freeradius+hpidm+cisco
All, We have an hp infrastructure and use identity driven management to enforce some additional rights to users(as forcing vlan assignment). We have a mixed wireless environment with hp procurve and cisco(1200) For hp access points we don't have any problem, but when trying with cisco devices freeradius crasches with a segmentation fault. The segmentation fault happens when accessing the module hpidm.post-auth.conf which is loaded through radius.conf. (if i comment out this module i don't get the error, but then vlan assignment does't work for the hp's). Anyone else using this tool in a mixed environment? Stieven Struyf M.I.S. Division - System Operations Komatsu Europe International NV Mechelsesteenweg 586 B-1800 Vilvoorde Tel. +32 (0)2 2552551- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius+hpidm+cisco
> All, > We have an hp infrastructure and use identity driven management to enforce > some additional rights to users(as forcing vlan assignment). > We have a mixed wireless environment with hp procurve and cisco(1200) > For hp access points we don't have any problem, but when trying with cisco > devices freeradius crasches with a segmentation fault. > The segmentation fault happens when accessing the module hpidm.post- > auth.conf which is loaded through radius.conf. > (if i comment out this module i don't get the error, but then vlan > assignment does't work for the hp's). > It would be usefull to debug and to post whats in the hpidm.post-auth.conf J. -- Jonathan De Graeve IMELDA vzw Informatica Dienst Network System Engineer [EMAIL PROTECTED] +32(0)15/50.52.98 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius+hpidm+cisco
Jonathan, I removed the hp module to check if the problem went away(which it did). Afterwards i reenabled it to take traces, but it doesn't segfaults anymore. Now i use radius to assigns vlan for cisco and use hp idm for vlan assigment for hp. Problem seems solved, but i don't want to install the idm on our primary radius server if it gives instable behaviour to the stable freeradius server. We are using freeradius for some years for our wifi production environment(barcode scanners), don't want to cause troubles just to let some users work wireless. Stieven Struyf M.I.S. Division - System Operations Komatsu Europe International NV Mechelsesteenweg 586 B-1800 Vilvoorde Tel. +32 (0)2 2552551 "Jonathan De Graeve" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 10/23/2006 02:58 PM Please respond to FreeRadius users mailing list To "FreeRadius users mailing list" cc Subject RE: freeradius+hpidm+cisco > All, > We have an hp infrastructure and use identity driven management to enforce > some additional rights to users(as forcing vlan assignment). > We have a mixed wireless environment with hp procurve and cisco(1200) > For hp access points we don't have any problem, but when trying with cisco > devices freeradius crasches with a segmentation fault. > The segmentation fault happens when accessing the module hpidm.post- > auth.conf which is loaded through radius.conf. > (if i comment out this module i don't get the error, but then vlan > assignment does't work for the hp's). > It would be usefull to debug and to post whats in the hpidm.post-auth.conf J. -- Jonathan De Graeve IMELDA vzw Informatica Dienst Network System Engineer [EMAIL PROTECTED] +32(0)15/50.52.98 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius+hpidm+cisco
[EMAIL PROTECTED]
wrote on 10/23/2006 02:46:51 PM:
> > All,
> > We have an hp infrastructure and use identity driven management
to
> enforce
> > some additional rights to users(as forcing vlan assignment).
> > We have a mixed wireless environment with hp procurve and cisco(1200)
> > For hp access points we don't have any problem, but when trying
with
> cisco
> > devices freeradius crasches with a segmentation fault.
> > The segmentation fault happens when accessing the module hpidm.post-
> > auth.conf which is loaded through radius.conf.
> > (if i comment out this module i don't get the error, but then
vlan
> > assignment does't work for the hp's).
> >
>
> It would be usefull to debug and to post whats in the
> hpidm.post-auth.conf
Just for your info the contents
of both hpidm config files:
[EMAIL PROTECTED] raddb]# cat hpidm.post-auth.conf
Post-Auth-Type REJECT{
hpidm
}
hpidm
[EMAIL PROTECTED] raddb]#
[EMAIL PROTECTED] raddb]# cat hpidm.modules.conf
hpidm{
version
= 1.0
}
[EMAIL PROTECTED] raddb]#
Stieven Struyf
M.I.S. Division - System Operations
Komatsu Europe International NV
Mechelsesteenweg 586
B-1800 Vilvoorde
[EMAIL PROTECTED]
Tel. +32 (0)2 2552551
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius+hpidm+cisco
[EMAIL PROTECTED] wrote:
> Just for your info the contents of both hpidm config files:
>
> [EMAIL PROTECTED] raddb]# cat hpidm.post-auth.conf
> Post-Auth-Type REJECT{
> hpidm
> }
> hpidm
> [EMAIL PROTECTED] raddb]# cat hpidm.modules.conf
> hpidm{
> version = 1.0
> }
This module is not included with the server. Therefore, it's
something written locally, and you should asthe person who wrote it
about any bugs it may have.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius+hpidm+cisco
[EMAIL PROTECTED]
wrote on 10/23/2006 04:55:32 PM:
> [EMAIL PROTECTED] wrote:
> > Just for your info the contents of both hpidm config files:
> >
> > [EMAIL PROTECTED] raddb]# cat hpidm.post-auth.conf
> > Post-Auth-Type REJECT{
> > hpidm
> > }
> > hpidm
> > [EMAIL PROTECTED] raddb]# cat hpidm.modules.conf
> > hpidm{
> > version = 1.0
> > }
>
> This module is not included with the server. Therefore,
it's
> something written locally, and you should asthe person who wrote it
> about any bugs it may have.
i know, but problem only occurs on cisco devices, i doubt that hp will
debug that(i already updated to the latest patchlevel).
I hoped that other users on the list are also using
idm(as it works as a plugin for (free)radius).-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius+hpidm+cisco
[EMAIL PROTECTED] wrote: > I hoped that other users on the list are also using idm(as it works as a > plugin for (free)radius). It's a plugin supplied by HP, and is not part of FreeRADIUS. Please ask HP for support. The module is not included with FreeRADIUS, therefore discussions about the module do not belong on this list. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
