EAP_TLS
hello freeradius. I used my radius by using authentication type EAP-MD5, which is based on the use of login and password. Then I tried to use EAP-TLS. So I created the certificates and I modified the file eap.con as follows:eap{ default_eap_type = tls}tls { private_key_password = 20092010 private_key_file = ${raddbdir}/certs/serv...@yahoo.fr-cert.pem certificate_file = ${raddbdir}/certs/serv...@yahoo.fr-cert.pem CA_file = ${raddbdir}/certs/root_CA-cacert.pem dh_file = ${raddbdir}/certs/dh random_file = ${raddbdir}/certs/random fragment_size = 1024 include_length = yes CA_path = ${raddbdir}/certs/ check_crl = no } When i run freeradius-X, the shell out the following message:r...@pfe-laptop:/home/pfe# freeradius -XStarting - reading configuration files ...reread_config: reading radiusd.confConfig: including file: /etc/freeradius/proxy.confConfig: including file: /etc/freeradius/clients.confConfig: including file: /etc/freeradius/snmp.confConfig: including file: /etc/freeradius/eap.conf/etc/freeradius/eap.conf[344]: Unexpected end of fileErrors reading radiusd.conf But,I don't modify the file radiusd.conf.Please, is there something wrong in my file eap.con?thank you _ Hotmail: Free, trusted and rich email service. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius 2.x EAP-MSCHAPv2 + MySQL
hi,in sql.conf did you modify that line :readclients = no to readclients = yes ? > Date: Wed, 19 May 2010 13:52:59 +0200 > Subject: freeradius 2.x EAP-MSCHAPv2 + MySQL > From: mac...@drobniuch.pl > To: freeradius-users@lists.freeradius.org > > Hi ALL!! > I'm trying to get authenticated with mikrotik wireless AP. All works > but only when I add the user into the users file. > The thing is that i want to get the users from mysql. > In this moment the authentication requests are coming from PPPoE > concentrator, and the users are in MySQL database - it works fine. > The freeradius server while authenticating is not searching in the sql > database. Why that? > Please help and sorry for my lame eng. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Hotmail: Trusted email with powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE:
ok thank you David. i will test it by cheking this link:http://support.authenex.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=16&nav=0 Date: Wed, 19 May 2010 13:03:01 +0200 Subject: Re: From: davidse...@gmail.com To: freeradius-users@lists.freeradius.org Yes, it works, but you must use with wine. It works fine. Other solution is use JRadius but is more difficult to configure. Regards, David 2010/5/19 dorra aa yes i want to try my radius server whith an extern client. i'm wrking whith ubuntu. does NTRadping works in ubuntu? Date: Wed, 19 May 2010 12:56:54 +0200 Subject: Re: From: davidse...@gmail.com To: freeradius-users@lists.freeradius.org Do you want it only to try your radius server? You can use NTRadping (windows or wine :-D ) or JRadius to try your freeradius server. Regards, David 2010/5/19 dorra aa after the addition of customers in the database sql, I assay to test a client in other computer by using radtest.but i had those lignes: # radtestLe programme 'radtest' peut être trouvé dans les paquets suivants :(that's means The program 'radtest' can be found in the following packages) * radiusd-livingston * yardradius * xtradius * freeradius all that a want that the client try to acced to the server.and all the document said that i may use "radtest" but it's just working only in server thank you Hotmail: Trusted email with powerful SPAM protection. Sign up now. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Hotmail: Trusted email with powerful SPAM protection. Sign up now. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Hotmail: Free, trusted and rich email service. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE:
yes i want to try my radius server whith an extern client. i'm wrking whith ubuntu. does NTRadping works in ubuntu? Date: Wed, 19 May 2010 12:56:54 +0200 Subject: Re: From: davidse...@gmail.com To: freeradius-users@lists.freeradius.org Do you want it only to try your radius server? You can use NTRadping (windows or wine :-D ) or JRadius to try your freeradius server. Regards, David 2010/5/19 dorra aa after the addition of customers in the database sql, I assay to test a client in other computer by using radtest.but i had those lignes: # radtestLe programme 'radtest' peut être trouvé dans les paquets suivants :(that's means The program 'radtest' can be found in the following packages) * radiusd-livingston * yardradius * xtradius * freeradius all that a want that the client try to acced to the server.and all the document said that i may use "radtest" but it's just working only in server thank you Hotmail: Trusted email with powerful SPAM protection. Sign up now. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Hotmail: Trusted email with powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radtest
