Hi everybody,I am going to implement online users watch in my voip origination system.Online users are the users after card verification and start calling process .Because of special computation, I am using an external program for both authentication and accounting using exec-program-wait in freera
Hi experienced guru's,
I am testing authentication of Wireless LAN
applications and got tired of FUNK, Cisco etcetera.
So I got myself some basic WLAN stuff (without
authentication stuff).
What I want to try is that the user gets a DHCP IP
address when connecting to the network.
as soon as he/
Alan,
Still not fix in snapshot-20020814
Raymond
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Alan DeKok
Sent: Thursday, August 15, 2002 3:02 AM
To: [EMAIL PROTECTED]
Subject: Re: empty vsa trouble
"Raymond Chen" <[EMAIL PROTECTED]&
Dear all, this is my senario.
I setup a client using Windows XP with Cisco wireless adapter 350, the Access
Point (NAS) would be Cisco AP 350, and FreeRadius(0.7) running on Redhat
Linux 7.2. I am testing on the case of EAP-MD5. I make an user entry in the
usr/local/etc/raddb/users file.
Well,
On Tue, Aug 13, 2002 at 01:41:06PM +0200, Justin Schoeman wrote:
> if (inst->config->authenticate_query){ ...
>
> but in the config parsing a default of "" (empty string) is specified,
> so even if the config string is commented out, it still tries to
> authenticate. Changing this to:
>
> if((
Hello,
I am using a multi-value attribute "radiusNASPortType" to restrict what
type of media a user can access our network, it does not work if there
are multiply values.
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding radiusNASPortType as NAS-Port-Type, value xDSL & op=11
rlm
> I have changed it to using a suffix instead eg:
> [EMAIL PROTECTED], I added this to the hints file.
> DEFAULT Suffix = ".xdsl", Strip-User-Name = Yes
> NAS-Port-Type = xDSL
> Only problem is the suffix is not being stripped, only the realm is
> being removed. Anyone know how I can fix
"Raymond Chen" <[EMAIL PROTECTED]> wrote:
> For example, sql inserts %{h323-remote-address} to the database and
> when calltype='Telephony', it does not have the %{h323-remote-address}
> value. But the sql insert shows "}" .
Use the CVS snapshot from tonight, it contains a fix.
Alan DeK
Title: Freeradius proxy server configuration
I set up two freeradius servers to test the proxy feature.
In one machine (A), I installed radius server and a radius client testing program.
In another machine (B), I installed radius server only.
I configured server A and B by editing radiu
Rodrigo,
I think I found the problem, in the
example setup file sql.conf. You have use the variable %S which is
the system timestamp in sql format when the insert command is
perform. That works when you writes both start and stop accounting
records. In my setup, I only use the sto
Dear list,
I have encounter an problem with 0.7 version when writing to
oracle database with an empty vsa, the output of that column with show “}”
instead of a null like in 0.6.
For example, sql inserts %{h323-remote-address}
to the database and when calltype=’Telephony’, it do
Rodrigo,
Thanks for the quick reply, here is the
output of the cisco AS5300, I don’t see any AcctStartTime in the vsa,
please enlight me.
NAS-IP-Address = 203.150.198.248
Cisco-NAS-Port = "ISDN 1:D:1"
NAS-Port-Type = Async
User-Name =
"11000
Nick Davis wrote:
> To diable a group do this:
> #select * from radgroupcheck;
> ++---+--+++
> | id | GroupName | Attribute| Value | op |
> ++---+--+++
> | 21 | reject| Auth-Type| Reject | := |
> t
Use AcctStartTime NOT h323-setup-time
- Original Message -
From:
Raymond
Chen
To: [EMAIL PROTECTED]
Sent: Wednesday, August 14, 2002 3:10
PM
Subject: time format
Dear list,
Trying to setup the radius to
write CDR straight to MySQL database. But
Dear list,
Trying to setup the radius to write CDR straight to MySQL
database. But the time from NAS as “h323-setup-time=02:05:44.512 CN Thu Aug 15 2002”
and in the MySQL database script, the time is define as “-00-00 00:00:00”. So
when radius trys to insert to database, it retu
hi all
I am newbie in FreeRADIUS and I am going to migrate from my NT Commercial
Accounting/Radius Server to FreeRadius.
my biggest problem is this :
I defined a special group in my previous accounting server , and it was :
25H/month group
if my users login between 2Pm-2Am they could use just 25
Dear list,
I want to receive the setup, connection and disconnection
time in timestamp format instead of the UTC format. Do I use the rlm_rewrite
module or by means of other configuration method. Please show me the details.
