the radutmp is updated with an accounting packet, so you must put 'radutmp'
in the accounting section of radiusd.conf and configure the NAS to send
accounting packets.
At 16.54 13/11/02, you wrote:
I've read all about this subject from archives.
My radutmp file is created, (and writed)
-Info = V34 31200 33600 LAPM/V42Bis
modcall: entering group preacct
modcall[preacct]: module files returns noop
modcall: group preacct returns noop
modcall: entering group accounting
radius_xlat: '/usr/local/var/log/radius/radacct//detail-20021114'
rlm_detail:
/usr/local/var/log/radius/radacct
Hi all,
I have FreeBSD + OpenLDAP + FreeRADIUS + MySQL. My target: RADIUS with
LDAP authentication and logs in MySQL. But I have problem, with testing
that work or not. When I start RADIUS server in debug mod option -X,
everything is OK:
rlm_sql: Driver rlm_sql_mysql loaded and linked
Hello all,
I have implemented freeRadius 0.71 with LDAP authentication and
authorization. The system is working fine for the past two months. Now, I
want to implement per day time quotas for users. How can I do this ? I saw
some references to
Max-Daily- session in Radiusd.conf, but how can I
Title: Re: EAP-TLS re-keying
Lars Viklund wrote:
From: BUTTI Laurent FTRD/DTL/ISS [mailto:[EMAIL PROTECTED]]
Sent: den 13 november 2002 18:43
To: [EMAIL PROTECTED]
Subject: EAP-TLS re-keying
I have an Orinoco AP-2000 (2.0.2) and a windows XP client SP1.
freeradius-users
I am using DIGI'S PortServer as NAS, freeradius as radius
server,authentication is ok,but accounting is wrong,radius server complain Invalid
signature .Is radius server misconfiguration or other reason?
thanks
On Thu, 2002-11-14 at 13:22, BUTTI Laurent FTRD/DTL/ISS wrote:
My Orinoco AP-2000 seems to send 2 broadcast and 1 unicast WEP keys.
ok. I don't really see the point in distributing more than one
broadcast key, but of course it nothing wrong with doing it.
Not quite. It will send (at least)
Basically my question is: Which way is simple way to get any record in
RADIUS logs without dial-up access?
Hilmi Hilmiev wrote:
Hi all,
I have FreeBSD + OpenLDAP + FreeRADIUS + MySQL. My target: RADIUS with
LDAP authentication and logs in MySQL. But I have problem, with
testing that work or
14-Nov-02 at 14:41, Hilmi Hilmiev ([EMAIL PROTECTED]) wrote :
Basically my question is: Which way is simple way to get any record in
RADIUS logs without dial-up access?
radclient is probably what you need. You have to construct a file with a
packet to send, e.g.:
===authcheck=== (filename)
Dear Simon White,
Your answer solve my problem. 10x very very much.
Best regards,
Simon White wrote:
14-Nov-02 at 14:41, Hilmi Hilmiev ([EMAIL PROTECTED]) wrote :
Basically my question is: Which way is simple way to get any record in
RADIUS logs without dial-up access?
In my users file I'm trying to define Simultaneous-Use for group:
==
DEFAULT Group == ppp-simul, Simultaneous-Use := 10
Fall-Through = Yes
DEFAULT Simultaneous-Use := 1
Fall-Through = Yes
Hi,
I have a couple of questions about adding a new EAP module to
freeRadius. I have version 0.7.1.
1. Easy one first: Does anybody know how to send the EAP-Message
attribute with radclient? That attribute needs to contain a list of EAP
attributes and I dont know the syntax. I tried putting
Jeremy Salch [EMAIL PROTECTED] wrote:
Does anyone know how to get Freeradius working with CISCO LEAP?
It can't. . LEAP is a Cisco Proprietary EAP type to cisco.. you'll have to
shell
out the cash for this one.