hi,after the addition of customers in the database sql, I assay to test a client in other computer by using radtest.but i had those lignes in the shell:# radtestLe programme 'radtest' peut être trouvé dans les paquets suivants :(that's means The program 'radtest' can be found in the following packages) * radiusd-livingston * yardradius * xtradius * freeradius all that a want that the client try to acced to the server.and all the document said that i may use "radtest" but it's just working only in serverthank you _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[no subject]
after the addition of customers in the database sql, I assay to test a client in other computer by using radtest.but i had those lignes:# radtestLe programme 'radtest' peut être trouvé dans les paquets suivants :(that's means The program 'radtest' can be found in the following packages) * radiusd-livingston * yardradius * xtradius * freeradius all that a want that the client try to acced to the server.and all the document said that i may use "radtest" but it's just working only in serverthank you _ Hotmail: Trusted email with powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: authentification
thank you for the explication Date: Wed, 19 May 2010 08:41:05 +0200 Subject: Re: authentification From: davidse...@gmail.com To: freeradius-users@lists.freeradius.org Hi. With MAC Address Authentication you can use freeradius to authenticate all the network elements (like camcorders, routers, switches...); so that if these elements don't authenticate, not work in the network. Other aplication is to validate users in a captive portal without user interaction. Regards, David P.D: Sorry for my poor english 2010/5/18 dorra aa is there somebody want to tell what's the utility of it? From: dj_dido2...@hotmail.com To: freeradius-users@lists.freeradius.org Subject: authentification Date: Tue, 18 May 2010 19:40:28 + hi freeradius,i want to ask how to use MAC Address Authentication in my freeradius.besides, i add an address mac with the daloradius. how can i test the succes of that thnak you Hotmail: Powerful Free email with security by Microsoft. Get it now. Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. Sign up now. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: authentification
is there somebody want to tell what's the utility of it? From: dj_dido2...@hotmail.com To: freeradius-users@lists.freeradius.org Subject: authentification Date: Tue, 18 May 2010 19:40:28 + hi freeradius,i want to ask how to use MAC Address Authentication in my freeradius.besides, i add an address mac with the daloradius. how can i test the succes of thatthnak you Hotmail: Powerful Free email with security by Microsoft. Get it now. _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
authentification
hi freeradius,i want to ask how to use MAC Address Authentication in my freeradius.besides, i add an address mac with the daloradius. how can i test the succes of thatthnak you _ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MAC Address Authentication
hi finally, i installed freeradius and mysql .and i add users. Now i'm working whith daloradius. first, i add other user by daloradius and now i add MAC Address Authentication. I know i may do radtest user password ip-adress port secret to test a serin my radius . but i want to know how to test , in the shell, the MAC Address Authentication that i added or it is just to confirm to user added and don't need any command? _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
configuration freeradius with mysql
hi i installed mysql. and i modify in /etc/freeradius/sql.conf: readclients=yes also, i decommented in /etc/freeradius/radiusd.conf: accounting { sql} authorize {... sql} i run again freeradius -X: but it seems failed because of sql: this is the output [...] sql: postauth_query = "INSERT into radpostauth (user, pass, reply, date) values ('%{User-Name}', '%{User-Password:-Chap-Password}', '%{reply:Packet-Type}', NOW())" sql: safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /" rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to r...@localhost:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql_mysql: Couldn't connect socket to MySQL server r! o...