Best regards
Raymond
Hooman:
We have Dual PIII 500 MHz systems with 256MB RAM for about 100.000
users, with 500 simultaneous (which means 1-3 logins/sec , 10 acount
packets/sec at the peak).
However, during migration from 0.4 to 0.7 I used a single PIII 700
with 128MB RAM for doing the same, and it was ru
I had try to install the Freeradius 0.7, but during
complie, I had the message:
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS
-Wall -D_GNU_SOURCE
-DNDEBUG -I../../include
-DX99_MODULE_NAME=\"rlm_x99_token\"
-DFREERADIUS -c
x99_pwe.c -o x99_pwe.o
x99_pwe.c:39:25: openssl/md4.h: ?
I had try to install the Freeradius 0.7, but during
complie, I had the message:
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS
-Wall -D_GNU_SOURCE
-DNDEBUG -I../../include
-DX99_MODULE_NAME=\"rlm_x99_token\"
-DFREERADIUS -c
x99_pwe.c -o x99_pwe.o
x99_pwe.c:39:25: openssl/md4.h: ?
>> Class = "internet"
>>
>> Is it wrong? (it worked with 0.6!)
> Hmmm, OK. Go to src/lib/valuepair.c, and look
for:
>
> case PW_TYPE_OCTETS:
>
> Move the line 'vp->length = 0;' from just before
'if' >statement, to
>just before the 'while' statement, 4-5 lines down.
Rebuild
>everything.
>
Hello,
I have a goal of allowing access via the Called-Station-ID based on the
users Group. I am currently using the sql (mysql) module for the Group
definition. In my radiusd.conf authorize section I have the sql listed
before files ie..
sql
files
in my users file I have an entry that looks li
On Wed, 14 Aug 2002, Alessandro Maioli wrote:
> Hi to all!
>
> I'm working with attr_rewrite to change my username realmess in a realm one
> (paperino -> [EMAIL PROTECTED]). Which is the regular expression to use in
> "replacewith" field of the modules.
>
> Thanks in advanced.
>
> Best regards.
Hi to all!
I'm working with attr_rewrite to change my username realmess in a realm one
(paperino -> [EMAIL PROTECTED]). Which is the regular expression to use in
"replacewith" field of the modules.
Thanks in advanced.
Best regards.
-
Ing. Alessandro
On Wed, 14 Aug 2002, Hooman Amini wrote:
> Dear Alan Dekok,
> Thanks for your response.I have still not got a clear idea about hardware
> requirements...
> Have you ever test the RAM requirement,any recommandation of RAM frequency for
> running 100 concurrent users?How about running mysql and rad
Hooman Amini <[EMAIL PROTECTED]> wrote:
> Thanks for your response.I have still not got a clear idea about hardware
> requirements...
As I said, any Pentium III machine should be fine.
> Have you ever test the RAM requirement,
32M of RAM dedicated to the server should be plenty.
> any reco
"Francois Dessart" <[EMAIL PROTECTED]> wrote:
> Class = "internet"
>
> Is it wrong? (it worked with 0.6!)
Hmmm, OK. Go to src/lib/valuepair.c, and look for:
case PW_TYPE_OCTETS:
Move the line 'vp->length = 0;' from just before 'if' statement, to
just before the 'while' statement, 4-5 li
Dear Alan Dekok,
Thanks for your response.I have still not got a clear idea about hardware
requirements...
Have you ever test the RAM requirement,any recommandation of RAM frequency for
running 100 concurrent users?How about running mysql and radius at the same
machine? How would be the preformanc
On Wed, 14 Aug 2002, Margrete Raaum wrote:
>
> This is probably a very stupud question, but here goes.
>
> I use freeradius to authenticate both for logging onto routers and
> lock&key.
>
> I tried to set up freeradius to authenticate our dialup service (ISDN,
> Cisco 3640 12.2(5a)), but how do I
This is probably a very stupud question, but here goes.
I use freeradius to authenticate both for logging onto routers and
lock&key.
I tried to set up freeradius to authenticate our dialup service (ISDN,
Cisco 3640 12.2(5a)), but how do I let in these users without allowing
them access to the r
Hi,
in radiusd.conf there is the parameter checkrad with the location of this
program that isn't read at startup time.
