Hi,
Can I say both of you premise that NAS(radius client) must set User-Name value to
eap-id? I see in FreeRadius that the username to used authorize is set to User-Name
attibute value. If User-Name value is null then eap-id is set to it. Now if NAS sends
a packet to FreeRadius whose User-Name
Hi all,
I have installed FR 0.8 release. It's worked good, but
I found "THIS FILE IS DEPRECATED. ." header in the
0.8's 'realms' file, so I tried to move my
domain1LOCAL
domain2LOCAL
realms to the 'proxy.conf', as described:
realm domain1 {
type= radius
i has setup FreeRadius normally, but now i need test 802.1x
authentication function . but i no real device can support 802.1x.
anyone know some NAS software simulator support 802.1x?
very thanks for your help.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I'm using dialup_admin to insert users into the radius db.
I don't know what to pu in the radreply and radgroupreply tables.
do I need the same thing that is in the radcheck table?
why?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Chris Brotsos wrote:
At 06:04 PM 11/19/2002 -0200, you wrote:
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql: The 'op' field for attribute 'User-Password =
$1$C.zZID82$kp/ZF6uwfT3dIHwtLd1B70' is NULL, or non-existent.
rlm_sql: You MUST FIX THIS if you want the configuration to behave as
y
On Tue, 19 Nov 2002 23:49:55 +0100
[EMAIL PROTECTED] wrote:
> Freeradius-Users -- confirmation of subscription -- request 732926
>
> We have received a request from 213.140.12.218 for subscription of
> your email address, <[EMAIL PROTECTED]>, to the
> [EMAIL PROTECTED] mailing list. To confirm t
A quick update. At first I ran configure with --disable-shared to force
a static link. If I take that out and use a dynamic link (and set my
LD_LIBRARY_PATH) it works fine. For some reason, the static link must
not be picking up everything it needs. Is there something else I need
to do for
i've had to add the "${groupreply_table}.Op" to the sql string in the
postgresql config in order to prevent it from complaining about the
missing column
fortunately the default behavior still resolves even if the 'op' column is
missing
here is the complete string:
authorize_group_reply_query =
At 06:04 PM 11/19/2002 -0200, you wrote:
I have all of then installed and running and added an user with
dialup_admin but when I try to connect to my tc nas that user doesn't pass.
here is what I get:
rad_recv: Access-Request packet from host :1645, id=55, length=146
User-Name =
I have all of then installed and running and added an user with
dialup_admin but when I try to connect to my tc nas that user doesn't pass.
here is what I get:
rad_recv: Access-Request packet from host :1645, id=55, length=146
User-Name = "servico"
User-Password = "J{\234W\
my cisco AS5300 send this packed to free radius server.
2w6d: Attribute 4 6 D5E5A0D5 (NAS-IP-Address)
2w6d: Attribute 5 6 4E20 (NAS-Port)
2w6d: Attribute 61 6 0002 (NAS-Port-Type)
2w6d: Attribute 1 10 67686461 (User-Name)
2w6d: Attribute 30 11
to the original question: the two fields should be the same, that's now
verified.
to Lars:
since the draft and the standard basically state the same, let's refer
to the standard :) but that's not the point...
i only wanted to say, that the certified identity could be e.g.
[EMAIL PROTECTED] so,
Howdy, quick question, if I have all of my users stores in the users
file.. Ala
User1 password == "password"
Will the DEFAULT settings at the bottom of this file apply to these users?
Unfortunately we've decided to go with a VPOP company and they require you
to allow CHAP which is real
Lol I am a huge ass, I was modifying files in /etc/raddb instead of
/usr/local/etc/raddb..
Woops.
Sorry.
-Drew
-Original Message-
From: Chris Brotsos [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 19, 2002 1:29 PM
To: [EMAIL PROTECTED]
Subject: RE: Configuration question, I'll try
Problem solved!
It's the server certificate problem.
I re-generated the server certificate and keep the client and root certificates the
same. The problem is gone. I was
using Ken Roser's script (section 9 in HOWTO: EAP/TLS Setup for FreeRADIIUS and
Wiindows XP Supplliicant Version 1.0.1
April 18
Greetings,
I have a rather strange problem. Freeradius 0.8 works great, except when
rejecting a user for incorrect login.
With my cistron radius I get the proper (windows at least) error of
incorrect username and password, while the same machine, dialing up to the
test environment (freeradius
At 12:49 PM 11/19/2002 -0500, you wrote:
Replying. Sorry., I forgot to try it in debug mode.
The error its getting is rlm_chap: could not find proper chap-password
attribute in request
-Drew
I'm not sure how to send a Chap-Password via radtest. You are failing on
the test because you are sen
Hi,
In my radiusd.conf, I turn on eap in the authorize and authenticate
modules. My eap module looks like this (with comments left out):
eap {
default_eap_type = sim
md5 {
}
sim {
}
}
Other than that, it's the same as the original from the distribution.
This worked fine in freeRadius
> From: <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: ScanMail Message: To Recipient Match eManager setting and
> take action.