@localhost:radius rlm_sql_mysql: Mysql error 'Access denied for user 'root'@'localhost' (using password: YES)' # but i check it and it's ok i have in sql.conf: sql{server = "localhost" login = "root" password = "rootpass"} rlm_sql (sql): Failed to connect DB handle #0 rlm_sql (sql): starting 1 rlm_sql (sql): starting 2 rlm_sql (sql): starting 3 rlm_sql (sql): starting 4 rlm_sql (sql): Failed to connect to any SQL server. #but i begin with installing mysql-server and i add a user in the database rlm_sql (sql): - generate_sql_clients rlm_sql (sql): Query: SELECT * FROM nas rlm_sql (sql): Ignoring unconnected handle 4.. rlm_sql (sql): Ignoring unconnected handle 3.. rlm_sql (sql): Ignoring unconnected handle 2.. rlm_sql (sql): Ignoring unconnected handle 1.. rlm_sql (sql): Ignoring unconnected handle 0.. rlm_sql (sql): There are no DB handles to use! sk! ipped 5, tried to connect 0 rlm_sql (sql): generate_sql_clients() r eturned error rlm_sql (sql): Closing sqlsocket 4 rlm_sql (sql): Closing sqlsocket 3 rlm_sql (sql): Closing sqlsocket 2 rlm_sql (sql): Closing sqlsocket 1 rlm_sql (sql): Closing sqlsocket 0 radiusd.conf[14]: sql: Module instantiation failed. radiusd.conf[1860] Unknown module "sql". radiusd.conf[1789] Failed to parse authorize section. _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius with mysql failed
hi i installed mysql. and i modify in /etc/freeradius/sql.conf: readclients=yes also, i decommented in /etc/freeradius/radiusd.conf: accounting { sql} authorize {... sql} i run again freeradius -X: but it seems failed because of sql: this is the output [...] sql: postauth_query = "INSERT into radpostauth (user, pass, reply, date) values ('%{User-Name}', '%{User-Password:-Chap-Password}', '%{reply:Packet-Type}', NOW())" sql: safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /" rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to r...@localhost:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql_mysql: Couldn't connect socket to MySQL server r...@localhost:radius rlm_sql_mysql: Mysql error 'Access denied for user 'root'@'localhost' (using password: YES)' # but i check it and it's ok i have in sql.conf: sql{server = "localhost" login = "root" password = "rootpass"} rlm_sql (sql): Failed to connect DB handle #0 rlm_sql (sql): starting 1 rlm_sql (sql): starting 2 rlm_sql (sql): starting 3 rlm_sql (sql): starting 4 rlm_sql (sql): Failed to connect to any SQL server. #but i begin with installing mysql-server and i add a user in the database rlm_sql (sql): - generate_sql_clients rlm_sql (sql): Query: SELECT * FROM nas rlm_sql (sql): Ignoring unconnected handle 4.. rlm_sql (sql): Ignoring unconnected handle 3.. rlm_sql (sql): Ignoring unconnected handle 2.. rlm_sql (sql): Ignoring unconnected handle 1.. rlm_sql (sql): Ignoring unconnected handle 0.. rlm_sql (sql): There are no DB handles to use! skipped 5, tried to connect 0 rlm_sql (sql): generate_sql_clients() returned error rlm_sql (sql): Closing sqlsocket 4 rlm_sql (sql): Closing sqlsocket 3 rlm_sql (sql): Closing sqlsocket 2 rlm_sql (sql): Closing sqlsocket 1 rlm_sql (sql): Closing sqlsocket 0 radiusd.conf[14]: sql: Module instantiation failed. radiusd.conf[1860] Unknown module "sql". radiusd.conf[1789] Failed to parse authorize section. _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Access request-access reject
no plz sorry i'm not so well in english. thank you Alan :))) it's working now see it: r...@pfe-laptop:/home/pfe# radtest abc 123 localhost 1812 testing123 Sending Access-Request of id 185 to 127.0.0.1 port 1812 User-Name = "abc" User-Password = "123" NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=185, length=20 thakkksss > Date: Thu, 13 May 2010 13:07:45 +0100 > From: a.l.m.bu...@lboro.ac.uk > To: freeradius-users@lists.freeradius.org > Subject: Re: Access request-access reject > > Hi, > > > > comment this line out and restart the daemon > > > remove calls to 'unix' from your configuration > > > if you dont want to even think about /etc/passwd > > i commented it like that: > > #DEFAULT Auth-Type = System > > Fall-Through = 1 > > comment out both lines.the DEFAULT line and the fall-through > > and you didnt read my original email...which is a pity, where i said > to comment out calls to 'unix' in your config if you dont use it or > need it. as you are not reading what i am telling you then i'm afraid > i wont bother replying to you again over this issue :-( > > alan > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Hotmail: Trusted email with powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: i found two freeradius
