Re: mysql Accounting not working
on the sql.conf add sqltrace = yes
start up with radiusd -X and see what happen.
You test the mysql conneciotn from the SAME host that freeradius?
On 7/14/05, Leonardo Valente [EMAIL PROTECTED] wrote:
Hello,
I use Debian Linux Sarge, kernel 2.6.8-2(368),
freeradius 1.0.2, and I'm trying to configure
freeradius + mysql Accounting.
I created database from script db_mysql.sql, and
created a user to access database with full
privileges. I tested to access database from another
host and it's fine.
I can get authentication from localhost and another
host. BUT freeradius is not insert accounting
information in database.
I used freeradius -X to get some debug information
and I can't see it doing INSERT. But I know that
freeradius connect into database when I start the
daemon, I could see that in mysql.log.
I looked into mysql.log and freeradius is not doing
INSERT.
Database name, database username, password and host
are set in sql.conf. And accounting tag from
radiusd.conf is:
---
accounting {
sql
}
Someone can tell me if I forgot some configuration? I
just wanna do Mysql Accounting...
Thanks in advance
-
Dize-me tuas comunidades e te direi quem és...
Leonardo Valente
MSN: [EMAIL PROTECTED]
__
Converse com seus amigos em tempo real com o Yahoo! Messenger
http://br.download.yahoo.com/messenger/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Postauth_query semi-duplicates records...
Hi!
I've changed the postauth_query from the sql.conf to insert there some
extra info (and changed the BD table to reflect this).
postauth_query = INSERT into ${postauth_table} (id, user, date,
clt_mac, ap_mac, ap_ip, ap_id) values ('', '%{User-Name}', NOW(),
'%{Calling-Station-Id}', '%{Called-Station-Id}', '%{NAS-IP-Address}',
'%{NAS-Identifier}')
The wierd thing is that when a EAP/TLS client joins, the record on the
BD keeps their info well. BUT, when a EAP/PEAP client authenticates,
the record it's almost duplicated:
++--++---+---+--+---+
| id | user | date | clt_mac | ap_mac
| ap_ip| ap_id |
++--++---+---+--+---+
| 49 | john| 20050713132540 | 00-0b-7d-0f-f7-35 |
00-0c-41-b1-37-07 | 192.168.20.7 | Linksys BEFW11S4-V4.X |
| 50 | jairo| 20050713132629 | |
| | |
| 51 | jairo| 20050713132629 | 00-0b-7d-0f-f7-35 |
00-0c-41-b1-37-07 | 192.168.20.7 | Linksys BEFW11S4-V4.X |
++--++---+---+--+---+
Here, john it's a EAP/TLS auth. and jairo is the EAP/PEAP auth.
On the server debug i see:
modcall: entering group post-auth for request 47
rlm_sql (sql): Processing sql_postauth
radius_xlat: 'jairo'
rlm_sql (sql): sql_set_user escaped user -- 'jairo'
radius_xlat: 'INSERT into radpostauth (id, user, date, clt_mac,
ap_mac, ap_ip, ap_id) values ('', '
jairo', NOW(), '00-0b-7d-0f-f7-35', '00-0c-41-b1-37-07',
'192.168.20.7', 'Linksys BEFW11S4-V4.X')'
rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id,
user, date, clt_mac, ap_mac, ap
_ip, ap_id) values ('', 'jairo', NOW(), '00-0b-7d-0f-f7-35',
'00-0c-41-b1-37-07', '192.168.20.7', 'L
inksys BEFW11S4-V4.X')
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql (sql): Released sql socket id: 0
modcall[post-auth]: module sql returns ok for request 47
modcall: group post-auth returns ok for request 47
and that SEEMS ok, but, on the DB appears 2 records for that query.
Do you know why is happening this?
Thks!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Tunneled authentication rejected on PEAP
Hi!
I'm receiving a rlm_eap_peap: Had sent TLV failure, rejecting. on
the end of the debug when trying to auth EAP/PEAP XP-SP2 client.
Looking earlier, on the debug, i'd see:
-
rad_check_password: Found Auth-Type EAP
auth: type EAP
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
ERROR: Unknown value specified for Auth-Type. Cannot perform
requested action.
rlm_eap: Freeing handler
modcall[authenticate]: module eap returns reject for request 6
modcall: group authenticate returns reject for request 6
auth: Failed to validate the user.
