Re: eap_identity or username attribute? (to Artur and lars)

Hi, Can I say both of you premise that NAS(radius client) must set User-Name value to eap-id? I see in FreeRadius that the username to used authorize is set to User-Name attibute value. If User-Name value is null then eap-id is set to it. Now if NAS sends a packet to FreeRadius whose User-Name

0.8 Release: realms vs proxy.conf

Hi all, I have installed FR 0.8 release. It's worked good, but I found "THIS FILE IS DEPRECATED. ." header in the 0.8's 'realms' file, so I tried to move my domain1LOCAL domain2LOCAL realms to the 'proxy.conf', as described: realm domain1 { type= radius

Has any NAS Simulator support 802.1x ?

i has setup FreeRadius normally, but now i need test 802.1x authentication function . but i no real device can support 802.1x. anyone know some NAS software simulator support 802.1x? very thanks for your help. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radcheck radreply

I'm using dialup_admin to insert users into the radius db. I don't know what to pu in the radreply and radgroupreply tables. do I need the same thing that is in the radcheck table? why? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Mysql, dialup_admin and Freeradius Problem.

Chris Brotsos wrote: At 06:04 PM 11/19/2002 -0200, you wrote: rlm_sql (sql): Reserving sql socket id: 4 rlm_sql: The 'op' field for attribute 'User-Password = $1$C.zZID82$kp/ZF6uwfT3dIHwtLd1B70' is NULL, or non-existent. rlm_sql: You MUST FIX THIS if you want the configuration to behave as y

Re: Freeradius-Users -- confirmation of subscription -- request 732926

On Tue, 19 Nov 2002 23:49:55 +0100 [EMAIL PROTECTED] wrote: > Freeradius-Users -- confirmation of subscription -- request 732926 > > We have received a request from 213.140.12.218 for subscription of > your email address, <[EMAIL PROTECTED]>, to the > [EMAIL PROTECTED] mailing list. To confirm t

unsubscribe

 

Re: fail to load rlm_eap_md5 in freeRadius 0.8

A quick update. At first I ran configure with --disable-shared to force a static link. If I take that out and use a dynamic link (and set my LD_LIBRARY_PATH) it works fine. For some reason, the static link must not be picking up everything it needs. Is there something else I need to do for

minor patch to sql for postgres

i've had to add the "${groupreply_table}.Op" to the sql string in the postgresql config in order to prevent it from complaining about the missing column fortunately the default behavior still resolves even if the 'op' column is missing here is the complete string: authorize_group_reply_query =

Re: Mysql, dialup_admin and Freeradius Problem.

At 06:04 PM 11/19/2002 -0200, you wrote: I have all of then installed and running and added an user with dialup_admin but when I try to connect to my tc nas that user doesn't pass. here is what I get: rad_recv: Access-Request packet from host :1645, id=55, length=146 User-Name =

Mysql, dialup_admin and Freeradius Problem.

I have all of then installed and running and added an user with dialup_admin but when I try to connect to my tc nas that user doesn't pass. here is what I get: rad_recv: Access-Request packet from host :1645, id=55, length=146 User-Name = "servico" User-Password = "J{\234W\

diferent sesion-timeout for a isdn calls and a asyn call

my cisco AS5300 send this packed to free radius server. 2w6d: Attribute 4 6 D5E5A0D5 (NAS-IP-Address) 2w6d: Attribute 5 6 4E20 (NAS-Port) 2w6d: Attribute 61 6 0002 (NAS-Port-Type) 2w6d: Attribute 1 10 67686461 (User-Name) 2w6d: Attribute 30 11

Re: eap_identity or username attribute?

to the original question: the two fields should be the same, that's now verified. to Lars: since the draft and the standard basically state the same, let's refer to the standard :) but that's not the point... i only wanted to say, that the certified identity could be e.g. [EMAIL PROTECTED] so,

Users file

Howdy, quick question, if I have all of my users stores in the users file.. Ala User1 password == "password" Will the DEFAULT settings at the bottom of this file apply to these users? Unfortunately we've decided to go with a VPOP company and they require you to allow CHAP which is real

RE: Configuration question, I'll try not to bother you again.