Either to buy Cisco's RADIUS server, or to pay someone to implement
Gene Parks [EMAIL PROTECTED] wrote:
What about using the radius server built into the SecurID product and
let Freeradius proxy to it for that function?
Sure, that would work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
All,
I am currently trying to get freeradius-0.7.1 to work with an Extreme
Networks Summit 24 switch. The Extreme Switch is running Extremeware
Version 4.1.19 (Build 2).
My goal is to be able to have users login into the Extreme as either
normal (non enable/administrative) or with full
Remus Anca [EMAIL PROTECTED] wrote:
i'll never ask before -X ...
and i don't see what's wrong :(
...
accounting {
radutmp
sql
sradutmp
}
The accounting messages get logged in radutmp,
The debug output you posted showed that you were only getting logout
Michael Fuller [EMAIL PROTECTED] wrote:
I have implemented freeRadius 0.71 with LDAP authentication and
authorization. The system is working fine for the past two months. Now, I
want to implement per day time quotas for users. How can I do this ? I saw
some references to
Max-Daily- session in
Hi, I've just started using FreeRADIUS and I've encountered something
that's got me a little baffled.
We've been using MacRADIUS for years, but we needed something that
could support realms in order to add certain new services.
I set up a RADIUS proxy using a minimal installation of Mandrake
Adam Moffett [EMAIL PROTECTED] wrote:
At first everything seemed to be working, but then we discovered this
very strange thing. Authentication requests from our 3Com Total
Control unit (HiperARC V4.2.32) in which the username started with a
Capitol S would get the S stripped out when they
Dave Mason [EMAIL PROTECTED] wrote:
I have a couple of questions about adding a new EAP module to
freeRadius. I have version 0.7.1.
*Please* don't add new code to 0.7.1. Use the latest CVS head,
instead.
Why? No one is developing new things for 0.7.1. The latest CVS
head has many bug
What he is saying is that pap should work fine with smb authentication but
you can not do chap because smb uses encrypted passwd and the only way that
chap will work is if the passwd is stored in plain text on the server.
- Original Message -
From: Miriam Benham [EMAIL PROTECTED]
To:
14-Nov-02 at 11:46, Alan DeKok ([EMAIL PROTECTED]) wrote :
Adam Moffett [EMAIL PROTECTED] wrote:
At first everything seemed to be working, but then we discovered this
very strange thing. Authentication requests from our 3Com Total
Control unit (HiperARC V4.2.32) in which the username
Thanks for all the input (and kick in the head, PROXY!! duh).
~jamie
On Thu, 2002-11-14 at 10:17, Alan DeKok wrote:
Gene Parks [EMAIL PROTECTED] wrote:
What about using the radius server built into the SecurID product and
let Freeradius proxy to it for that function?
Sure, that would
It´s the error:
make[1]: Entering directory `/home/maximo/freeradius-0.7.1'
Making all in libltdl...
make[2]: Entering directory `/home/maximo/freeradius-0.7.1/libltdl'
/bin/sh ./libtool --mode=compile gcc -DHAVE_CONFIG_H -I. -I. -I. -g
-O2 -D_
EENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall
At 02:30 PM 11/14/2002 -0500, maximo wrote:
It´s the error:
make[1]: Entering directory `/home/maximo/freeradius-0.7.1'
Try the latest CVS head.
Problem reports for 0.7.1 are not useful as there have been many
changes since then.
-Chris
--
\\\|||/// \ StarNet Inc. \
It´s the error with last CSV
make[1]: Entering directory `/home/maximo/freeradius-snapshot-20021114'
Making all in src...
make[2]: Entering directory `/home/maximo/freeradius-snapshot-20021114/src'
make[3]: Entering directory `/home/maximo/freeradius-snapshot-20021114/src'
Making all in lib
At 03:20 PM 11/14/2002 -0500, maximo wrote:
It´s the error with last CSV
Can you send the output of:
'gcc -v'
'uname -a'
-Chris
make[1]: Entering directory `/home/maximo/freeradius-snapshot-20021114'
Making all in src...
