Radius client
Hallo everybody, As far as i know, Freeradius only act as a AAA server. so do you guys have preference for which radius client that I can use? Or can I use freeradius also as Radius client also? Many thanks for your help san __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client
Hi Josh, Thanks a lot for quick reply. I have another question then, how do I invoke this client? I already install the freeradius in the other computer (acting as client) do I just use radclient command or? I want to see how they interact (server and client) What I got until now is the server succesfully authenticate the client by sending access_accept. And afterwards I still confused how to see the process. I want to extend the functionality of the client, so I need to know which file that i must extend. Many many thanks for the help San --- Josh Howlett [EMAIL PROTECTED] wrote: FreeRADIUS ships with a radius client. If you want to do EAP testing, my preferred tool is eapol_test from wpa_supplicant. josh. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client
Hi Alan, Thanks for the help. Also, what I really want to do is that I want radclient to do calculation like in the prepaid billing. So, when the client receive access_accept from the server, then it start the calculation. and after sometime report the result to the server. And the server will respond according to the message. I think what i need to extend is the radclient file into some script right? or maybe other suggestion or other file? And for the process interaction that i want to see (between client and server) is for example the case of session timeout. How do i see if the client sending the message to the server.How do I make untill all of these information show in let say tcpdump. In the debug out (when i run radiusd -X) it only written Nothing to do. Sleeping until we see a request. Am I do something wrong or miss some important thing? Fyi, I am using linux box for my client. Many thanks for your help san --- [EMAIL PROTECTED] wrote: what exactly do you want the FreeRADIUS test client to do? as it comes, it will just take back an Accept or Reject response from the server... do you wish the client to actually do something like allow the system to be on the network? if so you need to wrap radclient into some script or use a proper dot1x client and set up the networking environment accordingly. to 'SEE' the process you should be looking at the logs on the server...or turn on the debugging ( eg radiusd -X ) on the server to see whats going on. alan __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client
Hi Alan, Thanks a lot for your help to explain this to me. oh. generally you do all the accounting and pre-paid stuff and timing of sessions etc on the SERVER. all the required bits are already there. various rlm_* modules that can interface nicely to a database backend etc. But I still have this puzzle inside my head :) My scenario is that the client will do some meassurement after it receive access_accept from server. I think I can trigger this by writing shell script when the packet access_accept received. (am i right?) Second question : How do I learn to use the command line to run client? I just using this command to send access_request for user name Maria, # echo User-Name = Maria, User-Password = testing | radclient 10.1.0.76 auth testing123 How do I find other command to start and stop accounting? I think I can use the same command like above just change the auth become acct. But the problem is how do i tell the server that I want to stop the acct session? And for the process interaction that i want to see (between client and server) is for example the case of session timeout. How do i see if the client sending the message to the server.How do I make untill all of these information show in let say tcpdump. you can see the stuff with tcpdump (in the usual way) but there are special filters for RADIUS in ethereal package - which some people prefer to use when looking at the network stuff. you could look at the server end still - since you can see all the into that the server sends and that the server receives. if you have a problem with the network so that packets dont arrive than thats another issue altogether. In the debug out (when i run radiusd -X) it only written Nothing to do. Sleeping until we see a request. ah. if you are ONLY seeing this and yet you are trying to run the radclient on another box...then the packets arent arriving to the server. in this case perhaps there is a firewall in the way (usual suspect and reason). if you have misconfigured the client/server relationship (wrong passphrase etc) then you would see info...and it would tell you! alan I finally make progres so the server send this access-Accept to the client. Sending Access-Accept of id 131 to 10.1.0.15:32768 Framed-Protocol = PPP Session-Timeout = 600 Login-Service = Telnet Idle-Timeout = 360 But why the session-TImeout is not working? I already set this attributes in users file. seems no sign that it works. How do I see if the time already passed, the client will be disconnected from server? Sorry for long questions. I really apreciate if you want to answer them. Have a great weekend San __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: How to start a session
