Hi,
I am using freeradius-0.4 on a RedHat 7.2 and I am trying to log Cisco VoIP accounting
to an Oracle dbserver. The database and the freeradius are installed on the same
machine.
I have noticed that the radius server doesn't log an accounting request with the
User-Name attribute set to null/
Is the 'nas' table in rlm_sql the equivelant of clients.conf? Can rlm_sql
take advantage of everything in the schema? Specifically I'm looking for
the use of realm, realmgroup and nas tables. So far, it seems to just
ignore that table completely. If not, is there someone I can work/comm with
t
Currently radlast reports
09/01/2002 01:55:35 AutoPPP85.3 192374 609285
How do I configure portslave or Cistron Radius to report the real user
name?
This is the vanilla install under SuSE 7.2
_
email: [EMAI
Alan, I'm happy to submit patches/fixes as I have time. I'm interested in
contributing although it would probably be good if I knew a bit more about
radius first. Thx again!
vec
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, February
A newbie question, please don't flame me.
I was able to compile FreeRadius 0.4 and got it up and running on FreeBSD
4.4-RELEASE.
I am using "users" file to authenticate. This file is updated every 15
minutes through a cron job.
Here is where I ran into a problem: when I issued the command "k
"Vector" <[EMAIL PROTECTED]> wrote:
> Thank you all...you've been mostly helpful. I turned proxying on, and my
> realm in the realms file started working for usernames with the realm
> tacked on to them. I then added NULL to the realms file with 'LOCAL' for
> remote server and everything appear
Thank you all...you've been mostly helpful. I turned proxying on, and my
realm in the realms file started working for usernames with the realm
tacked on to them. I then added NULL to the realms file with 'LOCAL' for
remote server and everything appears to be working.
Another question: Why is t
Is there any other configuration need to be done besides changing
"with_cisco_vsa_hack=yes" in radiusd.conf? Please show me how you've done
it.
Raymond
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.a
"Burgess, Brian" <[EMAIL PROTECTED]> wrote:
> Is it possible to encrypt the users file
No.
> or just the passwords in the user file.
Yes. And then CHAP doesn't work.
> Didnt see any postings on the list about this and im sure it
> has come up before, it is insecure to have users and pass
> Is it possible to encrypt the users file or just the passwords in
the
> user file. Didnt see any postings on the list about this and
> im sure it
> has come up before, it is insecure to have users and
> passwords stored in
> a readable file. Thanks
We use the shadow password files that alre
>> I didn't. It was commented out by default.
> Sorry, the server DOES ship with 'files' in 'authorize'. It's done
> that way so that the 'users' file works by default.
I looked at the original tar file and sure enough it's not commented
out- but I honestly can't explain it.
>> Obvious when
Is it possible to encrypt the users file or just the passwords in the
user file. Didnt see any postings on the list about this and im sure it
has come up before, it is insecure to have users and passwords stored in
a readable file. Thanks
Brian Burgess
-
List info/subscribe/unsubscribe? See h
Darkshot <[EMAIL PROTECTED]> wrote:
> > Add 'files' to 'authorize' It's in the default config. Why did you
> > delete it?
>
> I didn't. It was commented out by default.
Sorry, the server DOES ship with 'files' in 'authorize'. It's done
that way so that the 'users' file works by default.
>> I must be missing something simple but I can't see what it is.
> Add 'files' to 'authorize' It's in the default config. Why did you
> delete it?
I didn't. It was commented out by default. Uncommenting it fixed everything and
all works perfectly now (knock wood). Obvious when you know, bu
Darkshot <[EMAIL PROTECTED]> wrote:
> That's the part I'm missing, it seems. Setting the DEFAULT in the
> users file to Local doesn't get it.
Of course, as I said, you don't have it configure to USE the 'users'
file, so it's not even LOOKING there.
> I must be missing something simple but I ca
"Vector" <[EMAIL PROTECTED]> wrote:
> since I'm not proxying to another server, I set it to no. BUT it sounds
> like if you want to *anything* with realms at all then proxy_requests must
> be 'yes' even if you aren't really sending them to another server.
Yes. Using the 'realms' file requires
> rad_recv: Access-Request packet from host 127.0.0.1:32831, id=21, length=57
> User-Name = "darkshot"
> Password = "1\362m\266\212\025J\323x?YED\272\203\264"
> NAS-IP-Address = 255.255.255.255
> NAS-Port-Id = "0"
> modcall: entering group authorize
> modcall[auth
Darkshot <[EMAIL PROTECTED]> wrote:
> Ok: Here's an entry from my users file:
>
> darkshot Auth-Type := Local, Password == "example"
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-Routing = None,
> Ascend-Assign-IP-Pool = 1,
> Ascend-Data-F
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, February 26, 2002 12:35 PM
Subject: Freeradius-Users digest, Vol 1 #531 - 14 msgs
> Send Freeradius-Users mailing list submissions to
> [EMAIL PROTECTED]
>
> To subscribe or unsubscribe via the World W
> Darkshot <[EMAIL PROTECTED]> wrote:
>> >> Auth: rlm_unix: Attribute "Password" is required for authentication.