make[2]: Entering directory `/home/maximo/freeradius-snapshot
,SPARCstation-20
Chris Parker wrote:
At 03:20 PM 11/14/2002 -0500, maximo wrote:
It´s the error with last CSV
Can you send the output of:
'gcc -v'
'uname -a'
-Chris
make[1]: Entering directory `/home/maximo/freeradius-snapshot-20021114'
Making all in src...
make[2]: Entering directory
At 03:32 PM 11/14/2002 -0500, maximo wrote:
the outputs are:
# gcc -v
Reading specs from /usr/local/lib/gcc-lib/sparc-sun-solaris2.7/3.0.3/specs
Configured with: ../configure --with-as=/usr/local/bin/as
--with-ld=/usr/local/bin/ld
You've told the compiler to use /usr/local/bin/as|ld, yet in
14-Nov-02 at 11:46, Alan DeKok ([EMAIL PROTECTED]) wrote :
Adam Moffett [EMAIL PROTECTED] wrote:
At first everything seemed to be working, but then we discovered this
very strange thing. Authentication requests from our 3Com Total
Control unit (HiperARC V4.2.32) in which the username
We use IOS 12.2(4)T3 currently. Use radtest on your radius box to make sure
all reply items are being sent as expected. That's about all I can think of
to try since the items are never seen by the cisco.
Kevin
On Thursday 14 November 2002 15:19, Dan wrote:
I did that. total debugging on
It's always the simple things that get me.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Folks,
I have just picked up another dialup provider, and I'm running into
a problem. My first providers proxies strip the realm before they
pass it to me. The new one does not, and the users don't get authenticated.
I can't figure out how or if freeradius can strip the realm if it's part
of the
At 04:07 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
Folks,
I have just picked up another dialup provider, and I'm running into
a problem. My first providers proxies strip the realm before they
pass it to me. The new one does not, and the users don't get authenticated.
I can't figure out how
On Thu, Nov 14, 2002 at 03:16:05PM -0600, Chris Parker wrote:
At 04:07 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
Folks,
I have just picked up another dialup provider, and I'm running into
a problem. My first providers proxies strip the realm before they
pass it to me. The new one does
At 04:37 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
On Thu, Nov 14, 2002 at 03:16:05PM -0600, Chris Parker wrote:
At 04:07 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
Folks,
I have just picked up another dialup provider, and I'm running into
a problem. My first providers proxies strip
On Thu, Nov 14, 2002 at 04:37:05PM -0500, [EMAIL PROTECTED] wrote:
On Thu, Nov 14, 2002 at 03:16:05PM -0600, Chris Parker wrote:
At 04:07 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
Folks,
I have just picked up another dialup provider, and I'm running into
a problem. My first
Hi,
I did follow HOWTO setup and create run-radiusd wrapper to include the lib. I
just try to double check whether I got
everything right. In order to get a clean setup again, I use another machine to
re-install everything again following
HOWTO (3 openssl stuffs and with latest
At 04:55 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
On Thu, Nov 14, 2002 at 04:37:05PM -0500, [EMAIL PROTECTED] wrote:
On Thu, Nov 14, 2002 at 03:16:05PM -0600, Chris Parker wrote:
At 04:07 PM 11/14/2002 -0500, [EMAIL PROTECTED] wrote:
Folks,
I have just picked up another dialup
On Thu, Nov 14, 2002 at 04:09:34PM -0600, Chris Parker wrote:
modcall: entering group authorize^M
hints: Matched DEFAULT at 64^M
modcall[authorize]: module preprocess returns ok^M
What is in your 'hints' file? Let me guess, you have some @buoy.com
stuff there?
Yup. Good call. Taken
hi
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: Invalid ACK received
modcall[authenticate]: module eap returns invalid
I know I am very close. Just don't know where to proceed to fix the problem.