Lol I am a huge ass, I was modifying files in /etc/raddb instead of /usr/local/etc/raddb.. Woops. Sorry. -Drew -Original Message- From: Chris Brotsos [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 19, 2002 1:29 PM To: [EMAIL PROTECTED] Subject: RE: Configuration question, I'll try

EAP/TLS

Problem solved! It's the server certificate problem. I re-generated the server certificate and keep the client and root certificates the same. The problem is gone. I was using Ken Roser's script (section 9 in HOWTO: EAP/TLS Setup for FreeRADIIUS and Wiindows XP Supplliicant Version 1.0.1 April 18

Strange Reject problem

Greetings, I have a rather strange problem. Freeradius 0.8 works great, except when rejecting a user for incorrect login. With my cistron radius I get the proper (windows at least) error of incorrect username and password, while the same machine, dialing up to the test environment (freeradius

RE: Configuration question, I'll try not to bother you again.

At 12:49 PM 11/19/2002 -0500, you wrote: Replying. Sorry., I forgot to try it in debug mode. The error its getting is rlm_chap: could not find proper chap-password attribute in request -Drew I'm not sure how to send a Chap-Password via radtest. You are failing on the test because you are sen

fail to load rlm_eap_md5 in freeRadius 0.8

Hi, In my radiusd.conf, I turn on eap in the authorize and authenticate modules. My eap module looks like this (with comments left out): eap { default_eap_type = sim md5 { } sim { } } Other than that, it's the same as the original from the distribution. This worked fine in freeRadius

Re: ScanMail Message: To Recipient Match eManager setting and take action.

> From: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Subject: ScanMail Message: To Recipient Match eManager setting and > take action. > X-Mailer: Microsoft CDO for Exchange 2000 > Date: Tue, 19 Nov 2002 10:17:26 -0500 The message isn't from my site. Header says it is from togethersoft.net It

RE: eap_identity or username attribute?

> From: Artur Hecker [mailto:[EMAIL PROTECTED]] > Sent: den 19 november 2002 18:49 > To: [EMAIL PROTECTED] > Subject: Re: eap_identity or username attribute? > > > Lars, > > in the IEEE Std 802.1X-2001 there is the following: > > > D.3.1 User-Name > In IEEE Std 802.1X-2001, the supplica

Re: Auth-Type/Autz-Type in users file

On Tuesday 19 November 2002 11:10, Christophe Boyanique wrote: > authorize { > preprocess > suffix > files > autztype tst{ > ldap_tst > } > autztype com{ > ldap_com > } > } > > Error: /etc/raddb/users[1]: Parse

RE: Configuration question, I'll try not to bother you again.

Yes, 127.0.0.1, localhost as shortname, secret = default. -Drew -Original Message- From: Chris Brotsos [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 19, 2002 12:42 PM To: [EMAIL PROTECTED] Subject: Re: Configuration question, I'll try not to bother you again. At 12:36 PM 11/19/20

Re: eap_identity or username attribute?

Lars, in the IEEE Std 802.1X-2001 there is the following: D.3.1 User-Name In IEEE Std 802.1X-2001, the supplicant typically provides its identity via an EAP-Response/Identity message. Where available, the supplicant identity is included in the User-Name attribute and included in th

Re: Configuration question, I'll try not to bother you again.

At 12:36 PM 11/19/2002 -0500, you wrote: Ok, as I said I'm new to this, [I'm running FR 0.8 btw] Im just trying to use radtest to get something authenticating at this point, this is what I put in my /etc/raddb/users file: drewAuth-type := Local, User-Password == "yummy" The above m

RE: Configuration question, I'll try not to bother you again.