PEAP: Tunneled authentication was rejected.
rlm_eap_peap: FAILURE
-
But... now i don't know if the mschapv2 is the value that is Unknow
or what value is unknow for the auth?
Please, help me telling me what i doing wrong?
Thanks in advice for your help.
radiusd.conf:
-
prefix = /programas/freeradius2
exec_prefix = ${prefix}
sysconfdir = ${prefix}/etc
localstatedir = ${prefix}/var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/radiusd
log_file = ${logdir}/radius.log
libdir = ${exec_prefix}/lib
pidfile = ${run_dir}/radiusd.pid
max_request_time = 30
delete_blocked_requests = no
cleanup_delay = 5
max_requests = 1024
bind_address = *
port = 0
hostname_lookups = no
allow_core_dumps = no
regular_expressions = yes
extended_expressions= yes
log_stripped_names = no
log_auth = no
log_auth_badpass = no
log_auth_goodpass = no
usercollide = no
lower_user = no
lower_pass = no
nospace_user = no
nospace_pass = no
checkrad = ${sbindir}/checkrad
security {
max_attributes = 200
reject_delay = 1
status_server = no
}
proxy_requests = no
$INCLUDE ${confdir}/clients.conf
snmp= no
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
}
modules {
pap {
encryption_scheme = crypt
}
chap {
authtype = CHAP
}
pam {
pam_auth = radiusd
}
unix {
cache = no
cache_reload = 600
radwtmp = ${logdir}/radwtmp
}
$INCLUDE ${confdir}/eap.conf
mschap {
authtype = MS-CHAP
}
ldap {
server = ldap.your.domain
basedn = o=My Org,c=UA
filter = (uid=%{Stripped-User-Name:-%{User-Name}})
start_tls = no
access_attr = dialupAccess
dictionary_mapping = ${raddbdir}/ldap.attrmap
ldap_connections_number = 5
timeout = 4
timelimit = 3
net_timeout = 1
}
checkval {
item-name = Calling-Station-Id
check-name = Calling-Station-Id
data-type = string
}
with_cisco_vsa_hack = no
files {
usersfile = ${confdir}/users
acctusersfile = ${confdir}/acct_users
preproxy_usersfile = ${confdir}/preproxy_users
compat = no
}
detail {
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
detailperm = 0600
}
acct_unique {
key = User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port
}
$INCLUDE ${confdir}/sql.conf
radutmp {
filename = ${logdir}/radutmp
username = %{User-Name}
case_sensitive = yes
check_with_nas = yes
perm = 0600
callerid = yes
}
radutmp sradutmp {
filename = ${logdir}/sradutmp
perm = 0644
callerid = no
}
attr_filter {
attrsfile = ${confdir}/attrs
}
counter daily {
filename = ${raddbdir}/db.daily
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
allowed-servicetype = Framed-User
cache-size = 5000
}
always fail {
rcode = fail
}
always reject {
rcode = reject
}
always ok {
rcode = ok
simulcount = 0
mpp = no
}
expr {
}
digest {
}
exec {
wait = yes
input_pairs = request
}
exec echo {
wait = yes
Re: Tunneled authentication rejected on PEAP
Thks for the reply.
Just below the eap.conf include line:
-
$INCLUDE ${confdir}/eap.conf
mschap {
authtype = MS-CHAP
-
That, with the commented lines would be:
