http://www.untruth.org/~josh/security/radius/radius-auth.html
For those interested in finding out how easy.
Andrew Tait
System Administrator
Country NetLink Pty, Ltd
E-Mail: [EMAIL PROTECTED]
WWW: http://www.cnl.com.au
30 Bank St Cobram, VIC 3644, Australia
Ph: +61 (03) 58 711 000
Fax: +61 (03)
REQUEST FOR URGENT BUSINESS ASSISTANCE
--
I stumbled into your contact by stroke of luck after a
long search for an honest and trust worthy person who
could handle issue with high confidentiality.
I was so dilghted when i got your contact and i decided
to cont
Andrew,
Pretty easy actually, easier than one would think
Regards
G.
At 02:28 PM 15/05/2002 +1000, you wrote:
>Hi All,
>
>Quick question.
>
>Lets say that someone has the ability to sniff traffic between our NAS and
>radius server.
>
>What are the chances of them finding out the shared secret
Hi All,
Quick question.
Lets say that someone has the ability to sniff traffic between our NAS and
radius server.
What are the chances of them finding out the shared secrets, or actual
usernames and passwords?
Andrew Tait
System Administrator
Country NetLink Pty, Ltd
E-Mail: [EMAIL PROTECTED]
Correct.
Andrew Tait
System Administrator
Country NetLink Pty, Ltd
E-Mail: [EMAIL PROTECTED]
WWW: http://www.cnl.com.au
30 Bank St Cobram, VIC 3644, Australia
Ph: +61 (03) 58 711 000
Fax: +61 (03) 58 711 874
"It's the smell! If there is such a thing." Agent Smith - The Matrix
- Original Mess
hi, all...
we have problem on freeradius-0.5,
when 2 users connect to radius server, we got only one session stop
i'm set 240 second timeout on ISS
this is my sample log,
http://www.cyber-isp.net/~sunar/radreport.html
any body help me..?
-sunar
-
List info/subscribe/unsubscribe? See http:
Hi list,
We store our users' passes ias md5 digests. Am I correct in assuming
that (in the absence of _any_ plaintext ones) we can't do CHAP at all,
no matter what?
--
Cheers,
Mattt. [EMAIL PROTECTED]
Network and Tech Guy,ICQ: 117539757
Expressnet.
Awsome :) Thank you! :D
> > At 01:57 PM 5/14/2002 +1200, Simon Allard wrote:
> >
> > >Is there a way to load balance modules?
> > >
> > >I can see how to do a failover, but I want to be able to load balance over
> > >multiple ldap servers. Is that at all possible with the current code base?
>
On Tue, May 14, 2002 at 07:40:51PM +0100, Rick M wrote:
> Currently we use PAP to validate on our network. In the past, radius was
> unable to do CHAP via unix password file and I am not so sure freeradius
> can do it now.
> I have looked through the documentation on 0.5 but cannot locate
> info
Thanks Chris.
Anyone wanna build a module/engine to handle this?
It would only take a few man years..
Just kidding, no reply necessary.
Rick
On Tue, 14 May 2002, Chris Parker wrote:
> At 07:40 PM 5/14/2002 +0100, Rick M wrote:
> >Hi,
> >
> >Currently we use PAP to validate on our network. In
At 07:40 PM 5/14/2002 +0100, Rick M wrote:
>Hi,
>
>Currently we use PAP to validate on our network. In the past, radius was
>unable to do CHAP via unix password file and I am not so sure freeradius
>can do it now.
No. It's not a limitation of the radius server, it's a limitation of
how CHAP work
I am using Freeradius 0.5 with Cisco AS5300 VoIP gateways, using only the
accounting part of radius. I configured the with_cisco_vsa_hack in
radiusd.conf, but on further investigation I found that the pre-accounting
preprocessing was giving a noop, and that the vsa_hack was not running.
This
Hi,
Currently we use PAP to validate on our network. In the past, radius was
unable to do CHAP via unix password file and I am not so sure freeradius
can do it now.
I have looked through the documentation on 0.5 but cannot locate
information relating CHAP and the unix password file.
It appears
Dear Mr. Parker:
I have tried to express clearly. I perfectly know how annoying is some
lamer throw you a lot of questions "it doesnt work" or "how to blabla". I
am sorry!
Dear Mr. DeKok:
Radius is a whole new land for me. I am sorry that I am misusing different
terms.
To both: my question is:
At 08:49 PM 5/14/2002 +0300, Kliment Toshkov wrote:
>Dear Mr. DeKok,
>
>It seems that you are the most qualified in FreeRadius.
>Why do you reply with quotes? I have read them lot of times.
>
>Probably most usefull answer will be the one to "WHAT exactly Auth-Type
>should be set in DEFAULT to allo
"Kliment Toshkov" <[EMAIL PROTECTED]> wrote:
> It seems that you are the most qualified in FreeRadius.