> X-Mailer: Microsoft CDO for Exchange 2000
> Date: Tue, 19 Nov 2002 10:17:26 -0500
The message isn't from my site. Header says it is from togethersoft.net
It
> From: Artur Hecker [mailto:[EMAIL PROTECTED]]
> Sent: den 19 november 2002 18:49
> To: [EMAIL PROTECTED]
> Subject: Re: eap_identity or username attribute?
>
>
> Lars,
>
> in the IEEE Std 802.1X-2001 there is the following:
>
>
> D.3.1 User-Name
> In IEEE Std 802.1X-2001, the supplica
On Tuesday 19 November 2002 11:10, Christophe Boyanique wrote:
> authorize {
> preprocess
> suffix
> files
> autztype tst{
> ldap_tst
> }
> autztype com{
> ldap_com
> }
> }
>
> Error: /etc/raddb/users[1]: Parse
Yes, 127.0.0.1, localhost as shortname, secret = default.
-Drew
-Original Message-
From: Chris Brotsos [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 19, 2002 12:42 PM
To: [EMAIL PROTECTED]
Subject: Re: Configuration question, I'll try not to bother you again.
At 12:36 PM 11/19/20
Lars,
in the IEEE Std 802.1X-2001 there is the following:
D.3.1 User-Name
In IEEE Std 802.1X-2001, the supplicant typically provides its
identity via an EAP-Response/Identity message. Where available, the
supplicant identity is included in the User-Name attribute and included
in th
At 12:36 PM 11/19/2002 -0500, you wrote:
Ok, as I said I'm new to this, [I'm running FR 0.8 btw] Im just trying to
use radtest to get something authenticating at this point, this is what I
put in my /etc/raddb/users file:
drewAuth-type := Local,
User-Password == "yummy"
The above m
Replying. Sorry., I forgot to try it in debug mode.
The error its getting is rlm_chap: could not find proper chap-password
attribute in request
-Drew
-Original Message-
From: Drew Weaver
Sent: Tuesday, November 19, 2002 12:37 PM
To: '[EMAIL PROTECTED]'
Subject: Configuration question,
Ok, as I said I'm new to this, [I'm running FR 0.8 btw] Im just trying to
use radtest to get something authenticating at this point, this is what I
put in my /etc/raddb/users file:
drewAuth-type := Local,
User-Password == "yummy"
Then in my proxy.conf I have:
realm ee.net {
Yes.
Gene
-Original Message-
From: Drew Weaver [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 19, 2002 11:46 AM
To: '[EMAIL PROTECTED]'
Subject: New to freeradius, used merit for years.
Can I use CHAP + Realms at the same time?
With merit you cant, because in order to us
It would appear spammers are forging addresses and sending to the list
from those addresses, no?
- Forwarded message from [EMAIL PROTECTED] -
> Date: Tue, 19 Nov 2002 10:17:26 -0500
> From: <[EMAIL PROTECTED]>
> Subject: ScanMail Message: To Recipient Match eManager setting and take actio
Hi all,
I'm looking to find a way to dynamically append (or rewrite) attribute
values on proxy server for request responses. This is the basic case where
"home" server will only authenticate the user, and we need to define the
authorisation data at the proxy server (the home server does not know w
> From: Artur Hecker [mailto:[EMAIL PROTECTED]]
> Sent: den 19 november 2002 16:37
> To: [EMAIL PROTECTED]
> Subject: Re: eap_identity or username attribute?
>
>
> shouldn't those two be always set to the same? i can't
> remember, but i think that i read something like this in the
> "Usage of
Drew Weaver <[EMAIL PROTECTED]> wrote:
> Can I use CHAP + Realms at the same time?
Yes.
> With merit you cant, because in order to use chap you have to setup clear
> text profiles like
I dislike Merit.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/li
Can I use CHAP + Realms at the same time?
With merit you cant, because in order to use chap you have to setup clear
text profiles like
DrewPassword="poopie"
whatever
whatever
And for realms it has to be
DrewAuthentication-type="Rea
Back from my previous question; I found the Autz-Type doc file that
seems to explain a way to fit my needs.
I created an empty users file with only:
DEFAULT Called-Station-Id == "0", Autz-Type := tst, Auth-Type := tst
DEFAULT Called-Station-Id == "1", Autz-Type := com, Auth-Type := com
And I
shouldn't those two be always set to the same? i can't remember, but i
think that i read something like this in the "Usage of RADIUS with IEEE
802.1X" recommendations once...
try to take a look.
James Xie wrote:
> HI,
> I am debuging EAP-TLS module. Who can tell me FreeRadius should use which
>
hi Nikhil
clients.conf, radiusd.conf and users. That's why I said I followed the
HOW-TO doc's.
evidently your clients.conf is *NOT* correct, otherwise, why would the
server say, it doesn't know the client:
>> request from unknown client 192.168.11.20
I've updated the above RADIUS config fil
Hello All,
I'm having trouble compiling newest release v. 0.8 even from
cvs tree on my debian Woody box. I'm compiling it as I always
did before: "fakeroot debian/rules binary", but now it fails
with strange error message:
BRADIUS -I../include -c snprintf.c
mode=link gcc -release 0.9-pre \
-m
Hello Artur:
I did update the following freeRADIUS files according to my network configuration:
clients.conf, radiusd.conf and users. That's why I said I followed the HOW-TO doc's.
