ap telabria and freeradius
Hi. Anyone who has experiences configuring telabria to authenticate with freeradius, plz help me. I'm stuck. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Dialup-Admin & mysql Problems help plz!
Set sql_debug = no in admin.conf -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nicholas Briere Sent: Thursday, August 04, 2005 2:13 PM To: freeradius-users@lists.freeradius.org Subject: Dialup-Admin & mysql Problems help plz! hello i just installed Freeradius and Freeradius DialupAdmin (with mysql support) i changed the admin.conf so its using the correct db username/password. When i click on quite a few links Like Create New Group i get this atop of the New Group Page DEBUG(SQL,MYSQL DRIVER): Query: SELECT DISTINCT groupname FROM usergroup; DEBUG(SQL,MYSQL DRIVER): Query Result: then below under the word ' prefrences for new group ' DEBUG(SQL,MYSQL DRIVER): Query: SELECT attribute,value ,op FROM radgroupcheck WHERE groupname = ''; DEBUG(SQL,MYSQL DRIVER): Query Result: Num rows:: 0 DEBUG(SQL,MYSQL DRIVER): Query Result: DEBUG(SQL,MYSQL DRIVER): Query: SELECT attribute,value ,op FROM radgroupreply WHERE groupname = ''; DEBUG(SQL,MYSQL DRIVER): Query Result: Num rows:: 0 DEBUG(SQL,MYSQL DRIVER): Query Result: DEBUG(SQL,MYSQL DRIVER): Query: SELECT username FROM usergroup WHERE groupname = '' ORDER BY username; DEBUG(SQL,MYSQL DRIVER): Query Result: Num rows:: 0 DEBUG(SQL,MYSQL DRIVER): Query Result: Under " create a new User " i get DEBUG(SQL,MYSQL DRIVER): Query: SELECT DISTINCT groupname FROM usergroup; DEBUG(SQL,MYSQL DRIVER): Query Result: im using Debian (sarge) / apache 1.3 / php4 / mysql 4.0.24-10 Any help on this would be great as im Quite new the 'radius' enviroment and these sql errors have caused alot of headaches for me :) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Regarding checkrad
mmm.. can I just check double login, perhaps by query database only without snmpwalk to ap. $sql = "SELECT COUNT(*) FROM radcheck WHERE Username='ultrabalad' AND AccTime=0; Once the result is equal to 1, freeradius will kick second login. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, August 04, 2005 11:00 AM To: FreeRadius users mailing list Subject: Re: Regarding checkrad "Nurul Faizal M.Shukeri" <[EMAIL PROTECTED]> wrote: > Any suggestion for solution, perhaps my server configuration. I'm stupid > about snmp. It's not the server. It's the NAS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Regarding checkrad
Hi Alan, Any suggestion for solution, perhaps my server configuration. I'm stupid about snmp. Thanks -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nurul Faizal M.Shukeri Sent: Thursday, August 04, 2005 8:57 AM To: 'FreeRadius users mailing list' Subject: RE: Regarding checkrad Thank Alan, perhaps my AP problem, coz I already enable the feature. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, August 04, 2005 12:28 AM To: FreeRadius users mailing list Subject: Re: Regarding checkrad "Nurul Faizal M.Shukeri" <[EMAIL PROTECTED]> wrote: > My ap is cisco 340 and I already enable snmp feature. I don't know what the > problem is. Plz help me. Checkrad isn't able to talk to the AP. The AP isn't listening on SNMP. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Regarding checkrad
Thank Alan, perhaps my AP problem, coz I already enable the feature. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, August 04, 2005 12:28 AM To: FreeRadius users mailing list Subject: Re: Regarding checkrad "Nurul Faizal M.Shukeri" <[EMAIL PROTECTED]> wrote: > My ap is cisco 340 and I already enable snmp feature. I don't know what the > problem is. Plz help me. Checkrad isn't able to talk to the AP. The AP isn't listening on SNMP. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Regarding checkrad