> > > yestaerday i create that file: > > cd ~ > > apt-get source freeradius > > and i woked in the users of: cd freeradius-1.1.7/ > > that would just be the original source code of the program. > > > but now i find another freeradius in: /etc/freeradius. > > that would be the directory created and filled with correct > files from the install of freeradius > > > if you run radiusd -X you will clearly see which directory is in > use by the program. delete the one not in use ok i see that: # freeradius -X Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /etc/freeradius/proxy.conf Config: including file: /etc/freeradius/clients.conf Config: including file: /etc/freeradius/snmp.conf Config: including file: /etc/freeradius/eap.conf Config: including file: /etc/freeradius/sql.conf that mean i must delete ~/freeradius-1.1.7 that i have created with the debian : freeradius_1.1.7-1ubuntu0.2_i386.deb. that don't result any problem in my work? because im using a document with this debian _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
i found two freeradius
yestaerday i create that file: cd ~ apt-get source freeradius and i woked in the users of: cd freeradius-1.1.7/ but now i find another freeradius in: /etc/freeradius. I don't know how it is created there? and does it have any influence in my radius, because i do mychanges in file: users of cd freeradius-1.1.7/. may i delete the second freeradius that i do not created?? _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Access request-access reject
> Date: Thu, 13 May 2010 11:01:10 +0100 > From: a.l.m.bu...@lboro.ac.uk > To: freeradius-users@lists.freeradius.org > Subject: Re: Access request-access reject > > Hi, > > > I found in users file that line: > > DEFAULTAuth-Type = System > > comment this line out and restart the daemon > remove calls to 'unix' from your configuration > if you dont want to even think about /etc/passwd i commented it like that: #DEFAULT Auth-Type = System Fall-Through = 1 also in file radiusd.conf: authenticate { # # PAP authentication, when a back-end database listed # in the 'authorize' section supplies a password. The # password can be clear-text, or encrypted. Auth-Type PAP { pap } # # Most people want CHAP authentication # A back-end database listed in the 'authorize' section # MUST supply a CLEAR TEXT password. Encrypted passwords # won't work. Auth-Type CHAP { chap } # # MSCHAP authentication. Auth-Type MS-CHAP { mschap } # # If you have a Cisco SIP server authenticating against # FreeRADIUS, uncomment the following line, and the 'digest' # line in the 'authorize' section. #digest # # Pluggable Authentication Modules. #pam # # See 'man getpwent' for information on how the 'unix' # module checks the users password. Note that packets # containing CHAP-Password attributes CANNOT be authenticated # against /etc/passwd! See the FAQ for details. # unix # Uncomment it if you want to use ldap for authentication # # Note that this means "check plain-text password against # the ldap database", which means that EAP won't work, # as it does not supply a plain-text password. #Auth-Type LDAP { #ldap #} # # Allow EAP authentication. eap } i commented :unix ... and i have this output in the deamon: Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1:40128, id=130, length=55 User-Name = "abc" User-Password = "123" NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "abc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry DEFAULT at line 153 users: Matched entry abc at line 216 modcall[authorize]: module "files" returns ok for request 0 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module "unix" returns notfound for request 0 modcall: leaving group authenticate (returns notfound) for request 0 auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 130 to 127.0.0.1 port 40128 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 130 with timestamp 4bebd86e Nothing to do. Sleeping until we see a request. > alan > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Hotmail: Free, trusted and rich email service. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Access request-access reject
> users: Matched entry DEFAULT at line 153 > > users: Matched entry abc at line 216 > > modcall[authorize]: module "files" returns ok for request 0 > > modcall: leaving group authorize (returns ok) for request 0 > > rlm_pap: Found existing Auth-Type, not changing it. > > rad_check_password: Found Auth-Type System > > modcall[authenticate]: module "unix" returns notfound for request 0 > > It shouldn't be using an auth-type of "System", that means to lookup the > user in the /etc/passwd (/etc/shadow) file. But you don't have a user on > your system named "abc" so the not found result makes sense, right? > > Why is it trying to find "abc" amongst the unix users on your system? > The answer is right above, look