-
$INCLUDE ${confdir}/eap.conf
# Microsoft CHAP authentication
#
# This module supports MS-CHAP and MS-CHAPv2 authentication.
# It also enforces the SMB-Account-Ctrl attribute.
#
mschap {
#
# As of 0.9, the mschap module does NOT support
# reading from /etc/smbpasswd.
#
# If you are using /etc/smbpasswd, see the 'passwd'
# module for an example of how to use /etc/smbpasswd
# authtype value, if present, will be used
# to overwrite (or add) Auth-Type during
# authorization. Normally should be MS-CHAP
authtype = MS-CHAP
# if use_mppe is not set to no mschap will
# add MS-CHAP-MPPE-Keys for MS-CHAPv1 and
# MS-MPPE-Recv-Key/MS-MPPE-Send-Key for MS-CHAPv2
#
#use_mppe = no
# if mppe is enabled require_encryption makes
# encryption moderate
#
#require_encryption = yes
# require_strong always requires 128 bit key
# encryption
#
#require_strong = yes
# Windows sends us a username in the form of
# DOMAIN\user, but sends the challenge response
# based on only the user portion. This hack
# corrects for that incorrect behavior.
#
#with_ntdomain_hack = no
# The module can perform authentication itself, OR
# use a Windows Domain Controller. This configuration
# directive tells the module to call the ntlm_auth
# program, which will do the authentication, and return
# the NT-Key. Note that you MUST have winbindd and
# nmbd running on the local machine for ntlm_auth
# to work. See the ntlm_auth program documentation
# for details.
#
# Be VERY careful when editing the following line!
#
#ntlm_auth = /path/to/ntlm_auth --request-nt-key
--username=%{Stripped-User-Name:-%
{User-Name:-None}} --challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}
}
That's the module definition from radiusd.conf. No?
On 7/12/05, Alan DeKok [EMAIL PROTECTED] wrote:
Mario Alberto Cruz Gartner [EMAIL PROTECTED] wrote:
Looking earlier, on the debug, i'd see:
-
...
rlm_eap: processing type mschapv2
ERROR: Unknown value specified for Auth-Type. Cannot perform
requested action.
...
But... now i don't know if the mschapv2 is the value that is Unknow
or what value is unknow for the auth?
The EAP-MSCHAPv2 code uses the mschap module for authentication.
Please, help me telling me what i doing wrong?
You deleted the mschap module from radiusd.conf. Don't do that.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problems with the PEAP configuration
Hi! I'd finally knew why the client (Xp-SP2) was sending the username PEAP-MacAddress to the radius. I have installed the Cisco Aironet Client Utility (and the aironet drivers), and this software changed the EAP methods on XP and sends the mentioned user instead of the real one when tries PEAP auth. Now, the real username comes to the radius, the authorize comes ok, but the authenticate returns handled and the client doesn't authenticates well. I was looking the debug output and now i don't see where i can dig for details. EAP/TLS works fine already. Maybe i'm misleading something? What i'm doing wrong? Again, thks a lot for your help, it's annoying answer to too many similar questions, i know, but i didn't find something to do now of this. AND, i was thinking on make an updated version of the guides so ppl with less exp (like me!) can read and don't disturb you. =) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems with the PEAP configuration
-Message = 0x025300c0198000b6160301008610820080c0337c715dc7bb20f9f3ae1c93ce91eeda23be9896f04a24a1a7eaa6c51d638f8fc423ff24639244ed837813aa94a1a1a4c8a25cbcb2a90d23ef570c7f4a4b77dbeda413aec277fd687a5e2798f6ce785ee93f517ed0ecab1f0f8ec59e208bebfc34c424df943b2996d3beba71dfe26d2434a3204ad3254ff966a329baa096c514030100010116030100209700c2ca07ba2fdfc3915277a9605110f596184a58fd99d554c3a8d15db4155d Message-Authenticator = 0x83310e6f7130347158203374e0a4ddaf Processing the authorize section of radiusd.conf modcall: entering group authorize for request 5 radius_xlat: 'jairo' rlm_sql (sql): sql_set_user escaped user -- 'jairo' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'jairo' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 0 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'jairo' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'jairo' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'jairo' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 0 modcall[authorize]: module sql returns ok for request 5 modcall: group authorize returns ok for request 5 rad_check_password: Found Auth-Type Eap auth: type EAP Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 5 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: TLS 1.0 Handshake [length 0086], ClientKeyExchange TLS_accept: SSLv3 read client key exchange A rlm_eap_tls: TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A rlm_eap_tls: TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept: SSLv3 write change cipher spec A rlm_eap_tls: TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module eap returns handled for request 5 modcall: group authenticate returns handled for request 5 Sending Access-Challenge of id 137 to 192.168.20.7:55048 EAP-Message = 0x0154003119001403010001011603010020533c1f673a3aee80f1deaaed2ff144a756db39c16558b0aceda3820f62eaa87c Message-Authenticator = 0x State = 0x1aa36da01070891e38754bc1d457eb2b Finished request 5 Going to the next request