Hi all... I'm trying to use checkrad to check for double login. I have read doc/Simultaneous-Use. The problem is when I'm trying to use checkrad, this is the output :- sony# checkrad cisco 10.201.1.3 37 ultrabalad 3706 Timeout: No Response from 10.201.1.3. Timeout: No Response from 10.201.1.3 My ap is cisco 340 and I already enable snmp feature. I don't know what the problem is. Plz help me. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: About client web authentication
mmm... I understand now. That's mean I need to do something with AP / Switch not to my server TQ very much to everyone.. TQ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Artur Hecker Sent: Thursday, March 10, 2005 3:47 AM To: freeradius-users@lists.freeradius.org Subject: Re: About client web authentication Nurul probably means client isolation. Nurul, your issues are not really related to freeradius. You can authenticate over whatever you want to freeradius. However, that's not your point. For what you want to do, you need to setup the access controller which is just another NAS in AAA slang. WLAN client isolation is a purely NAS internal functionality. You have to do that at the access point (a L3 firewall can not achieve that since the packets are forwarded on L2). So, take a look at hotspot-like access controllers which provide captive portal functionality. There is "nocat" e.g. but a lot of others do the same. There are also a lot of commercial products. hope that helps. if you need more help, try to ask offline. ciao artur Marcin Jessa wrote: > I have no idea what you are talking about. > If you mean that WLAN users will be able to talk to eachother after authentication then yes, that's the whole point of opening the network. > You need to describe your network first. > > > On Thu, 10 Mar 2005 15:56:36 -0800 > "Nurul Faizal M.Shukeri" <[EMAIL PROTECTED]> wrote: > > >>Tq 4 ur response >> >>But if I do this, wlan user still can access each other. How to protect >>that? Is that mod_auth_radius that I'm looking for? >> >>TQ >> >>-Original Message- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED] On Behalf Of Marcin >>Jessa >>Sent: Wednesday, March 09, 2005 6:31 PM >>To: freeradius-users@lists.freeradius.org >>Subject: Re: About client web authentication >> >>You need some kind of hotspot server like routeros or staros. >>Or you can do that with Squid and custom firewalling rules to open >>connections from i.e. PPTP authenticated users. >> >> >> >>On Thu, 10 Mar 2005 09:28:01 -0800 >>"Nurul Faizal M.Shukeri" <[EMAIL PROTECTED]> wrote: >> >> >>>Hi everyone., >>> >>>Can anyone explain how to deploy client web authentication. I'm using >>>freeradius to authenticate wireless user. For the time being I'm just >>>installed Aegis or 802.1X built in windows to be supplicant. Anyone, plz >>>help me . >>> >>>TQ very much >>> >>> >>>- >>>List info/subscribe/unsubscribe? See >> >>http://www.freeradius.org/list/users.html >> >> >>-- >> >>Regards, >>M. Jessa >>Software developer/System Administrator >>http://www.yazzy.org >> >> >> >> >> >> >>- >>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: About client web authentication
Tq 4 ur response But if I do this, wlan user still can access each other. How to protect that? Is that mod_auth_radius that I'm looking for? TQ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marcin Jessa Sent: Wednesday, March 09, 2005 6:31 PM To: freeradius-users@lists.freeradius.org Subject: Re: About client web authentication You need some kind of hotspot server like routeros or staros. Or you can do that with Squid and custom firewalling rules to open connections from i.e. PPTP authenticated users. On Thu, 10 Mar 2005 09:28:01 -0800 "Nurul Faizal M.Shukeri" <[EMAIL PROTECTED]> wrote: > Hi everyone., > > Can anyone explain how to deploy client web authentication. I'm using > freeradius to authenticate wireless user. For the time being I'm just > installed Aegis or 802.1X built in windows to be supplicant. Anyone, plz > help me . > > TQ very much > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Regards, M. Jessa Software developer/System Administrator http://www.yazzy.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
About client web authentication
