ARG.. thou art correct. I never looked at the hints file (it wasn't
enabled in our previous setup and the fresh install that I did aparently
put that in... i had started with a fresh raddb dir).
Guilty as charged... I just left the preprocess in there since the
#comment seemed to indicate that i
I posted a whole message about this on Friday or Saturday and had no
response, after running radiusd/rlm_sql module through gdb and seeing what
it actually does, it's starting to make some sense. I'm using freeradius
latest CVS snapshot with MySQL.. Forgive my ignorance. I'm a veteran
programme
This doesn't look good.
[/usr/local/etc/raddb/users]:2 WARNING! Changing 'Password =' to 'Password
==' ?
May I suggest something like this in your users file:
bobAuth-Type := Local, Password := bob
Fall-Through = Yes
Also, once you actually run radtest, there sho
> Try running freeradius in debug mode (radiusd -X), and send us the output,
> as well as the output of radtest (including all the arguments you are
> passing it it, eg "radtest bob bob 1 127.0.0.1 testing123"
Thanks. I appreciate the help. Here's the output from "bob bob"
# radtest bob bob
Dont forget that in order for CHAP authentication to work, the password
needs to be stored in plain text on the radius server. You cant use CHAP to
authenticate against /etc/passwd. Try putting an entry in the users file
that has the password specified.
Try running freeradius in debug mode (radiu
Sorry if this is in the FAQ, but what I've found in the FAQ so far is
misleading- it mentions a module that I can't find.
In short, I'm using CHAP on Max 4K and 6K boxes and in trying to get
freeradius to work, I get the:
Auth: rlm_unix: Attribute "Password" is required for authentication.
Canno
Andy <[EMAIL PROTECTED]> wrote:
> I have went through the last three months of support emails and the
> Linux LDAP Imp How-To gathering settings for radius authentication
> against LDAP. When I run radtest I don't see **anything** on my LDAP
> machine when it is run in debug mode.
And what d
On Mon, Feb 25, 2002 at 06:21:16PM -0600, Razathorn wrote:
> thing has started happening though: usernames that start with a capital
> S get the capital S chopped off ie... Steve turns into teve. The
> debug output shows a User-Name pair with the correct value in it, but in
> the debug messag
hi,everyone
could i put the authentication and
authorization information into the database(such as oracle),thanks
wheatlyshi Ê©ºìÎÀtel: 86-21-52984755-215email: [EMAIL PROTECTED]
I just discovered this with the Cistron Radius server. It also happened
with a Capital 'C' as well.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Razathorn
> Sent: Monday, February 25, 2002 4:21 PM
> To: [EMAIL PROTECTED]
> Subject: username's th
Greetings,
Before I spray any unnecessary configs around let me describe what I am
(not) seeing...
I can successfully authenticate against local usernames and passwords
with radtest.
I have went through the last three months of support emails and the
Linux LDAP Imp How-To gathering settings
Hello, I work for a startup local to my area. We have been using
freeradius for a while with great success and decided to backend
freeradius to our backend setup. I wrote a rlm auth module which does
this task quite well -- it was based off the rlm_example. The strangest
thing has started happe
"Todd T. Fries" <[EMAIL PROTECTED]> wrote:
> While non-optimal, would a mutex lock around non threadsafe functions be a
> viable workaround? It at least allowed a program I've written to function
> safely ..
That's about as much work as fixing the code to use the thread-safe
functions, instead
At 04:24 PM 2/25/2002 -0600, Todd T. Fries wrote:
>With cisco, the start request never contains the Framed-IP-Address, unless
>there's some magic someone wishes to shair.
It *is* shared, specifically in the 'doc/cisco' file:
...
aaa accounting delay-start
This directive will delay the se
While non-optimal, would a mutex lock around non threadsafe functions be a
viable workaround? It at least allowed a program I've written to function
safely ..
Penned by Alan DeKok on Mon, Feb 25, 2002 at 05:44:48PM -0500, we have:
| [EMAIL PROTECTED] (Rainer Clasen) wrote:
| > Even with the chan
Gillou <[EMAIL PROTECTED]> wrote:
> > A option to add to the counter module is to set decrement of an
> > accounting attribute instead of an increment.
> > So, somebody can offer a prepaid service of 25h/month, and increase the
> > customer time if he call one phone number or something similar.(if
[EMAIL PROTECTED] (Rainer Clasen) wrote:
> Even with the changes from the radiusd.c you sent me, this goto is still
> triggered.