Replying. Sorry., I forgot to try it in debug mode. The error its getting is rlm_chap: could not find proper chap-password attribute in request -Drew -Original Message- From: Drew Weaver Sent: Tuesday, November 19, 2002 12:37 PM To: '[EMAIL PROTECTED]' Subject: Configuration question,

Configuration question, I'll try not to bother you again.

Ok, as I said I'm new to this, [I'm running FR 0.8 btw] Im just trying to use radtest to get something authenticating at this point, this is what I put in my /etc/raddb/users file: drewAuth-type := Local, User-Password == "yummy" Then in my proxy.conf I have: realm ee.net {

RE: New to freeradius, used merit for years.

Yes. Gene -Original Message- From: Drew Weaver [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 19, 2002 11:46 AM To: '[EMAIL PROTECTED]' Subject: New to freeradius, used merit for years. Can I use CHAP + Realms at the same time? With merit you cant, because in order to us

[Administrator@mtds.com: ScanMail Message: To Recipient Match eManager setting and take action.]

It would appear spammers are forging addresses and sending to the list from those addresses, no? - Forwarded message from [EMAIL PROTECTED] - > Date: Tue, 19 Nov 2002 10:17:26 -0500 > From: <[EMAIL PROTECTED]> > Subject: ScanMail Message: To Recipient Match eManager setting and take actio

Authorization question

Hi all, I'm looking to find a way to dynamically append (or rewrite) attribute values on proxy server for request responses. This is the basic case where "home" server will only authenticate the user, and we need to define the authorisation data at the proxy server (the home server does not know w

RE: eap_identity or username attribute?

> From: Artur Hecker [mailto:[EMAIL PROTECTED]] > Sent: den 19 november 2002 16:37 > To: [EMAIL PROTECTED] > Subject: Re: eap_identity or username attribute? > > > shouldn't those two be always set to the same? i can't > remember, but i think that i read something like this in the > "Usage of

Re: New to freeradius, used merit for years.

Drew Weaver <[EMAIL PROTECTED]> wrote: > Can I use CHAP + Realms at the same time? Yes. > With merit you cant, because in order to use chap you have to setup clear > text profiles like I dislike Merit. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/li

New to freeradius, used merit for years.

Can I use CHAP + Realms at the same time? With merit you cant, because in order to use chap you have to setup clear text profiles like DrewPassword="poopie" whatever whatever And for realms it has to be DrewAuthentication-type="Rea

Auth-Type/Autz-Type in users file

Back from my previous question; I found the Autz-Type doc file that seems to explain a way to fit my needs. I created an empty users file with only: DEFAULT Called-Station-Id == "0", Autz-Type := tst, Auth-Type := tst DEFAULT Called-Station-Id == "1", Autz-Type := com, Auth-Type := com And I

Re: eap_identity or username attribute?

shouldn't those two be always set to the same? i can't remember, but i think that i read something like this in the "Usage of RADIUS with IEEE 802.1X" recommendations once... try to take a look. James Xie wrote: > HI, > I am debuging EAP-TLS module. Who can tell me FreeRadius should use which >

Re: "EAP-Message" RADIUS attribute

hi Nikhil clients.conf, radiusd.conf and users. That's why I said I followed the HOW-TO doc's. evidently your clients.conf is *NOT* correct, otherwise, why would the server say, it doesn't know the client: >> request from unknown client 192.168.11.20 I've updated the above RADIUS config fil

Compiling freeradius-0.8

Hello All, I'm having trouble compiling newest release v. 0.8 even from cvs tree on my debian Woody box. I'm compiling it as I always did before: "fakeroot debian/rules binary", but now it fails with strange error message: BRADIUS -I../include -c snprintf.c mode=link gcc -release 0.9-pre \ -m

Re: "EAP-Message" RADIUS attribute

Hello Artur: I did update the following freeRADIUS files according to my network configuration: clients.conf, radiusd.conf and users. That's why I said I followed the HOW-TO doc's. I've updated the above RADIUS config files, my "xsupplicant" program sits saying: root@tstpc01: .../bin > ./xsupplica