I've updated the above RADIUS config files, my "xsupplicant" program sits saying:
root@tstpc01: .../bin > ./xsupplica
eManager Notification *
The following mail was blocked since it contains sensitive content.
Source mailbox: [EMAIL PROTECTED]
Destination mailbox(es): [EMAIL PROTECTED]
Rule/Policy: Sexually Explicit
Action: Quarantine to D:\Program Files\Trend\SMCF\Quarantine\200
Kostas Kalevras <[EMAIL PROTECTED]> wrote:
> > I am using a patched freeradius 0.6.
>
> upgrade
> upgrade
> upgrade
I will try - if it is painless to do so...
> Try runing in debug mode (radiusd -X) to see what
> happens.
I see this:
rad_recv: Access-Request packet from host 216.220.107.36:12
hmmm, it's going too far for me :)
perhaps you should try to ask this at the development list. i have no
idea why freeradius considers the incoming ACK being malformed. my AP350
doesn't do that, the 340 neither and i've never heard of it before, sorry.
do you want to downgrade to some not-beta
hi
Nikhil Chauhan wrote:
Unknown-Attr-79 = "\002#\000\015\001adam-ctl"
Unknown-Attr-80 = "\002\213\015\214"\350\014\352/\012\013\321\021\032\020+"
what's all that?
request from unknown client 192.168.11.20
did you add the client in your clients.conf?
generally: you shouldn't blindly f
FULL 2002 YAPIMI PORNO VIDEOLAR
Sitemize yeni filmler eklendi. Tam metraj, full kalite
Yenilenen Kategoriler:
AMATEUR
ANAL
ASIAN
LESBIAN
Ýyi eðlenceler,
http://www.noseks.com
id: freeradius-users - fetiyvxkpi-
Ëbú?²æìr¸{û§²æìr¸y'Ûiÿü0ÁúÞz¶ë(®å˺ǫ²
Hi all,
I'm looking for a way to have multiple sources of authentication with
round-robin. I would like to use two ldap servers to autenticate users
but I didn't find a way to do it.
I set 2 ldap sections in the top of the file and tried something like
that:
authorize {
append {
I have radrelay running on my backup freeradius server, but it seems to
stop collecting and passing entries without warning. I do see a
detail.work file that appears to contain a single Start record:
(names and numbers slightly altered, no special characters removed)
Thu Oct 3 15:45:29 2002
Ruslan Spivak <[EMAIL PROTECTED]> wrote:
> RH8.0 + freeradius0.6 + Oracle9i
...
> What to do and where to dig?
Upgrade to a version that isn't 6 months old?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
i've see modcall[accounting]: module counternever returns noop !
--
Remus
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi:
I've downloaded open1x source code and am trying to test the xsupplicant
functionality with FreeRADIUS (0.7.1) authentication server. I've followed the two
available HOW-TO documents for configuring EAP/TLS for FreeRADIUS and the
xsupplicant. I get a problem during the authentication phase.
Hello freeradius-users,
RH8.0 + freeradius0.6 + Oracle9i
In log file I can see a lot of messages:
Error: rlm_sql: Couldn't update SQLaccounting START record -
ORA-00932: inconsistent datatypes
What to do and where to dig?
Your help is very appreciated
Best regards,
Ruslan
Max-Session-Time and Login-Time it's not work
i have 0.7.1 snapshots 20021110
I have in radiusd.conf
counter counternever {
filename = ${raddbdir}/db.never
key = User-Name
count-attribute = Acct-Session-Time
reset = never
18-Nov-02 at 11:00, Ruslan Spivak ([EMAIL PROTECTED]) wrote :
> Hello freeradius-users,
>
> Recently I had RH7.2 with freeradius 0.6 and there was about 10
> process in the system, after installing RH8.0 and starting radius I
> can see only 1 process, what's wrong with that? I think now it can't
>
i've put Login-Time "1100-1300" in radreply for a user, and i try to
login in this interval, but i always get
Outside alolowed timespan (time allowed 1100-1300)
what can be wrong?
--
Remus
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
you may add this dictionary to the distribution:
##
# dictionary.alteon - Alteon Webswitch dictionary#
##
VENDORATTR 1872Alteon-Service-Type 26 int
18-Nov-02 at 09:22, [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote :
> ** Your attention is drawn to the note at the end of this message. **
** Disclaimers have no place on mailing lists **
>
> Dear All,
>
> I manage to get Freeradius 0.7 to work with OpenLDAP 2.1.4. Luckily, I can
> start radiusd
÷ ÓÏÏÂÝÅÎÉÉ ÏÔ ðÏÎÅÄÅÌØÎÉË 18 îÏÑÂÒØ 2002 16:15 Leandro Machado ÎÁÐÉÓÁÌ:
> hi,
>
> i have been configured freeradius with mysql authentication but now i need
> to differ dial-up users from ISDN users 56k and 128.
>
> how can i make it??
NAS-Port-Type == Sync
and/or
Framed-Protocol = MP
--
With B
55 matches
Mail list logo