I think it's the threading problems. The server still uses
a few functions which aren't thread-safe, and they should be made
thread safe.
e.g. gmtime(),. etc.
Who was the original author of the sql.conf file?
I note an ambiguity that seems strange to me.
Specifically, between 'accounting_{start,stop}_query{,_alt}' ...
In the '*_alt' configuration lines there is no 'Framed-IP-Address'.
In the non '*_alt' there is.
What this ends up meaning is that e
Nope didn't work. Of course our ios doesn't show a possibility of
this command either ..
Penned by Todd T. Fries on Mon, Feb 25, 2002 at 03:10:13PM -0600, we have:
| I see online at cisco it describes commands to type on every access
| server to set an attribute 8 to include it in the access req
Kevin Hildebrand <[EMAIL PROTECTED]> wrote:
> Is there any way to have freeradius write Stop records to the detail file
> for failed logins? We're used to using the Cisco AS5300 which actually
> sends these stop records, however the new box we're working with doesn't
> do it, so we'd like to sim
I see online at cisco it describes commands to type on every access
server to set an attribute 8 to include it in the access request.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t5/dtrattr8.htm
Actually what would be useful is to have it be logged in the acco
Nick Davis <[EMAIL PROTECTED]> wrote:
> It looks like gdbm is not very well maintained. Here is what I found while
> searching for a 1.8 debian package...
OK...
> gdbm (1.7.3-27) unstable; urgency=low
>
> * No 1.8 yet because a) the soname has changed, making packaging it less
> trivi
Is there any way to have freeradius write Stop records to the detail file
for failed logins? We're used to using the Cisco AS5300 which actually
sends these stop records, however the new box we're working with doesn't
do it, so we'd like to simulate it.
It's nice to be able to parse just one l
> It's obviously too much for me to expect that gdbm
> doesn't have massive variations between versions.
>
> Upgrade your gdbm libraries && header files. The latest version is
> 1.8
>
> The alternative is to go back to the previous version of the
> 'counter' module.
>
> I'll try to put
On Mon, Feb 25, 2002 at 07:28:46PM +0100, Daniel Beuchler wrote:
> If your are doing IPsec with PPTP or L2TP Tunneling
> the IPsec tunnel will protect the PAP Passwords
> because IPsec encryption wraps round the L2TP/PPTP Tunnel and with
> it encrypts the passwords ... The Passwords will only be
>
On Mon, Feb 25, 2002 at 01:18:33PM -0500, Kurt Hockenbury wrote:
> Here's my situation. I have a few thousand users, and they'd like to be able
> to do VPN. I have a cisco VPN box, that supports radius. I have a crypt(3)
> unix passwd file, and an smbpasswd file, with entries in both for all us
"Andrew Kelaidis" <[EMAIL PROTECTED]> wrote:
> I have similars problems with counter module. When I try to run configure I
> got the following message: counter module require gdbm
Have you tried looking at 'config.log', as was suggested on the list
earlier today?
Alan DeKok.
-
List info/s
"Daniel Beuchler" <[EMAIL PROTECTED]> wrote:
> The Passwords will only be exchanged in plaintext between the NAS
> and your Radius
No.
The passwords in RADIUS are NEVER sent on the network in plain
text. They are ALWAYS encrypted.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http
I have similars problems with counter module. When I try to run configure I
got the following message: counter module require gdbm
I have already installed the latest version of gdbm from RPM (RedHat 7.2). I
tried and the stable version (0.4) but I got the same message. What's wrong?
Is the RPM
Nick Davis <[EMAIL PROTECTED]> wrote:
> the configure went perfectly. The problems came when I started the make.
>
> Here are the errors that it reported:
>
> rlm_counter.c: In function `counter_instantiate':
> rlm_counter.c:330: `GDBM_NOLOCK' undeclared (first use in this function)
> rlm_counte
If your are doing IPsec with PPTP or L2TP Tunneling
the IPsec tunnel will protect the PAP Passwords
because IPsec encryption wraps round the L2TP/PPTP Tunnel and with
it encrypts the passwords ... The Passwords will only be
exchanged in plaintext between the NAS and your
Radius (not bad if your LA
=?iso-8859-1?Q?Joaquim_Jos=E9_Godinho?= <[EMAIL PROTECTED]> wrote:
> Can anyone tell me if there is any developments regarding IPv6 suport =
> whithin RADIUS server; that is any AAA IPv6 enabled server
FreeRADIUS doesn't have IPv6 support, but it shouldn't be hard to
add.