Waking up in 6 seconds... On 7/8/05, Mario Alberto Cruz Gartner [EMAIL PROTECTED] wrote: Hi! I'd finally knew why the client (Xp-SP2) was sending the username PEAP-MacAddress to the radius. I have installed the Cisco Aironet Client Utility (and the aironet drivers), and this software changed the EAP methods on XP and sends the mentioned user instead of the real one when tries PEAP auth. Now, the real username comes to the radius, the authorize comes ok, but the authenticate returns handled and the client doesn't authenticates well. I was looking the debug output and now i don't see where i can dig for details. EAP/TLS works fine already. Maybe i'm misleading something? What i'm doing wrong? Again, thks a lot for your help, it's annoying answer to too many similar questions, i know, but i didn't find something to do now of this. AND, i was thinking on make an updated version of the guides so ppl with less exp (like me!) can read and don't disturb you. =) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PEAP docs
Maybe http://howtos.linux.com/howtos/8021X-HOWTO/freeradius.shtml and http://www.dslreports.com/forum/remark,9286052~mode=flat could help you! On 7/7/05, Albrecht, Robert-Manfred [EMAIL PROTECTED] wrote: Hello, some months I had a cool document describing the installation of freeradius for eap-peap (over wlan) with windows as client. I lost the url. Could anyone forward me the url ? Regard, Robert - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: segmentation fault caused by sql ?
I'd had a similar segmentation fault when i'd try to use the sql
module and the freeradius installation doesn't include the mysqlclient
libraries.
I've installed the libraries on the system, reconfigure, make, make
install again and it works fine!
On 7/6/05, vicky [EMAIL PROTECTED] wrote:
Hi all!
I have a segmentation fault and it scares me. I have attached the output
of radiusd -X with this e-mail.
It is not because the database is not there because when I connect to it
manually it works.
Is is permission issues? Is it a driver problem?
Thanks for any help I can get!
--Vicky
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /opt/freeradius/etc/raddb/proxy.conf
Config: including file: /opt/freeradius/etc/raddb/trs_proxy.conf
Config: including file: /opt/freeradius/etc/raddb/clients.conf
Config: including file: /opt/freeradius/etc/raddb/trs_clients.conf
Config: including file: /opt/freeradius/etc/raddb/snmp.conf
Config: including file: /opt/freeradius/etc/raddb/sqlcounter.conf
Config: including file: /opt/freeradius/etc/raddb/eap.conf
Config: including file: /opt/freeradius/etc/raddb/sql.conf
main: prefix = /opt/freeradius
main: localstatedir = /opt/freeradius/var
main: logdir = /opt/freeradius/var/log/radius
main: libdir = /opt/freeradius/lib
main: radacctdir = /opt/freeradius/var/log/radius/radacct
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /opt/freeradius/var/log/radius/radius.log
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = no
main: pidfile = /opt/freeradius/var/run/radiusd/radiusd.pid
main: user = trustive
main: group = trustive
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /opt/freeradius/sbin/checkrad
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /opt/freeradius/lib
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
mschap: ntlm_auth = (null)
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = (null)
unix: shadow = (null)
unix: group = (null)
unix: radwtmp = /opt/freeradius/var/log/radius/radwtmp
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = md5
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = Password:
gtc: auth_type = PAP
rlm_eap: Loaded and initialized type gtc
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded attr_rewrite
attr_rewrite: attribute = User-Name
attr_rewrite: searchfor = promo.*
attr_rewrite: searchin = packet
attr_rewrite: replacewith = %{User-Password}
attr_rewrite: append = no
attr_rewrite: ignore_case = no
attr_rewrite: new_attribute = no
attr_rewrite: max_matches = 10
Module: Instantiated attr_rewrite (attr_rewrite)
Module: Loaded preprocess
preprocess: huntgroups = /opt/freeradius/etc/raddb/huntgroups
preprocess: hints = /opt/freeradius/etc/raddb/hints
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded detail
detail: detailfile =
/opt/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (auth_log)
Module: Loaded realm
realm: format = prefix
realm: delimiter = /
realm: ignore_default = yes
realm: ignore_null = yes
Authorize, Authenticate.. EAP
Hi! After read some of the guides for the EAP/(TLS/TTLS/PEAP) setup i was wondering why major of them indicate put eap on the authorize section of radiusd.conf Obiosuly, on the authenticate section eap must be set, but, on the authorize section? I have a working installation with EAP/TLS but the authorize sections just points to the mysql server (via the sql directive). What specifically do the eap module when its called from the authorize section? I'm asking this because i noted that always accpeted the user, and passed to the authenticate. I'm wrong? confused or simply missed something? The guides show us some extra steps that doesn't are necessary? Thks a lot! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRADIUS 1.0.4 has been released.