at the lines labeled "users:", that's > your users file, also look at the line that says "Found Auth-Type, not > changing it". So somthing in your users file forced the user "abc" to > have an Auth-Type of "system" or "unix", it also tells you which lines > in the users files it matched. Go fix your users file so it doesn't do that. I found in users file that line: DEFAULTAuth-Type = System i decommented it but same problem. i think i must change it to other attribut? > I'm guessing in your attempts to get things working you may have mangled > the example users file, you might want to start with the unaltered users > file and just add your test user. > > All this is documented in the link I sent you a week ago: > http://deployingradius.com/documents/configuration/pap.html > > -- > John Dennis _ Hotmail: Trusted email with powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
sending Access-request, Access-Reject
hi can someone help me in that i add a users : abc cleartext-password:="123" and i run freeradius -X after that i do: r...@pfe-laptop:/home/pfe# radtest abc 123 localhost 1812 testing123 Sending Access-Request of id 48 to 127.0.0.1 port 1812 User-Name = "abc" User-Password = "123" NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=48, length=20 and this is the output of deamon: Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1:41804, id=48, length=55 User-Name = "abc" User-Password = "123" NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "abc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry DEFAULT at line 153 users: Matched entry abc at line 216 modcall[authorize]: module "files" returns ok for request 0 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module "unix" returns notfound for request 0 modcall: leaving group authenticate (returns notfound) for request 0 auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 48 to 127.0.0.1 port 41804 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 48 with timestamp 4beb3ff9 Nothing to do. Sleeping until we see a request. _ Hotmail: Free, trusted and rich email service. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius-server-2.1.8
when i wrote that # radtest dorra mesh 192.168.1.65 1812 testing123 i had this error r...@pfe-laptop:/home/pfe/freeradius-server-2.1.8/raddb# radtest dorra mesh 192.168.1.65 1812 testing123 Sending Access-Request of id 224 to 192.168.1.65 port 1812 User-Name = "dorra" User-Password = "mesh" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 Sending Access-Request of id 224 to 192.168.1.65 port 1812 User-Name = "dorra" User-Password = "mesh" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 Sending Access-Request of id 224 to 192.168.1.65 port 1812 User-Name = "dorra" User-Password = "mesh" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 radclient: no response from server for ID 224 socket 3 and ther is nothing in the output of radiusd -X > Date: Wed, 12 May 2010 01:51:28 +0200 > From: mangi...@gmail.com > To: m...@myownsoho.net; freeradius-users@lists.freeradius.org > Subject: Re: freeradius-server-2.1.8 > > Maybe the professor wanted to learn him how to work with "&" operator > and radiusd -X is just a simple command :) > > now, lets get to work, > > Tell us what you want to achieve then there is a chance to see something > usable on this list > > > > Mike Nichols wrote: > > > > running radius in debug mode in the background shouldn't provide > > anything useful tho. > > > > just a thought... > > > > On Tue, 11 May 2010 19:36:24 +, dorra aa > > wrote: > > > > I installed on a server machine: freeradius-server-2.1.8 > > I wrote in the terminal: radiusd-X & > > Now I want to test a remote access client with radtest, is what > > the client must be equipped with He commend > > freeradius-server-2.1.8 or not? what I should do in the client side > > > > Hotmail: Powerful Free email with security by Microsoft. Get it > > now. <https://signup.live.com/signup.aspx?id=60969> > > > > > > > > -- > > > > Mike Nichols > > My Own SOHO > > m...@myownsoho.net > > http://myownsoho.com > > 212 202-2194 > > > > > > - > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius-server-2.1.8
