AW: FW: Login for any user
Hello, well so far it seems to works partly as I get the following error: auth: type EAP Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 0 rlm_eap: EAP-Message not found rlm_eap: Malformed EAP Message Currently working on that. regards Christoph --- Ing. Christoph Galuschka TIWAG-Tiroler Wasserkraft AG ITT LAN/WAN - VPN-/Firewallsysteme Eduard-Wallnöfer-Platz 2 6010 Innsbruck T: +43 (0)50607 21832 F: +43 (0)50607 41832 www.tiroler-wasserkraft.at Ti.econet: Hotline: +43 (0)50607 21405 eMail: [EMAIL PROTECTED] www.tieconet.at --- -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] rg [mailto:[EMAIL PROTECTED] radius.org]Im Auftrag von inverse Gesendet: Dienstag, 17. April 2007 15:49 An: FreeRadius users mailing list Betreff: Re: FW: Login for any user Anybody got an idea on how the entry in the users-file has to look like something like DEFAULT Auth-Type := Eap, User-Password == blah with deafult eap type set to md5. I've yet to try it tho, may you report back if it works? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FW: Login for any user
Auth-Type:= Accept will let everyone in. Ivan Kalik Kalik Informatika ISP Dana 17/4/2007, inverse [EMAIL PROTECTED] piše: Anybody got an idea on how the entry in the users-file has to look like something like DEFAULT Auth-Type := Eap, User-Password == blah with deafult eap type set to md5. I've yet to try it tho, may you report back if it works? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
AW: FW: Login for any user
I've managed to reach my goal with the following entry in the users-file: DEFAULT Auth-Type := Local, User-Password == something Service-Type = Framed-User, Framed-Protocol = PPP, Framed-Compression = Van-Jabobsen-TCP-IP, Cisco-AVPair = 'ip:addr-pool=somepool' regards Christoph --- Ing. Christoph Galuschka TIWAG-Tiroler Wasserkraft AG ITT LAN/WAN - VPN-/Firewallsysteme Eduard-Wallnöfer-Platz 2 6010 Innsbruck T: +43 (0)50607 21832 F: +43 (0)50607 41832 www.tiroler-wasserkraft.at Ti.econet: Hotline: +43 (0)50607 21405 eMail: [EMAIL PROTECTED] www.tieconet.at --- -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] rg [mailto:[EMAIL PROTECTED] radius.org]Im Auftrag von inverse Gesendet: Dienstag, 17. April 2007 15:49 An: FreeRadius users mailing list Betreff: Re: FW: Login for any user Anybody got an idea on how the entry in the users-file has to look like something like DEFAULT Auth-Type := Eap, User-Password == blah with deafult eap type set to md5. I've yet to try it tho, may you report back if it works? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FW: Login for any user
Anybody got an idea on how the entry in the users-file has to look like something like DEFAULT Auth-Type := Eap, User-Password == blah with deafult eap type set to md5. I've yet to try it tho, may you report back if it works? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FW: Login for any user
Hello, well I guess I can't do that with MySQL-Queries. Anybody got an idea on how the entry in the users-file has to look like. thanks and regards Chris -Ursprüngliche Nachricht- Von: Galuschka Christoph Gesendet: Dienstag, 17. April 2007 14:04 An: 'freeradius-users@lists.freeradius.org' Betreff: Login for any user Hello, I would like to create a login user on my database backend which allows everybody - regardless of username - to login as long as the password is correct. Is there a way to create such a user? thanks and regards Christoph --- Ing. Christoph Galuschka TIWAG-Tiroler Wasserkraft AG ITT LAN/WAN - VPN-/Firewallsysteme Eduard-Wallnöfer-Platz 2 6010 Innsbruck T: +43 (0)50607 21832 F: +43 (0)50607 41832 www.tiroler-wasserkraft.at Ti.econet: Hotline: +43 (0)50607 21405 eMail: [EMAIL PROTECTED] www.tieconet.at --- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: AW: FW: Login for any user
Galuschka Christoph wrote: I've managed to reach my goal with the following entry in the users-file: DEFAULT Auth-Type := Local, User-Password == something Don't set Auth-Type = Local. PLEASE. Instead: DEFAULT Cleartext-Password := something ... And make sure you have pap listed last in the authorize section. This is the default in 1.1.6. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FW: Login for any user
[EMAIL PROTECTED] wrote: Auth-Type:= Accept will let everyone in. No. Every EAP method I am aware of will require the successful completion of the challenge-response. Just setting Auth-Type to Accept will break things completely. You *might* possibly be able to use EAP TTLS+PAP and set Auth-Type to Accept on the *inner* PAP method. But that's about it. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FW: Login for any user
inverse wrote: Anybody got an idea on how the entry in the users-file has to look like something like DEFAULT Auth-Type := Eap, User-Password == blah with deafult eap type set to md5. I've yet to try it tho, may you report back if it works? This suggestion is wrong on a number of levels: 1. Don't set Auth-Type 2. Don't use == for User-Password; use := and in recent server versions use Cleartext-Password 3. You cannot just permit EAP. The client will want the server to complete the challenge-response. The ONLY authentication algorithm that you can just accept is PAP. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html