> Why do you reply with quotes? I have read them lot of times.
Uh... I have no idea what you mean by that.
> Probably most usefull answer will be the one to "WHAT exactly Auth-Type
> should
Dear Mr. DeKok,
It seems that you are the most qualified in FreeRadius.
Why do you reply with quotes? I have read them lot of times.
Probably most usefull answer will be the one to "WHAT exactly Auth-Type
should be set in DEFAULT to allow authorization through MySQL module"?
Setting DEFAULT to L
I am setting up a multi subnet network. The subnet that a dial in user gets depends on there “group”.
I have 26 groups all over 100 accounts.
They are all dialing one modem pool. How can I do this. I read thought the FAQ & archive.
Help thx,
tmb
This is what I am asking from the begining. Could you please tell me what
will be the exact syntax of that DEFAULT statement (example maybe)? Thank
you!
Alan DeKok said:
> "Kliment Toshkov" <[EMAIL PROTECTED]> wrote:
>> This will almost double the size of database. Is there any possible
>> hack o
"Kliment Toshkov" <[EMAIL PROTECTED]> wrote:
> This will almost double the size of database. Is there any possible hack
> or something with config files to Exec-Program-Wait evern for *EVERY* user
> authenticated through Radiusd?
That's what DEFAULT is for.
Alan DeKok.
-
List info/subscrib
Steve Langasek <[EMAIL PROTECTED]> wrote:
> Changing the above block to read 'reject_delay = 0' cleared up the
> problem, and the monitoring server is now seeing valid replies at all
> hours of the day.
OK, I found the problem. If the server received a new packet while
it was sitting on a dela
This will almost double the size of database. Is there any possible hack
or something with config files to Exec-Program-Wait evern for *EVERY* user
authenticated through Radiusd?
Thank you!
Alan DeKok said:
> "Kliment Toshkov" <[EMAIL PROTECTED]> wrote:
>> I am aware of that statement, but I aut
"Kliment Toshkov" <[EMAIL PROTECTED]> wrote:
> I am aware of that statement, but I authorize my usersh through mysql
> module. All data about users is held in MySQL database.
> So what do I put and where do I put it? Thank you!
In the list of reply items in the MySQL database?
Alan DeKok.
-
I am aware of that statement, but I authorize my usersh through mysql
module. All data about users is held in MySQL database.
So what do I put and where do I put it? Thank you!
Alan DeKok said:
> "Kliment Toshkov" <[EMAIL PROTECTED]> wrote:
>> Another lame question - how do I set Radius to execut
i am a newbie on this matter, im going to install a freeradius server for
my routers authentication. I have xtacacs at this momment using a plain
text database. Is it necessary to install MySQL database ? or Can I use a
plain text database like Xtacacs ?
regards
==
"Kliment Toshkov" <[EMAIL PROTECTED]> wrote:
> Another lame question - how do I set Radius to execute a program on
> Authentication request (preffered only on successful one)?
In the 'users' file, you do something like:
bob Auth-Type := System
Exec-Program = "/foo/bar"
If the user is
On Tue, 14 May 2002, Chris Parker wrote:
> At 01:57 PM 5/14/2002 +1200, Simon Allard wrote:
>
> >Is there a way to load balance modules?
> >
> >I can see how to do a failover, but I want to be able to load balance over
> >multiple ldap servers. Is that at all possible with the current code base?
At 01:57 PM 5/14/2002 +1200, Simon Allard wrote:
>Is there a way to load balance modules?
>
>I can see how to do a failover, but I want to be able to load balance over
>multiple ldap servers. Is that at all possible with the current code base?
Not at the moment, no. As Alan says: "Patches are w
Hello all,
Another lame question - how do I set Radius to execute a program on
Authentication request (preffered only on successful one)?
I have no DEFAULT entries at all in users file, since users are
authenticated from MySQL module.
A decent configuration file should be enough for me, I just ha
Hello Mattt,
I have adder files in preacct section, fixed some typos in acct_users
(Yeah, i've mistaken the name below), fixed some more errors in users file
(since it was not processed before because files directive was missing),
and voila, it runs. Only thing left is to understand how to pass s
Hi,
Try using acct_users rather than users_acct - you also need to have
the 'files' sections in radiusd.conf, both in the 'modules' and the
'preacct' sections (I think...).
On Tue, 2002-05-14 at 21:09, Kliment Toshkov wrote:
> Hello all,
>
> I am successfuly running FreeRadius 0.5 with MySQL
Hello all,
I am successfuly running FreeRadius 0.5 with MySQL support for authorizing
and accounting purposes. Only doubt here is how to exec programs on Start
and Stop accounting packets? I have read previous postings, added
appropriate lines in 'users_acct' but it seems that Radius does interpr
32 matches
Mail list logo