Hi Alan, thanks a lot for the input. I already have the book now. Santy --- Alan DeKok [EMAIL PROTECTED] wrote: San [EMAIL PROTECTED] wrote: How can we measure the users usage. Where should I put the attribute session start and how i use the session stop. (what are the command?) But the O'Reilly RADIUS book and read it.. The answer to your question is too long to post here. I really lost in this part. Every documents that I can find only explain until authenticate and authorize between NAS and server. But after that I don't have clue. Because you appear to be writing a NAS. The documents don't tell you how to implement a NAS. For that, read the RFC's and the O'Reilly book. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: How to start a session
Ernesto, thanks a lot for quick reply. I have used the radtest command and I can get access accept successfully. What I don't know understand is the next step (after NAS authenticate and authorize). How can we measure the users usage. Where should I put the attribute session start and how i use the session stop. (what are the command?) Do I need to write external script to calculate this? The scenario is I want to know how big bandwith that used by users during the login time. I really lost in this part. Every documents that I can find only explain until authenticate and authorize between NAS and server. But after that I don't have clue. Hope you can understand and be patient with my very basic(amateur) questions. Best regards santy --- Ernesto Freyre Ramírez [EMAIL PROTECTED] wrote: You must use radtest command type radtest at the command prompt and this will give you hints about how to use it Ernesto Freyre Ramírez Jefe de Operaciones Qnet Soluciones Tecnológicas Jr. Natalio Sánchez 220, Of. 401 - Lima 11 Telf.: (511) 431-6565 Anexo 2245 Fax: (511) 431-7113 Visítenos en: www.qnet.com.pe - Original Message - From: San To: FreeRadius users mailing list Sent: Friday, January 20, 2006 8:35 AM Subject: How to start a session Dear All, I have implemented freeradius-1.0.5 in Redhat box. And I have some questions about it. It have searched the web but still can't find a clue or i just missed it :(. Also my questions are: 1. How do we start the session? I have send the request to the server and got access_accepted. And as I know the session is start after we send the accounting_request and get response from the server. The problem is how to do that using command prompt? My Nas is Suse box (that should be fine right?). I use this command to send acct_request echo User-Name= Anna| radclient 10.1.0.76 acct -x testing123 Is that right? or is there any place I can refer to use the radclient command? 2. Do I need to write external script to run the command? Because I want to use the session time out but seems still not working.(because I don't know how to start the session) 3. Where should I put the acc_type. Is it in server side or nas side? I really hope someone can help me (please...) Thanks a lot in advance Best Regards, Santy __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
How to start a session
Dear All, I have implemented freeradius-1.0.5 in Redhat box. And I have some questions about it. It have searched the web but still can't find a clue or i just missed it :(. Also my questions are: 1. How do we start the session? I have send the request to the server and got access_accepted. And as I know the session is start after we send the accounting_request and get response from the server. The problem is how to do that using command prompt? My Nas is Suse box (that should be fine right?). I use this command to send acct_request echo User-Name= Anna| radclient 10.1.0.76 acct -x testing123 Is that right? or is there any place I can refer to use the radclient command? 2. Do I need to write external script to run the command? Because I want to use the session time out but seems still not working.(because I don't know how to start the session) 3. Where should I put the acc_type. Is it in server side or nas side? I really hope someone can help me (please...) Thanks a lot in advance Best Regards, Santy __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Question about Session start
Dear All, I have implemented freeradius in Redhat box. And I have some questions about it. It have searched the web but still can't find a clue or i just missed it :(. Also my questions are: 1. How do we start the session? I have send the request to the server and got access_accepted. And as I know the session is start after we send the accounting_request and get response from the server. The problem is how to do that using command prompt? My Nas is Suse box. I use this command to send acct_request echo User-Name= Anna| radclient 10.1.0.76 acct -x testing123 Is that right? or is there any place I can refer to use the radclient command? 2. Do I need to write external script to run the command? Because I want to use the session time out but seems still not working.(because I don't know how to start the session) 3. Where should I put the acc_type. Is it in server side or nas side? I really hope someone can help me (please...) Thanks a lot in advance Best Regards, Santy __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html