this is not my idea.it's the idea of my professor. i have no idea about the radius and he wants me to work in it just in 2 weeks.I'm shearching in many forum but i don't understand because of many errorsnow i want to test with radtest name password 192.168.1.12 1812 secretshould i write it in the terminal of server?Please help me in the first stages. :((( > Date: Tue, 11 May 2010 21:45:19 +0200 > From: al...@deployingradius.com > To: freeradius-users@lists.freeradius.org > Subject: Re: freeradius-server-2.1.8 > > dorra aa wrote: > > I installed on a server machine: freeradius-server-2.1.8 > > I wrote in the terminal: radiusd-X & > > Why would you do that? > > Nothing in *any* documentation says that's a good idea. > > > Now I want to test a remote access client with radtest, is what the > > client must be equipped with He commend freeradius-server-2.1.8 or > > not? what I should do in the client side > > The client needs a radius client... like radtest. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius-server-2.1.8
I installed on a server machine: freeradius-server-2.1.8 I wrote in the terminal: radiusd-X & Now I want to test a remote access client with radtest, is what the client must be equipped with He commend freeradius-server-2.1.8 or not? what I should do in the client side _ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
want client but not localhost
Hello. I installed the radius on a computer and finally the test is successful locally. Now I want to do the test on another computer client.Should i install the Radius on this computer I'm writing ?or just in the terminal powered the second command: radtest But this does not work.because even if I install I get two Radius servers. I still do not understand this idea. Thank you for the enlightenment _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: is there a package named phpmysql
Sorry but it's not true because with that package i want to install mysql for the radius. So i'm asked if there is someone used it.And i had the help from that list us you see. thxx > Date: Thu, 6 May 2010 20:06:29 -0400 > From: jden...@redhat.com > To: freeradius-users@lists.freeradius.org > Subject: Re: is there a package named phpmysql > > On 05/06/2010 07:53 PM, dorra aa wrote: > > Hi.i'm working now in the install of mysql for the radius.I found a file > > that tell me to do: > > sudo apt-get install mysql-server phpmysql vim-full > > But i got: > > E: Impossible de trouver le paquet phpmysql (that means impossible to > > found phpmysql) > > is there a package called like that; or the file is wrong?? > > thank > > I hope you understand whatever it is you're reading. For what it's worth > phpmysql is completely irrelevant to the purpose of this list. Seek > advice on phpmyslq elsewhere. > > -- > John Dennis > > Looking to carve out IT costs? > www.redhat.com/carveoutcosts/ > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: is there a package named phpmysql
Thank you for this help Date: Thu, 6 May 2010 17:11:26 -0700 Subject: Re: is there a package named phpmysql From: paul.bart...@gmail.com To: freeradius-users@lists.freeradius.org you are probably looking for php5-mysql or php4-mysql. A good source for this kind of info is your distro's package archive. 2010/5/6 dorra aa Hi.i'm working now in the install of mysql for the radius.I found a file that tell me to do: sudo apt-get install mysql-server phpmysql vim-full But i got: E: Impossible de trouver le paquet phpmysql (that means impossible to found phpmysql) is there a package called like that; or the file is wrong?? thank Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up now. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Random quote of the week/month/whenever i get to updating it: "Quis custodiet ipsos custodes?": "who shall watch the watchers themselves?" - Juvenal _ Hotmail: Free, trusted and rich email service. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
is there a package named phpmysql
Hi.i'm working now in the install of mysql for the radius.I found a file that tell me to do: sudo apt-get install mysql-server phpmysql vim-full But i got: E: Impossible de trouver le paquet phpmysql (that means impossible to found phpmysql) is there a package called like that; or the file is wrong?? thank _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: plz help me: access-reject
> Date: Wed, 5 May 2010 11:08:28 -0400 > From: jden...@redhat.com > To: freeradius-users@lists.freeradius.org > Subject: Re: plz help me: access-reject > CC: a.l.m.bu...@lboro.ac.uk > > On 05/05/2010 11:01 AM, Alan Buxey wrote: > > Hi, > > > >> Mr Alan i do it but always the same result: > >> r...@pfe-laptop:/home/pfe/freeradius-server-2.1.8# radtest sonia salut > >> 127.0.0.1:1812 1812 testing123 > >> Sending Access-Request of id 76 to 127.0.0.1 port 1812 > >> User-Name = "sonia" > >> User-Password = "salut" > >> NAS-IP-Address = 127.0.1.1 > >> NAS-Port = 1812 > >> rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=76, > >> length=20 > > > > are you SURE you are editing the right users file? you havent got two > > copies > > of FR installed have you ? (eg self-build and RPM) - check that > > you dont have eg /etc/raddn/users AND /usr/local/etc/raddb/users or such No Sir i have only one file of users.thank you for your help.i think to install freeradius*.deb > Good thought, but this person was already told to check this :-( For John Dennis; I'm checking it form the first time.I'm not joking whith my work.i'm serious.Just it does not work > -- > John Dennis > > Looking to carve out IT costs? > www.redhat.com/carveoutcosts/ > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: plz help me: access-reject