>> >> Cannot use "CHAP-Password".
>>
>> > You can't use CHAP on /etc/passwd. See the FAQ.
>>
>> I'm not trying to. I want to use the "users" file.
> That's not what you told th
> "Vector" <[EMAIL PROTECTED]> wrote:
> > After working on this for a while, it looked like realms might be the =
> > answer but that didn't quite take care of it. If I put =
> > '[EMAIL PROTECTED]' in the db then 'user' will no longer work, right?
>
> Yes.
>
> > There are going to be lots of r
Darkshot <[EMAIL PROTECTED]> wrote:
> >> Auth: rlm_unix: Attribute "Password" is required for authentication.
> >> Cannot use "CHAP-Password".
>
> > You can't use CHAP on /etc/passwd. See the FAQ.
>
> I'm not trying to. I want to use the "users" file.
That's not what you told the server to
> Darkshot <[EMAIL PROTECTED]> wrote:
>> In short, I'm using CHAP on Max 4K and 6K boxes and in trying to get
>> freeradius to work, I get the:
>>
>> Auth: rlm_unix: Attribute "Password" is required for authentication.
>> Cannot use "CHAP-Password".
> You can't use CHAP on /etc/passwd. See t
"Vector" <[EMAIL PROTECTED]> wrote:
> After working on this for a while, it looked like realms might be the =
> answer but that didn't quite take care of it. If I put =
> '[EMAIL PROTECTED]' in the db then 'user' will no longer work, right?
Yes.
> There are going to be lots of realms and I wo
"Connie Liu" <[EMAIL PROTECTED]> wrote:
> E.g. username@marketing will check the file =
> "password.marketing"
> username@sales will check the file =
> "password.sales"
>
> Note: It is not radius User file, it is standard UNIX password file!
>
> How can I do
"Esken, Christian, VP-TS, CE" <[EMAIL PROTECTED]> wrote:
> I start radiusd like this:
>
> radiusd -yz -d /opt/radius/radius1 -p 1645
>
> Giving the options -y and -z I would think auth errors would be logged to
> the file radius.log in directory
...
Don't use command line options other th
"Vector" <[EMAIL PROTECTED]> wrote:
> All other tables empty. Justing testuser everything is fine. Using
> [EMAIL PROTECTED] fails. Must there be a realm for stripped-user-name
> to work properly? I would have thought it would strip everything after and
> including the @ symbol even without a
Darkshot <[EMAIL PROTECTED]> wrote:
> In short, I'm using CHAP on Max 4K and 6K boxes and in trying to get
> freeradius to work, I get the:
>
> Auth: rlm_unix: Attribute "Password" is required for authentication.
> Cannot use "CHAP-Password".
You can't use CHAP on /etc/passwd. See the FAQ.
>
Hi,
There is pppoed included with freebsd, and it works with radius (or pppoed
uses ppp, wich I think supports radius).
Regards,
Mattias Eriksson
> -Original Message-
> From: SY Meta [mailto:
> Sent: den 26 februari 2002 15:24
> To: [EMAIL PROTECTED]
> Subject: Free PPPoE serv
Thankx much for the reply. Maybe I'm going
about this all wrong. I would just like 'user' to work as well as '[EMAIL PROTECTED]'
After working on this for a while, it looked like
realms might be the answer but that didn't quite take care of it. If I put
'[EMAIL PROTECTED]' in the db the
> bobAuth-Type := Local, Password := bob
> Fall-Through = Yes
I made that change and:
> Also, once you actually run radtest, there should be more info from
> radiusd -X after:
rad_recv: Access-Request packet from host 127.0.0.1:32830, id=44, length=52
U
Hi All;
I have few password/shadow file for different
department, I need to use different realm todo the authentication,
E.g. username@marketing will check the
file
"password.marketing"
username@sales will check the
file
"password.sales"
Note: It is
Hi,
Does anyone of you know one free pppoe server that authenticates against
radius?
I cannot find a free one. :(
Cheers,
Meta
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
If you setup a hint for example:
DEFAULT Suffix = "@somedomain.com"", Strip-User-Name = Yes
Hint = SMDM
Then there will be a stripped user name
And if in your sql.conf you say here:
# ^^^ --That doesn't work
because someone screwed up decode_attribute()
sql_user_name =
I am having exactly the same problem as below...
Could anyone make it work ?
> Hi,
>
> Trying to restrict a user to only one 'Simultaneous-Use' and I get the
> error in debug ::
>
> rlm_sql: Pairs do not match [testuser]
> modcall[authorize]: module "sql" returns notfound
> modcall: group au
Hello,
where are failed logins logged to? More precisely I mean those logins with
authentication errors.
I start radiusd like this:
radiusd -yz -d /opt/radius/radius1 -p 1645
Giving the options -y and -z I would think auth errors would be logged to
the file radius.log in directory
"logdir" as
36 matches
Mail list logo