 
Hi i have a problema when execute CA.all generate the follwing messages 

 

failed to update database

TXT_DB error number 2

 

Any idea

 

Thank in advance

 

Ing. Julio Villacís G.
Ingeniero de Servicios
Comware S.A.
(593 4) 2690170 Ext. 4500
www.comware.com.ec
Guayaquil-Ecuador

 

 

<>-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Problem with compilation

2009-07-28 Thread Julio Villacis Guevara 
Hi i install openssl and ldap and compile success

Thank you

Ing. Julio Villacís G.
Ingeniero de Servicios
Comware S.A.
(593 4) 2690170 Ext. 4500
www.comware.com.ec
Guayaquil-Ecuador
 
-Mensaje original-
De: freeradius-users-bounces+jvillaci=comware.com...@lists.freeradius.org
[mailto:freeradius-users-bounces+jvillaci=comware.com...@lists.freeradius.or
g] En nombre de Steven Carr
Enviado el: Friday, July 24, 2009 2:20 PM
Para: FreeRadius users mailing list
Asunto: Re: Problem with compilation

On 24/7/09 18:57, Julio Villacis Guevara wrote:
> I see that when executed ./configure display the following warning 
> 
> checking openssl/ssl.h usability... yes
> checking openssl/ssl.h presence... no
> configure: WARNING: openssl/ssl.h: accepted by the compiler, rejected by
the
> preprocessor!
> configure: WARNING: openssl/ssl.h: proceeding with the compiler's result

The OpenSSL you are using is not compatible with FreeRADIUS (the version
shipped with Solaris is broken). You will need to install the version
from Sunfreeware.com and then ensure when you ./configure that you add
in the correct commands to point to the right location of OpenSSL.

I did the following to get FreeRADIUS installed on our Solaris 10 box:

Install the OpenSSL and OpenLDAP packages and their dependencies from
sunfreeware.com

Then I had to do the following to get it to configure:

export PATH=$PATH:/usr/ccs/bin

./configure --with-openssl=yes --with-openssl-dir=/usr/local/ssl
--with-openssl-includes=/usr/local/ssl/include
--with-openssl-libraries=/usr/local/ssl/lib
--with-rlm-ldap-lib-dir=/usr/local/lib
--with-rlm-ldap-include-dir=/usr/local/include

After the configure had completed I could then run "make" to compile
FreeRADIUS.

After it had compiled I ran "make install" to install FreeRADIUS.

I then needed to modify the system library paths so that FreeRADIUS
could load the required libraries without any config file modifications,
this was achieved by running the following command on our system:

crle -u -l /lib:/usr/lib:/usr/local/lib:/usr/local/ssl/lib

Steve

-- 
Steven Carr
Systems Development Officer
SLS/ITS/Systems - (0191) 515 3953



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Problem with compilation

2009-07-24 Thread Julio Villacis Guevara 
Hi

Really it was absent/usr/ccs/bin.

I see that when executed ./configure display the following warning 

checking openssl/ssl.h usability... yes
checking openssl/ssl.h presence... no
configure: WARNING: openssl/ssl.h: accepted by the compiler, rejected by the
preprocessor!
configure: WARNING: openssl/ssl.h: proceeding with the compiler's result
checking for openssl/ssl.h... yes
checking openssl/crypto.h usability... yes
checking openssl/crypto.h presence... no
configure: WARNING: openssl/crypto.h: accepted by the compiler, rejected by
the preprocessor!
configure: WARNING: openssl/crypto.h: proceeding with the compiler's result
checking for openssl/crypto.h... yes
checking openssl/err.h usability... yes
checking openssl/err.h presence... no
configure: WARNING: openssl/err.h: accepted by the compiler, rejected by the
preprocessor!
configure: WARNING: openssl/err.h: proceeding with the compiler's result
checking for openssl/err.h... yes
checking openssl/evp.h usability... yes
checking openssl/evp.h presence... no
configure: WARNING: openssl/evp.h: accepted by the compiler, rejected by the
preprocessor!
configure: WARNING: openssl/evp.h: pro

Any idea

Ing. Julio Villacís G.
Ingeniero de Servicios
Comware S.A.
(593 4) 2690170 Ext. 4500
www.comware.com.ec
Guayaquil-Ecuador
 
-Mensaje original-
De: freeradius-users-bounces+jvillaci=comware.com...@lists.freeradius.org
[mailto:freeradius-users-bounces+jvillaci=comware.com...@lists.freeradius.or
g] En nombre de Steven Carr
Enviado el: Friday, July 24, 2009 12:32 PM
Para: FreeRadius users mailing list
Asunto: Re: Problem with compilation