Alan DeKok.
-
Lis
Here's my situation. I have a few thousand users, and they'd like to be able
to do VPN. I have a cisco VPN box, that supports radius. I have a crypt(3)
unix passwd file, and an smbpasswd file, with entries in both for all users.
Now I could use freeradius with PAP authentication against the cr
Hi,
Can anyone tell me if there is any developments
regarding IPv6 suport whithin RADIUS server; that is any AAA IPv6 enabled
server
Thanks
--Joaquim José S.L.
Godinho Serviço de Computação Universidade de
Évora Largo Duques de
Cadaval 7000
It does work, to some extent. I don't think it can do PPTP, though, as there's some
CHAP magic that's just not happening. Group authentication is a little iffy. Plain
user authentication/IP assignment/etc seems to work more or less OK. Do a search on
CCO for RADIUS attributes, there is a docum
I downloaded the CVS snapshot freeradius-snapshot-20020225 and went to
compile it with these flags:
./configure --localstatedir=/var --sysconfdir=/etc --with-thread-pool
--with-mysql-include-dir=/usr/include/mysql/ --with-mysql-lib-dir=/usr/lib/
--with-mysql-dir=/usr/bin/mysql/
the configure
Alan,
thanks for your quick response, I use the snapshot from 20020220. and here
is my configuration file. My cisco's IOS is 12.2.5.
file trimed:
preprocess {
huntgroups = ${confdir}/huntgroups
hints = ${confdir}/hints
# This hack cha
<[EMAIL PROTECTED]> wrote:
> I tried to compile it too, but decided not to use it yet...,
>
> in the configure.in there is a string somewhere "none required"
> that one is blocking the compiles. (freeradius 0.4)
Rather than doing something intelligent, like setting
unneeded variables to empt
I tried to compile it too, but decided not to use it yet...,
in the configure.in there is a string somewhere "none required"
that one is blocking the compiles. (freeradius 0.4)
regards,
Nico Baggus
> -Original Message-
> From: [EMAIL PROTECTED] at INET-1
> Sent: Monday, February 25, 200
On Mon, 25 Feb 2002, Alan DeKok wrote:
> "noway noway" <[EMAIL PROTECTED]> wrote:
> > Please help to solve the Cisco VSA attribute problem in Detail file, it
> > shows the attribute in the value string again like H323-Attribute =
> > "h323-attribute=value". I've enable the with_cisco_vsa_hack=y
Hi Guenter
hum I think I had a similar problem with aix 4.3.2 once.
how i solved it ? don't remember.
did you manage to ever compile anything ? (try to compile a dummy
helloworld.c )
are you using gcc?
did you build it ? or did you get it from www.bull.de ?
you should be able to install the auto
"noway noway" <[EMAIL PROTECTED]> wrote:
> the sample oracle database script in rlm_sql_oracle/db_oracle.sql does not
> include the clients.conf and users. Also radiusd.conf seem not using
> dictionary table to resolve attribute in database. Did anyone impletmented
> a full oracle database imp
"noway noway" <[EMAIL PROTECTED]> wrote:
> Please help to solve the Cisco VSA attribute problem in Detail file, it
> shows the attribute in the value string again like H323-Attribute =
> "h323-attribute=value". I've enable the with_cisco_vsa_hack=yes, but it's
> only in pre-accouting not acco
At 03:57 PM 2/25/2002 +0100, rauscher wrote:
>Dear freeradius users,
>
>I tried to port freeradius-0.4 to IBM AIX 4.3.3. First I had to
>configure to build a Makefile.
>The configure came to this point:
>checking whether the C compiler (gcc -g -02 -D_REENTRANT -WALL -D_GNU_
>SOURCE -g
>Wshadow -Wp
Dear freeradius users,
I tried to port freeradius-0.4 to IBM AIX 4.3.3. First I had to
configure to build a Makefile.
The configure came to this point:
checking whether the C compiler (gcc -g -02 -D_REENTRANT -WALL -D_GNU_
SOURCE -g
Wshadow -Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings
Can I just thank everyone involved You have all been great, I have
sorted this problem out and I can't thank you enough for your help.
Thanks guys...
Stu
On Thu, 21 Feb 2002, Alan DeKok wrote:
> "Alan DeKok" <[EMAIL PROTECTED]> wrote:
> > Hmm... if 'bind_address' is set, then the pro
46 matches
Mail list logo