I compared with the sample log file:
rlm_eap_tls: Received EAP-TLS ACK message
Thanks for the tip. I grabbed today's 11/14 CVS snapshot. Does anybody know aLinux Radius client that can send EAP messages? If not I'll look at the rlm_eapcode and see what I can do with radclient.c.DaveAlan DeKok [EMAIL PROTECTED] wrote:
Dave Mason [EMAIL PROTECTED] wrote:
I have a
Hi,
I captured the log file and it shows the message exchanged between Radius
server and XP client. I hope this shed some
light about the rlm_eap_tls: Invalid ACK received problem:
abreviate the initialization log
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on
I seem to be having the same issue.. seems to happen randomly about once a
week on a production server running a simple perl backend for authentication.
snippet of log...
Thu Nov 14 15:26:38 2002 : Error: WARNING: Unresponsive child (id 65559)
for request 13464
Thu Nov 14 15:26:38 2002 : Error:
it's not what i wanted actually... you should take a look at the
messages and decide if the ACK IS valid or where it becomes invalid and
perhaps why... it's probably invalid at the server-side, otherwise the
server wouldn't say it. but why? and where has it been changed? is it
wrong when coming
it's not what i wanted actually... you should take a look at the
messages and decide if the ACK IS valid or where it becomes invalid and
perhaps why... it's probably invalid at the server-side, otherwise the
server wouldn't say it. but why? and where has it been changed? is it
wrong when coming
Yes, likely its the T version ISO (from what I've been reading off
cisco's site.
but I'll try both
Dan.
On Thu, 14 Nov 2002, Kevin Bonner wrote:
We use IOS 12.2(4)T3 currently. Use radtest on your radius box to make sure
all reply items are being sent as expected. That's about all I can
Thanks for your help!
I have resolved it now!
¦b ¶g¤, 2002-11-15 00:05, Alan DeKok ¼g¹D¡G
Ynjiun P. Wang [EMAIL PROTECTED] wrote:
I checked rlm_eap_tls-0.8-pre.so using ldd and found that libssl.so.0.9.8 = not
found. Is this normal? If not, how to
fix it? Thanks.
Fix your system, as
Hi,
Currentlymy task is to make Quintum Tenor
A400 work with freeradius. But the Quintum is not listed in the support product
list, and I check the dictionary included in the freeradius package, the
attributes is not the same with mine. Thus I'm not sure whether it can
work.
Did anyone
I think you can get it from HOWTO!
http://www.missl.cs.umd.edu/wireless/eaptls/
¦b ¶g¤, 2002-11-15 09:10, Ynjiun P. Wang ¼g¹D¡G
it's not what i wanted actually... you should take a look at the
messages and decide if the ACK IS valid or where it becomes invalid and
perhaps why... it's probably
As the result, packet 5),6)'s EAP-ID are all the value:1 as packet 2),3).
So,when windows XP receive packet 6), it replys packet 3) instend of
packet 7)
,then.. an endless loop.
I would like to know,how can I resolve the endless looping problem ???
Should freeradius use different
OK, thanks to Chris, I seem to have my users now authenticating into my
server with the realm stripped. But... and there always is a 'but', right?
users# radwho
Login Name What TTY When From Location
mscc@buoy. [EMAIL PROTECTED] PPP S9 Thu 16:27 66.19.47.
I need exam 802.1x function on my FreeRadius server, but no
device to support 802.1x now.
Any body know what simulator support 802.1x?
Thanks very much.
lv
xiao-Telindus Ltd.
(China)Chengdu officeSuite A,6/F, Guoxin
Hi,
FR 0.7.1
SuSE linux 7.3
Oracle DB 9i R2
When I use 'radiusd start', it
reports:
radiusd: Unexpected character `:'
(0x3a)radiusd: /etc/raddb/users[154]: Parse error (check) for entry
DEFAULT
Why?
Thanks
RegardsAlex Zhang
i1, Inc.
Shanghai86-21-50475656-122
54 matches
Mail list logo