Re: Can freeradius do a CoA Push.
I thought that this can already be done with radclient , no?:radclient -x -t 20 -c 1 -f /home/coa.txt 114.0.1.1:3799 coa test On Tue, Mar 3, 2009 at 11:43 PM, Alan DeKok al...@deployingradius.comwrote: Simon Herriotts wrote: New user to freeradius, nice little bit of work. Wondering if anyone knows how/if you can do a CoA Push. ie change SLA policy-map levels via a radius push to an existing user. The git stable branch can do this. It will be in 2.1.4, when it's released. Alan DeKok. - Show quoted text - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can freeradius do a CoA Push.
Marlon Duksa wrote: I thought that this can already be done with radclient , no? Yes. But integrating that into the server policies cannot currently be done well. i.e. When the server receives an accounting packet, you can check if they're over a bandwidth quota, and if so, run radclient to send a CoA packet. But this isn't integrated into the server core. Updating the contents of the CoA packet is hard. Handling the CoA reply is hard. Did the NAS do what you asked, or did it do something else? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can freeradius do a CoA Push.
ok. I see. Thanks.The NAS did exactly what I wanted it to do in my case (disconnect a user and also change the SLA parameters) Marlon On Wed, Mar 4, 2009 at 7:55 AM, Alan DeKok al...@deployingradius.comwrote: Marlon Duksa wrote: I thought that this can already be done with radclient , no? Yes. But integrating that into the server policies cannot currently be done well. i.e. When the server receives an accounting packet, you can check if they're over a bandwidth quota, and if so, run radclient to send a CoA packet. But this isn't integrated into the server core. Updating the contents of the CoA packet is hard. Handling the CoA reply is hard. Did the NAS do what you asked, or did it do something else? Alan DeKok. - Show quoted text - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can freeradius do a CoA Push.
Marlon, This looks like the item I am looking for. What is the syntax example in the coa.txt. Looks like I need to do more research into radclient usage. Cheers Simon Marlon Duksa wrote: I thought that this can already be done with radclient , no? : radclient -x -t 20 -c 1 -f /home/coa.txt 114.0.1.1:3799 coa test On Tue, Mar 3, 2009 at 11:43 PM, Alan DeKok al...@deployingradius.com wrote: Simon Herriotts wrote: New user to freeradius, nice little bit of work. Wondering if anyone knows how/if you can do a CoA Push. ie change SLA policy-map levels via a radius push to an existing user. The git "stable" branch can do this. It will be in 2.1.4, when it's released. Alan DeKok. - Show quoted text - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can freeradius do a CoA Push.
Simon - I think there is a man on radclient. But the file you are asking about usually contains the attributes that you want to change. I was doing this on JNPR so the syntax was this in my particular example: user-Name = circuit:3.remote:3 Acct-Session-ID = 3 ERX-CoS-Parameter-Type = T02 800k I was changing some QoS parameters (shaping rate) for a subscriber in JNPR. Thanks, Marlon On Wed, Mar 4, 2009 at 9:48 AM, Simon Herriotts sherr...@cisco.com wrote: Marlon, This looks like the item I am looking for. What is the syntax example in the coa.txt. Looks like I need to do more research into radclient usage. Cheers Simon Marlon Duksa wrote: - Show quoted text - I thought that this can already be done with radclient , no? : radclient -x -t 20 -c 1 -f /home/coa.txt 114.0.1.1:3799 coa test On Tue, Mar 3, 2009 at 11:43 PM, Alan DeKok al...@deployingradius.comwrote: Simon Herriotts wrote: New user to freeradius, nice little bit of work. Wondering if anyone knows how/if you can do a CoA Push. ie change SLA policy-map levels via a radius push to an existing user. The git stable branch can do this. It will be in 2.1.4, when it's released. Alan DeKok. - Show quoted text - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can freeradius do a CoA Push.
Perfect, thanks I will play with the radclient and see about the man tool. Cheers Simon Marlon Duksa wrote: Simon - I think there is a man on radclient. But the file you are asking about usually contains the attributes that you want to change. I was doing this on JNPR so the syntax was this in my particular example: user-Name = circuit:3.remote:3 Acct-Session-ID = 3 ERX-CoS-Parameter-Type = "T02 800k" I was changing some QoS parameters (shaping rate) for a subscriber in JNPR. Thanks, Marlon On Wed, Mar 4, 2009 at 9:48 AM, Simon Herriotts sherr...@cisco.com wrote: Marlon, This looks like the item I am looking for. What is the syntax example in the coa.txt. Looks like I need to do more research into radclient usage. Cheers Simon Marlon Duksa wrote: - Show quoted text - I thought that this can already be done with radclient , no? : radclient -x -t 20 -c 1 -f /home/coa.txt 114.0.1.1:3799 coa test On Tue, Mar 3, 2009 at 11:43 PM, Alan DeKok al...@deployingradius.com wrote: Simon Herriotts wrote: New user to freeradius, nice little bit of work. Wondering if anyone knows how/if you can do a CoA Push. ie change SLA policy-map levels via a radius push to an existing user. The git "stable" branch can do this. It will be in 2.1.4, when it's released. Alan DeKok. - Show quoted text - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Can freeradius do a CoA Push.