I wrote a little patch (apply to 0.7) that read this parameter and use it
in session.c when checkrad is call.
I'm not a professional programmer but I hope this is usefull.
A
> And how do you specify it in the 'users' file (or wherever you
> define it)? Odds are, you're doing something like:
>
> Class = 0xfoobar
>
> Where 'foobar' isn't a hex string.
I'm specifying it with the form:
Class = "internet"
Is it wrong? (it worked with 0.6!)
Thanks for your help
On Wed, 14 Aug 2002, Guillermo Schimmel wrote:
> Yes, it seems like I have several errors. Now Its working.
>
> Now, I have read that you can use the Pool-Name attribute to select one
> IP Address pool, that's why I started trying this.
> I have to share a NAS for Internet Access and VPN access a
Yes, it seems like I have several errors. Now Its working.
Now, I have read that you can use the Pool-Name attribute to select one
IP Address pool, that's why I started trying this.
I have to share a NAS for Internet Access and VPN access and I'm going
to do that by routing and firewalling, ass
"Francois Dessart" <[EMAIL PROTECTED]> wroter:
> I just upgraded from 0.6 to 0.7 and I am experiencing 2 big problems:
>
> 1) The 0.7 server is sending a malformed "Class Attribute":
Which probably means you're specifying it incorrectly.
> Sending Access-Accept of id 44 to x.x.192.138:1046
>
KEV <[EMAIL PROTECTED]> wrote:
> I have these settings into users :
...
> Cisco-AVPair = "shell:autocmd=rlogin 10.10.2.110 /user %u"
The variable expansion is only done for the Reply-Message
attribute. If you want to expand the Cisco-AVPair attribute, see the
main web page:
http://www
Download the lastest snapshot. Read the README, the files in doc/*, and the
files in raddb/*. Then you should understand everything you have just asked.
If you have more questions, read through the past messages of this mailing
list. All of your answers are there. Just look for them!
Nick
On
On Wed, 14 Aug 2002, Guillermo Schimmel wrote:
> Module: Loaded IPPOOL
> ippool: session-db = "/usr/local/etc/raddb/db.ippool"
> ippool: ip-index = "/usr/local/etc/raddb/db.ipindex"
> ippool: range-start = 10.170.201.1 IP address [10.170.201.1]
> ippool: range-stop = 10.170.200.254 IP address
Kostas Kalevras wrote:
>On Wed, 14 Aug 2002, Guillermo Schimmel wrote:
>
>
>
>>authorize {
>>preprocess
>>files
>>ippool
>>chap
>>group {
>> ldap1 {
>> fail = 1
>> notfound = 2
>> noop = return
>
On Wed, 14 Aug 2002, Guillermo Schimmel wrote:
> authorize {
> preprocess
> files
> ippool
> chap
> group {
> ldap1 {
> fail = 1
> notfound = 2
> noop = return
> ok = return
>
Kostas Kalevras wrote:
>On Wed, 14 Aug 2002, Guillermo Schimmel wrote:
>
>
>
>>Yes, I have done so.
>>
>>Is this output OK? (The noop part)
>>
>>modcall: entering group authorize
>> modcall[authorize]: module "preprocess" returns ok
>> modcall[authorize]: module "files" returns notfound
>> m
On Wed, 14 Aug 2002, Guillermo Schimmel wrote:
> Yes, I have done so.
>
> Is this output OK? (The noop part)
>
> modcall: entering group authorize
> modcall[authorize]: module "preprocess" returns ok
> modcall[authorize]: module "files" returns notfound
> modcall[authorize]: module "ippool"
Kostas Kalevras wrote:
>On Tue, 13 Aug 2002, Guillermo Schimmel wrote:
>
>
>
>>It still doesn't work.
>>
>>
>>
>>>Hi list:
>>>
>>> I'm starting the tests with the ippool module.
>>>
>>> I added this line on the users file:
>>>
>>>DEFAULT NAS-IP-Address == "10.169.255.11", Auth-
Hello!
I have these settings into users :
DEFAULT Prefix==uu, Auth-Type := Accept
Service-Type = Login-User,
Cisco-AVPair = "shell:autocmd=rlogin 10.10.2.110 /user %u"
and during login i see such debug :
*Mar 3 02:17:28.508: RADIUS: saved authorization data for user 25BB04 at
44 matches
Mail list logo