Hi everyone., Can anyone explain how to deploy client web authentication. I'm using freeradius to authenticate wireless user. For the time being I'm just installed Aegis or 802.1X built in windows to be supplicant. Anyone, plz help me . TQ very much - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Configure 802.1x on Mac OS X
Hi, Anyone plz help me. I don’t know how to configure 802.1x on Mac OS X. I already update the latest airport 4.0 but still cannot authenticate. Windows XP & 2000 can but not Mac OS X. TQ
RE: Freeradius-Users digest, Vol 1 #4060 - 12 msgs
>> I would like to monitor my users(wireless) and I try writing a system and >> I'm using table radacct. But value for Calling-Station-Id is not recorded >> and we are using DHCP server.All user can get ip address from dhcp but my >> radius server doesn't record it. Can anyone help me how to grab users ip and >> mac address ? >> >in your situation RADIUS is not managing the IP pools. DCHP is doing that >and you have to look to your dhcp server configuration and log files. >As for Calling-Station-ID, I presume you are looking for the MAC address >of the requestor. First off, DHCP logs that (assuming you have logging >turned on in DHCP etc.). Second if the RADIUS client (which is NOT the >end-user) doesn't supply a value for Calling-Station-ID freeradius can't >very well log it for you. I still don't undertstand. Why I can't grab ip and mac address of requestor. Perhaps ip but mac address is appear when Access-Request: rad_recv: Access-Request packet from host 10.201.8.1:4016, id=221, length=183 User-Name = "nurulfaizal.kb23687" NAS-IP-Address = 10.201.8.1 Called-Station-Id = "00409656abfb" -> Calling-Station-Id = "00032f042f51" NAS-Identifier = "AP350-56abfb" NAS-Port = 37 Framed-MTU = 1400 State = 0x1d3be2a084a942dde9ec62e4fc93063d NAS-Port-Type = Wireless-802.11 EAP-Message = 0x020900261900170301001b4ae46d616dba0cea39cf42f90ce91e3ec9b4aa71af6df8d06be2 72 Message-Authenticator = 0xbc714574fa8945c2f384bb0dde7a58fe Plz help me how to grab this mac address, so that I can manipulate it with expat to kick bad user immediately.. plz help me P/S : My NAS is Cisco 350 AP and I;m using PEAP to authenticate. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
How to grab users IP and MAC Address
Hi, I would like to monitor my users(wireless) and I try writing a system and I'm using table radacct. But value for Calling-Station-Id is not recorded and we are using DHCP server.All user can get ip address from dhcp but my radius server doesn't record it. Can anyone help me how to grab users ip and mac address ? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Check Multiple Calling-Station-Id in mysql
>Message: 1 >From: "Lim Han Shyong" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Subject: RE: Check Multiple Calling-Station-Id in mysql >Date: Tue, 7 Dec 2004 16:38:36 +0800 >Reply-To: [EMAIL PROTECTED] > >Hi: > > There might be other better method, me use a simple stupid method, maybe can have a try. > >+++++--+ >| id | GroupName | Attribute | op | Value | >+++++--+ >| 10 | ultrabalad | Calling-Station-Id | =~ | Value1|Value2|Value3 | >+++++--+ >This method is worst if u got lot of different value, but mine situation allowed me to do that for temporary solution.:) >Have a nice day. >Regards >HSL TQ very3 much…
Check Multiple Calling-Station-Id in mysql
Hi to all, I'm using freeradius 1.0.1. I'm trying to check multiple calling-station-id store in mysql but return message access-reject. I don't know how and whats the problem is. Anyone plz help me. TQ +++---++---+ | id | UserName | Attribute | op | Value | +++---++---+ | 1 | ultrabalad | User-Password | == | budakbaik | +++---++---+ ++++ | id | UserName | GroupName | ++++ | 1 | ultrabalad | ultrabalad | ++++ +++++--+ | id | GroupName | Attribute | op | Value| +++++--+ | 10 | ultrabalad | Calling-Station-Id | =~ | 00032f042f51 | | 9 | ultrabalad | Calling-Station-Id | =~ | 10032f042f51 | +++++--+ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html