Mr Alan i do it but always the same result: r...@pfe-laptop:/home/pfe/freeradius-server-2.1.8# radtest sonia salut 127.0.0.1:1812 1812 testing123 Sending Access-Request of id 76 to 127.0.0.1 port 1812 User-Name = "sonia" User-Password = "salut" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=76, length=20 plz can you give me the steps that i may to do more then that. plz help me. I am a beginner in that > Date: Wed, 5 May 2010 11:19:29 +0100 > From: a.l.m.bu...@lboro.ac.uk > To: freeradius-users@lists.freeradius.org > Subject: Re: plz help me: access-reject > > Hi, > > > Hi. im used freeradius 2.1.8. Please can somebody give me an example of > > configuration of files to do na simple test with radiusd -X. > > because i'm testing now a local client and the result is reject. I modify > > onlu users and clients.conf.is that anought? > > > > 1/I add on Users: > > > > "sonia" Auth-Type := Local, User-Password == "salut" > > Reply-Message = "Hello, %u", > > Reply-Message = "are you fine, %u" > you've already had replies about this. > > this config is wrong > > > I'm also trying another exemple: > > > > "sonia" Cleartext-Password := "salut" > > that config is correct > > alan > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
plz help me: access-reject
Hi. im used freeradius 2.1.8. Please can somebody give me an example of configuration of files to do na simple test with radiusd -X. because i'm testing now a local client and the result is reject. I modify onlu users and clients.conf.is that anought? 1/I add on Users: "sonia" Auth-Type := Local, User-Password == "salut" Reply-Message = "Hello, %u", Reply-Message = "are you fine, %u" I'm also trying another exemple: "sonia" Cleartext-Password := "salut" Reply-Message = "Hello, %u", Reply-Message += "are you fine, %u" 2/And i add on Clients.conf: client 127.0.0.1 { secret = testing123 # notre clé partagée shortname = class nastype = other } when i do this command, i have: p...@pfe-laptop:~$ sudo radtest sonia salut 127.0.0.1:1812 1812 testing123 Sending Access-Request of id 11 to 127.0.0.1 port 1812 User-Name = "sonia" User-Password = "salut" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=11, length=20 3/The result of output radiusd -X is: Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1 port 38590, id=135, length=57 User-Name = "sonia" User-Password = "salut" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "sonia", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> sonia attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 135 to 127.0.0.1 port 38590 Waking up in 4.9 seconds. Cleaning up request 0 ID 135 with timestamp +153 Ready to process requests. What is the problem please Can you help me whith a clear example tahnk you _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: your mail
the output of my radiusd -X is : Module: Linked to module rlm_pap Module: Instantiating pap pap { encryption_scheme = "auto" auto_header = no } Module: Linked to module rlm_chap Module: Instantiating chap Module: Linked to module rlm_mschap Module: Instantiating mschap mschap { use_mppe = yes require_encryption = no require_strong = no with_ntdomain_hack = no } Module: Linked to module rlm_unix Module: Instantiating unix unix { radwtmp = "/usr/local/var/log/radius/radwtmp" } Module: Linked to module rlm_eap Module: Instantiating eap eap { default_eap_type = "md5" timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no max_sessions = 4096 } Module: Linked to sub-module rlm_eap_md5 Module: Instantiating eap-md5 Module: Linked to sub-module rlm_eap_leap Module: Instantiating eap-leap Module: Linked to sub-module rlm_eap_gtc Module: Instantiating eap-gtc gtc { challenge = "Password: " auth_type = "PAP" } Ignoring EAP-Type/tls because we do not have OpenSSL support. Ignoring EAP-Type/ttls because we do not have OpenSSL support. Ignoring EAP-Type/peap because we do not have OpenSSL support. Module: Linked to sub-module rlm_eap_mschapv2 Module: Instantiating eap-mschapv2 mschapv2 { with_ntdomain_hack = no } Module: Checking authorize {...