OK! That solves the problem! I'd compiled succesfully freeradius-1.0.4 on a FB 4.11 machine with the indicated diff. Thks a lot for the colaboration Andrew! On 6/20/05, Andrew Thompson [EMAIL PROTECTED] wrote: On Mon, Jun 20, 2005 at 11:22:14AM -0400, Alan DeKok wrote: Andrew Thompson [EMAIL PROTECTED] wrote: Are you using the port becuase that problem has been fixed. If not then you will want the patch in: net/freeradius/files/patch-src-modules-rlm_attr_rewrite-rlm_attr_rewrite.c Is it something which can get pulled into FreeRADIUS? This problem only applies to FreeBSD 4.x and not the newer releases (5.0). It requires sys/types.h to be included before regex.h. --- src/modules/rlm_attr_rewrite/rlm_attr_rewrite.c.origSat Jun 18 14:29:43 2005 +++ src/modules/rlm_attr_rewrite/rlm_attr_rewrite.c Sat Jun 18 14:31:48 2005 @@ -27,6 +27,7 @@ #include stdio.h #include stdlib.h #include string.h +#include sys/types.h #ifdef HAVE_REGEX_H # include regex.h #endif Previously this was being pulled in from libradius.h, but that was removed 7 weeks ago. I am happy to keep this as a local patch as it is only a quirk of 4.x and the port properly patches it. Andrew - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Ayuda con radius
Es correcto. Pero en esta lista encontrarás (en Inglés) muy buena información, consejos, guías y ayudas para la implementación que buscas. De los pocos URL que conozco en español, sobre el Freeradius, indicando como se instala y configura en un sistema FreeBSD: http://www.computeridea.net/Actualidad/Paso_a_paso/Seguridad/Sistemas_de_protecci%C3%B3n/20041112023 Defnitivamente, el inglés os espera para resolver tus dudas a fondo. On 5/24/05, Alex Moreno [EMAIL PROTECTED] wrote: Hola Igor, mi proyecto final de carrera usa, entre otras muchas cosas, freeradius. No se exactamente que quieres hacer pero quizá nocat o chillispot te sirva de algo para el tema de autentificación, en conjunción con radius (es como lo tengo yo). Otra cosa, esta lista es de habla inglesa así que es muy probable que, excepto yo, poca gente más te conteste ;-). greetings. On 5/24/05, Igor Larrea [EMAIL PROTECTED] wrote: Hola a todos, soy un chico de Bilbao que quiere implantar una arquitectura de red Wi-Fi segura mediante 802.11i usando WPA-Enterprise con un servidor de autenticación RADIUS y un router (Linksys WRT54G) que haga de authenticator. La verdad estoy empezando a mirar cosillas, pero no se por donde empezar,no encuentro demasiada información de como montar el servidor... ni k sw que usar o como usarlo. Encima WPA-Enterprise es demasiado nuevo, no conozco a nadie que lo esté utilizando, en fín y para más inri, tampoco soy un artista en Linux, cosa que espero mejorar poquito a poco. Tenia pensado instalar una Debian, pero tampoco lo tengo claro.. En fín ya veis que no se ni como empezar, si me pudieseis echar una mano y mandarme información al respecto , o links, o ponerme en contacto con alguien que ya tenga implantado un servidor raduis... estaría muy agradecido. Sin más un cordial saludo Igor Larrea __ Renovamos el Correo Yahoo! Nuevos servicios, más seguridad http://correo.yahoo.es - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
