we 've had similar problems with completely other systems (I mean nothing
related with radius but the source IP was important as well).
It seems not so easy to force the traffic leaving a unix-like machine on the
"right" (logical) subinterface.
Alternatives are : define static routes in the machi
On Mon, Mar 11, 2002 at 01:11:54PM +0800, M Z Rahman wrote:
> I was trying to run an external perl script to do some customised logging
> depending on the Acct-Status-Type in the users file:
>
> DEFAULT Acct-Status-Type == "Start"
>Exec-Program-Wait = "/radius/raddb/startstopacct %u %s %e
I need to have radius bound to two ip's on a server, one for an internal
network and one for external, but run up against a problem.
With bind_address * , if a request comes in on the 2nd ip, freeradius
sends the response out of the 1st ip, eg :-
eth0 10.0.0.1
eth0:1 10.0.0.2
Request on et
On Mon, 11 Mar 2002, Chris Parker wrote:
> At 10:18 AM 3/11/2002 -0700, Charlie Watts wrote:
> >I'm having trouble with rlm_attr_filter and Ascend-Data-Filter.
> >
> >attrs:
> >acsinc.net
> > Ascend-Data-Filter := "ip in forward tcp est",
> > Ascend-Data-Filter := "ip in forward ds
On Tue, 2002-03-12 at 01:29, Alan DeKok wrote:
> Dan Perik <[EMAIL PROTECTED]> wrote:
> > Now, I'd like to extend that and allow FreeRadius to also try SQL
> > auth. So it would try LDAP first, and if the user isn't found (or
> > even on a bad password), I would like FreeRadius to then try to aut
Normand Dionne <[EMAIL PROTECTED]> wrote:
> What if we could import our Unix names and passwords to a Radius server?
No. The RADIUS server is a daemon which does authentication. It's
not a database of username/passwords.
It *uses* a database, one of which can be the Unix /etc/passwd file.
What about looking at it this way...
What if we could import our Unix names and passwords to a Radius server?
Does this sound like what Radius is used for?
I'll check out SAMBA too and Mike H suggested.
Mahalo for your help.
Normand Dionne
Academic Computing Services
UH Hilo website: www.uhh.
I think SAMBA may be able to do this when acting as a PDC.
http://www.samba.org/
> We run several PC labs at our campus, all of which require an NT or 2000
> logon. We are now looking for a way to authenticate by proxy to a Unix name
> and password for our students.
>
> Your comments are mos
Normand Dionne <[EMAIL PROTECTED]> wrote:
> We run several PC labs at our campus, all of which require an NT or 2000
> logon. We are now looking for a way to authenticate by proxy to a Unix name
> and password for our students.
You should use Samba on Unix. There are really no alternatives.
We run several PC labs at our campus, all of which require an NT or 2000
logon. We are now looking for a way to authenticate by proxy to a Unix name
and password for our students.
Your comments are most welcome.
Normand Dionne
Academic Computing Services
UH Hilo website: www.uhh.hawaii.edu
-
At 03:09 PM 3/11/2002 -0500, CGI wrote:
>After all my tests, I just connect the radius server
>to Mysql, but from the first fire up I had this
>message:
>
>rlm_sql: Could not link driver rlm_sql_mysql: file not
>found
>rlm_sql: Make sure it (and
Hello,
I work for an ISP that has recently started to provide *DSL to
companies, and uses a freeradius server to handle proxied RADIUS
requests from the DSL supplier. Installation, configuration and initial
testing all went fine; however, when the first live clients were
activated today t
After all my tests, I just connect the radius server
to Mysql, but from the first fire up I had this
message:
rlm_sql: Could not link driver rlm_sql_mysql: file not
found
rlm_sql: Make sure it (and all its dependent
libraries!) are in the search
>Hi everybody
>I am not familiar with RADIUS server and I would like
>to know more about it.
>Could anybody explain me what is meant by RADIUS
>experimental support for EAP/TLS? Is it currently in
>experimentation or is it just a hypothesis?
>thank you in advance
EAP/TLS is not a highly tested.
S
>Nope. Triple-checked the shared secret. They match.
>
>Only one RADIUS server in this setup, not separate auth and acct (or did I
>misunderstand your suggestion?).
If shared secret is right then we need to figure out, where the problem
is.
Can you send the radius logs.
As Alan suggested can y
At 10:18 AM 3/11/2002 -0700, Charlie Watts wrote:
>I'm having trouble with rlm_attr_filter and Ascend-Data-Filter.
>
>Indeed, there is a comment in the source:
>
>/* THIS SECTION NEEDS LOTS OF WORK TO GET THE ATTRIBUTE
> * FILTERING LOGIC WORKING PROPERLY. RIGHT NOW IT DOES
> * T
I'm having trouble with rlm_attr_filter and Ascend-Data-Filter.
Indeed, there is a comment in the source:
/* THIS SECTION NEEDS LOTS OF WORK TO GET THE ATTRIBUTE
* FILTERING LOGIC WORKING PROPERLY. RIGHT NOW IT DOES
* THINGS MOSLTY RIGHT. IT HAS SOME ISSUES WHEN YOU HAVE
*
"McNutt, Justin M." <[EMAIL PROTECTED]> wrote:
> [Date] Error: Received packet from 128.206.95.215 with invalid
> Message-Authenticator!
That means either your shared secret is wrong, OR the
Message-Authenticator attribute is something else (i.e. Ascend
attribute), OR there's a bug in the code.
CGI <[EMAIL PROTECTED]> wrote:
> 1. Can I use the same database to authenticate 3
> different devices: a Nortel VPN box, a Checkpoint
> firewall and a 3COM modem chassis.
If they all do RADIUS, yes.
> 2. can I add in the database some information
> regarding what the user is allow it to do, fo
"M Z Rahman" <[EMAIL PROTECTED]> wrote:
> I was trying to run an external perl script to do some customised logging
> depending on the Acct-Status-Type in the users file:
That won't work. 'users' is for authorization/authentication.
Look at 'acct_users'
> Now, my question is does free-radi
Dan Perik <[EMAIL PROTECTED]> wrote:
> Now, I'd like to extend that and allow FreeRadius to also try SQL
> auth. So it would try LDAP first, and if the user isn't found (or
> even on a bad password), I would like FreeRadius to then try to auth
> against sql. Is this possible, and if so how?
S
Hi all,
is it possible to put multiple 'Exec-Program' for one user ?
Thanx,
--
Do-Risika RAFIEFERANTSIARONJY
mailto:[EMAIL PROTECTED]
Simicro Internet, mailto:[EMAIL PROTECTED], http://internet.simicro.mg
Tel : (+261) 20 22 648 83 (GMT +3), Fax : (+261) 20 22 661 83
-
List
Hi,
I have a server running on Linux (Suse 7.2 enterprise). I want to build an
AAA-server using Freeradius. I have install the freeradius.rpm packages. So
far, no problem. Next I want to configure a client. The client machine is
running OS, Solaris 7. At this point i don't have any idea how to co
Hi everybody
I am not familiar with RADIUS server and I would like
to know more about it.
Could anybody explain me what is meant by RADIUS
experimental support for EAP/TLS? Is it currently in
experimentation or is it just a hypothesis?
thank you in advance
24 matches
Mail list logo