>> false cru .libs/libfreeradius-radius.a  dict.o filters.o hash.o hmac.o
>> hmacsha1.o isaac.o log.o misc.o missing.o md4.o md5.o print.o radius.o
>> rbtree.o sha1.o snprintf.o strlcat.o strlcpy.o token.o udpfromto.o
>> valuepair.o fifo.o packet.o event.o getaddrinfo.o vqp.o
>> heap.o dhcp.o
> 
> Here you have false. so probably you are missing a tool, that configure
> could not find. (Sorry, I do not know how the tool makring static
> libraries is supposed to be named on Solaris.)Í

Amend your path to include /usr/ccs/bin then re ./configure - it is
missing the "ar" command which is locate at /usr/ccs/bin/ar (I ran fowl
of this one too).

Steve

-- 
Steven Carr
Systems Development Officer
SLS/ITS/Systems - (0191) 515 3953



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Problem with compilation

2009-07-24 Thread Julio Villacis Guevara 
Hi i am have problema with the compilation in a box SUN SPARC T6300 with
Solaris 10 the following is the messages display

gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
fifo.c -o fifo.o >/dev/null 2>&1

/export/home/install/freeradius-server-2.1.6/libtool --mode=compile gcc  -g
-O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG
-D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c packet.c

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
packet.c  -fPIC -DPIC -o .libs/packet.o

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
packet.c -o packet.o >/dev/null 2>&1

/export/home/install/freeradius-server-2.1.6/libtool --mode=compile gcc  -g
-O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG
-D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c event.c

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
event.c  -fPIC -DPIC -o .libs/event.o

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
event.c -o event.o >/dev/null 2>&1

/export/home/install/freeradius-server-2.1.6/libtool --mode=compile gcc  -g
-O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG
-D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
getaddrinfo.c

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
getaddrinfo.c  -fPIC -DPIC -o .libs/getaddrinfo.o

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
getaddrinfo.c -o getaddrinfo.o >/dev/null 2>&1

/export/home/install/freeradius-server-2.1.6/libtool --mode=compile gcc  -g
-O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG
-D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c vqp.c

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
vqp.c  -fPIC -DPIC -o .libs/vqp.o

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
vqp.c -o vqp.o >/dev/null 2>&1

/export/home/install/freeradius-server-2.1.6/libtool --mode=compile gcc  -g
-O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG
-D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c heap.c

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
heap.c  -fPIC -DPIC -o .libs/heap.o

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
heap.c -o heap.o >/dev/null 2>&1

/export/home/install/freeradius-server-2.1.6/libtool --mode=compile gcc  -g
-O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG
-D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c dhcp.c

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
dhcp.c  -fPIC -DPIC -o .libs/dhcp.o

 gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE
-DNDEBUG -D_LIBRADIUS -I/export/home/install/freeradius-server-2.1.6/src -c
dhcp.c -o dhcp.o >/dev/null 2>&1

/export/home/install/freeradius-server-2.1.6/libtool --mode=link gcc
-release 2.1.6 \

 -export-dynamic -o libfreeradius-radius.la -rpath /usr/local/lib
dict.lo filters.lo hash.lo hmac.lo hmacsha1.lo isaac.lo log.lo misc.lo
missing.lo md4.lo md5.lo print.lo radius.lo rbtree.lo sha1.lo snprintf.lo
strlcat.lo strlcpy.lo token.lo udpfromto.lo valuepair.lo fifo.lo packet.lo
event.lo getaddrinfo.lo vqp.lo heap.lo dhcp.lo

gcc -shared -Wl,-h -Wl,libfreeradius-radius-2.1.6.so -o
.libs/libfreeradius-radius-2.1.6.so  .libs/dict.o .libs/filters.o
.libs/hash.o .libs/hmac.o .libs/hmacsha1.o .libs/isaac.o .libs/log.o
.libs/misc.o .libs/missing.o .libs/md4.o .libs/md5.o .libs/print.o
.libs/radius.o .libs/rbtree.o .libs/sha1.o .libs/snprintf.o .libs/strlcat.o
.libs/strlcpy.o .libs/token.o .libs/udpfromto.o .libs/valuepair.o
.libs/fifo.o .libs/packet.o .libs/event.o .libs/getaddrinfo.o .libs/vqp.o
.libs/heap.o .libs/dhcp.o  -lc

(cd .libs && rm -f libfreeradius-radius.so && ln -s
libfreeradius-radius-2.1.6.so libfreeradius-radius.so)

false cru .libs/libfreeradius-radius.a  dict.o filters.o hash

RE: Help About Peap

2009-07-23 Thread Julio Villacis Guevara 
Hi The configuration was done as this in the document, I can send the file
of configuration of radiusd.conf?