} for more modules to load Module: Linked to module rlm_realm Module: Instantiating suffix realm suffix { format = "suffix" delimiter = "@" ignore_default = no ignore_null = no } Module: Linked to module rlm_files Module: Instantiating files files { usersfile = "/usr/local/etc/raddb/users" acctusersfile = "/usr/local/etc/raddb/acct_users" preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users" compat = "no" } Module: Checking session {...} for more modules to load Module: Linked to module rlm_radutmp Module: Instantiating radutmp radutmp { filename = "/usr/local/var/log/radius/radutmp" username = "%{User-Name}" case_sensitive = yes check_with_nas = yes perm = 384 callerid = yes } Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load Module: Linked to module rlm_attr_filter Module: Instantiating attr_filter.access_reject attr_filter attr_filter.access_reject { attrsfile = "/usr/local/etc/raddb/attrs.access_reject" key = "%{User-Name}" } } # modules } # server server { modules { Module: Checking authenticate {...} for more modules to load Module: Checking authorize {...} for more modules to load Module: Linked to module rlm_preprocess Module: Instantiating preprocess preprocess { huntgroups = "/usr/local/etc/raddb/huntgroups" hints = "/usr/local/etc/raddb/hints" with_ascend_hack = no ascend_channels_per_line = 23 with_ntdomain_hack = no with_specialix_jetstream_hack = no with_cisco_vsa_hack = no with_alvarion_vsa_hack = no } Module: Checking preacct {...} for more modules to load Module: Linked to module rlm_acct_unique Module: Instantiating acct_unique acct_unique { key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" } Module: Checking accounting {...} for more modules to load Module: Linked to module rlm_detail Module: Instantiating detail detail { detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d" header = "%t" detailperm = 384 dirperm = 493 locking = no log_packet_header = no } Module: Instantiating attr_filter.accounting_response attr_filter attr_filter.accounting_response { attrsfile = "/usr/local/etc/raddb/attrs.accounting_response" key = "%{User-Name}" } Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load } # modules } # server radiusd: Opening IP addresses and Ports listen { type = "auth" ipaddr = * port = 0 Failed binding to authentication address * port 1812: Address already in use /usr/local/etc/raddb/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812 p...@pfe-laptop:~/freeradius-server-2.1.8$ killall radiusd radiusd(4956): Opération non permise radiusd: aucun processus tué p...@pfe-laptop:~/freeradius-server-2.1.8$ sudo killall radiusd p...@pfe-laptop:~/freeradius-server-2.1.8$ sudo radiusd -X FreeRADIUS Version 2.1.8, for host i686-pc-linux-gnu, built on May 3 2010 at 23:42:10 Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. Starting - reading configuration files ... including configuration file /usr/local/etc/raddb/radiusd.conf including configuration file
[no subject]
Hi. After installing Radius. i try to do some exemple.I d'ont know if it is correct because i'm new in it. I add on Users: "sonia" Auth-Type := Local, User-Password == "salut" Reply-Message = "Hello, %u", Reply-Message = "are you fine, %u" And i add on Clients.conf: client 127.0.0.1 { secret = testing123 # notre clé partagée shortname = class nastype = other } when i do this command, i have: p...@pfe-laptop:~$ sudo radtest sonia salut 127.0.0.1:1812 1812 testing123 Sending Access-Request of id 11 to 127.0.0.1 port 1812 User-Name = "sonia" User-Password = "salut" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=11, length=20 What is the problem please.is there someting messing in my test? Thank you _ Hotmail: Trusted email with powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Configuration radius
Hello. I am doing a project in network mesh, wireless mesh. After making the implementation of my network, I want to do authentication and security of my network using Radius. But I have no information of this side and I found many documents that I do not understand. Please help me to find a clear document and without difficulty. I want to do the Radius on two machines: a server and a client. What are the commands to type to each machine. Thank you _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radiusd -X
HI I try to test freeradius with this command radiusd -X. but i get that error: radiusd: Opening IP addresses and Ports listen { type = "auth" ipaddr = * port = 0 Failed binding to authentication address * port 1812: Address already in use /usr/local/etc/raddb/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812 What's the problem plz THanks _ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html