Hey, New user to freeradius, nice little bit of work. Wondering if anyone knows how/if you can do a CoA Push. ie change SLA policy-map levels via a radius push to an existing user. Cheers Simon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can freeradius do a CoA Push.
Simon Herriotts wrote: New user to freeradius, nice little bit of work. Wondering if anyone knows how/if you can do a CoA Push. ie change SLA policy-map levels via a radius push to an existing user. The git stable branch can do this. It will be in 2.1.4, when it's released. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Can freeRadius do that?
Hi, I just want to know if freeradius server can do what I want to deploy in my environnement. I want to deploy freeradius to taking care of security and authorization for my wireless network. What I want to do is like many hotel in my country. The user open is laptop with wireless capability, is automaticly connected to the wireless network but if he want to use the internet connection, when he first run is browser, he's automaticly redirect to an authentification page that ask him a username and a password. So is it freeradius who's handle this or another software or combination of software. Like a freeradius server and a proxy or freeradius with third party software. Can someone help me with my interrogation. Thanks a lot Guillaume Chartrand Technicien informatique Cégep régional de Lanaudière Centre administratif, Repentigny (450) 470-0911 poste 7218 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can freeRadius do that?
Guillaume Chartrand wrote: ... What I want to do is like many hotel in my country. The user open is laptop with wireless capability, is automaticly connected to the wireless network but if he want to use the internet connection, when he first run is browser, he’s automaticly redirect to an authentification page that ask him a username and a password. So is it freeradius who’s handle this or another software or combination of software. Like a freeradius server and a proxy or freeradius with third party software. See Chillispot or CoovaChilli. What you want is a captive portal. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can freeRadius do that?
I'm using freeradius, with CoovaChilli, and a Squid Proxy (to reduce internet traffic). Works a charm Tim Alan DeKok wrote: Guillaume Chartrand wrote: ... What I want to do is like many hotel in my country. The user open is laptop with wireless capability, is automaticly connected to the wireless network but if he want to use the internet connection, when he first run is browser, he’s automaticly redirect to an authentification page that ask him a username and a password. So is it freeradius who’s handle this or another software or combination of software. Like a freeradius server and a proxy or freeradius with third party software. See Chillispot or CoovaChilli. What you want is a captive portal. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Can freeRadius do that?
-Message d'origine- De : [EMAIL PROTECTED] [mailto:freeradius-users-[EMAIL PROTECTED] De la part de Tim White Envoyé : 11 mars 2008 15:09 À : FreeRadius users mailing list Objet : Re: Can freeRadius do that? I'm using freeradius, with CoovaChilli, and a Squid Proxy (to reduce internet traffic). Wich AP do you use. Do you know if Cisco AP or D-Link AP is supported by CoovaChilli without modifying firmware APs. Guillaume Thank Works a charm Tim Alan DeKok wrote: Guillaume Chartrand wrote: ... What I want to do is like many hotel in my country. The user open is laptop with wireless capability, is automaticly connected to the wireless network but if he want to use the internet connection, when he first run is browser, he's automaticly redirect to an authentification page that ask him a username and a password. So is it freeradius who's handle this or another software or combination of software. Like a freeradius server and a proxy or freeradius with third party software. See Chillispot or CoovaChilli. What you want is a captive portal. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can freeRadius do that?
Guillaume Chartrand a écrit : Hi, I just want to know if freeradius server can do what I want to deploy in my environnement. I want to deploy freeradius to taking care of security and authorization for my wireless network. What I want to do is like many hotel in my country. The user open is laptop with wireless capability, is automaticly connected to the wireless network but if he want to use the internet connection, when he first run is browser, he's automaticly redirect to an authentification page that ask him a username and a password. So is it freeradius who's handle this or another software or combination of software. Like a freeradius server and a proxy or freeradius with third party software. Can someone help me with my interrogation. Thanks a lot For me what you describe is an open wireless network with a transparent proxy that aythenticate users on its default redirection page. This authentication could and should be made with freeradius in order to have fine grained accouting. Solution could be something like squid + radius_authenticator + freeradius. I think you can use apache-mod-proxy and PAM, so that you can avoid the use of squid but I'm not sure about it. Guillaume Chartrand Technicien informatique Cégep régional de Lanaudière Centre administratif, Repentigny (450) 470-0911 poste 7218 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html