Ing. Julio Villacís G.
Ingeniero de Servicios
Comware S.A.
(593 4) 2690170 Ext. 4500
www.comware.com.ec
Guayaquil-Ecuador
 
-Mensaje original-
De: Ivan Kalik [mailto:t...@kalik.net] 
Enviado el: Thursday, July 23, 2009 8:16 AM
Para: jvill...@comware.com.ec; FreeRadius users mailing list
Asunto: RE: Help About Peap

> Hi I have a problem with PEAP-RADIUS-AD. I follow the configuration that
> find in this link
> http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
>
> Samba configuration ok and test (wbinfo ?u)
>
> Kerberos ok and test (kinit user)
>
> Radius radtest ok
>
> When the XP try login respond radius login incorrect.
>
> Attach messages of the radius server files.

You have stripped the username and broken EAP. That is not in the manual.

Ivan Kalik
Kalik Informatika ISP


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Help About Peap

2009-07-23 Thread Julio Villacis Guevara 
Hi I have a problem with PEAP-RADIUS-AD. I follow the configuration that
find in this link
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO 

 

Samba configuration ok and test (wbinfo –u)

Kerberos ok and test (kinit user)

Radius install and configuration in Solaris SPARC the version is 1.1.7
download of sunfreeware with all depences (
 openssl-0.9.8k,
 netsnmp,
 gdbm,
 openldap,
 mysql,
 zlib,
 sasl,
 libtool,
 libgcc-3.4.6)
installed

Radius radtest ok

 



When the XP try login respond radius login incorrect.

 

Attach messages of the radius server files.

 

Thanks in advance

 

Ing. Julio Villacís G.
Ingeniero de Servicios
Comware S.A.
(593 4) 2690170 Ext. 4500
www.comware.com.ec
Guayaquil-Ecuador

 

 

<><>Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /usr/local/etc/raddb/proxy.conf
Config:   including file: /usr/local/etc/raddb/clients.conf
Config:   including file: /usr/local/etc/raddb/snmp.conf
Config:   including file: /usr/local/etc/raddb/eap.conf
Config:   including file: /usr/local/etc/raddb/sql.conf
 main: prefix = "/usr/local"
 main: localstatedir = "/usr/local/var"
 main: logdir = "/usr/local/var/log/radius"
 main: libdir = "/usr/local/lib"
 main: radacctdir = "/usr/local/var/log/radius/radacct"
 main: hostname_lookups = no
 main: snmp = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/usr/local/var/log/radius/radius.log"
 main: log_auth = yes
 main: log_auth_badpass = yes
 main: log_auth_goodpass = yes
 main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
 main: user = "(null)"
 main: group = "(null)"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/local/sbin/checkrad"
 main: proxy_requests = no
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = no
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec 
 exec: wait = yes
 exec: program = "(null)"
 exec: input_pairs = "request"
 exec: output_pairs = "(null)"
 exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec) 
Module: Loaded expr 
Module: Instantiated expr (expr) 
Module: Loaded PAP 
 pap: encryption_scheme = "crypt"
 pap: auto_header = no
Module: Instantiated pap (pap) 
Module: Loaded CHAP 
Module: Instantiated chap (chap) 
Module: Loaded MS-CHAP 
 mschap: use_mppe = yes
 mschap: require_encryption = no
 mschap: require_strong = no
 mschap: with_ntdomain_hack = yes
 mschap: passwd = "(null)"
 mschap: ntlm_auth = "/usr/sfw/bin/ntlm_auth --request-nt-key 
--domainname=%(mschap:NT-Domain:-CTG) --username=%{mschap:User-Name:-None} 
--challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
Module: Instantiated mschap (mschap) 
 exec: wait = yes
 exec: program = "/usr/sfw/bin/ntlm_auth ntlm_auth --request-nt-key 
--domain=CTG --username=%{mschap:User-Name} --password=%{User-Password}"
 exec: input_pairs = "request"
 exec: output_pairs = "(null)"
 exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (ntlm_auth) 
Module: Loaded System 
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "(null)"
 unix: group = "(null)"
 unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix) 
Module: Loaded eap 
 eap: default_eap_type = "ttls"
 eap: timer_expire = 60
 eap: ignore_unknown_eap_types = no
 eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
 gtc: challenge = "Password: "
 gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
 tls: rsa_key_exchange = no
 tls: dh_key_exchange =