ScanMail Message: To Recipient Match eManager setting and take action.

eManager Notification * The following mail was blocked since it contains sensitive content. Source mailbox: [EMAIL PROTECTED] Destination mailbox(es): [EMAIL PROTECTED] Rule/Policy: Sexually Explicit Action: Quarantine to D:\Program Files\Trend\SMCF\Quarantine\200

Re: Freeradius-Users digest, Vol 1 #1255 - 6 msgs

Kostas Kalevras <[EMAIL PROTECTED]> wrote: > > I am using a patched freeradius 0.6. > > upgrade > upgrade > upgrade I will try - if it is painless to do so... > Try runing in debug mode (radiusd -X) to see what > happens. I see this: rad_recv: Access-Request packet from host 216.220.107.36:12

Re: EAP/TLS

hmmm, it's going too far for me :) perhaps you should try to ask this at the development list. i have no idea why freeradius considers the incoming ACK being malformed. my AP350 doesn't do that, the 340 neither and i've never heard of it before, sorry. do you want to downgrade to some not-beta

Re: "EAP-Message" RADIUS attribute

hi Nikhil Chauhan wrote: Unknown-Attr-79 = "\002#\000\015\001adam-ctl" Unknown-Attr-80 = "\002\213\015\214"\350\014\352/\012\013\321\021\032\020+" what's all that? request from unknown client 192.168.11.20 did you add the client in your clients.conf? generally: you shouldn't blindly f

Tam metraj porno filmler etnxa

FULL 2002 YAPIMI PORNO VIDEOLAR Sitemize yeni filmler eklendi. Tam metraj, full kalite Yenilenen Kategoriler: AMATEUR ANAL ASIAN LESBIAN Ýyi eðlenceler, http://www.noseks.com id: freeradius-users - fetiyvxkpi- ŠËbú?²æìr¸›{û§²æìr¸›y'ž†Ûiÿü0ÁúÞz¶Šë(®åŠËºÇ«²

(no subject)

Hi all, I'm looking for a way to have multiple sources of authentication with round-robin. I would like to use two ldap servers to autenticate users but I didn't find a way to do it. I set 2 ldap sections in the top of the file and tried something like that: authorize { append {

Question about radrelay with FreeRadius 0.7

I have radrelay running on my backup freeradius server, but it seems to stop collecting and passing entries without warning. I do see a detail.work file that appears to contain a single Start record: (names and numbers slightly altered, no special characters removed) Thu Oct 3 15:45:29 2002

Re: strange errors in log file

Ruslan Spivak <[EMAIL PROTECTED]> wrote: > RH8.0 + freeradius0.6 + Oracle9i ... > What to do and where to dig? Upgrade to a version that isn't 6 months old? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

PS: Max-Session-Time

i've see modcall[accounting]: module counternever returns noop ! -- Remus - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

"EAP-Message" RADIUS attribute

Hi: I've downloaded open1x source code and am trying to test the xsupplicant functionality with FreeRADIUS (0.7.1) authentication server. I've followed the two available HOW-TO documents for configuring EAP/TLS for FreeRADIUS and the xsupplicant. I get a problem during the authentication phase.

strange errors in log file

Hello freeradius-users, RH8.0 + freeradius0.6 + Oracle9i In log file I can see a lot of messages: Error: rlm_sql: Couldn't update SQLaccounting START record - ORA-00932: inconsistent datatypes What to do and where to dig? Your help is very appreciated Best regards, Ruslan

Max-Session-Time

Max-Session-Time and Login-Time it's not work i have 0.7.1 snapshots 20021110 I have in radiusd.conf counter counternever { filename = ${raddbdir}/db.never key = User-Name count-attribute = Acct-Session-Time reset = never

Re: Freeradius 0.6 + RH8.0: only one process

18-Nov-02 at 11:00, Ruslan Spivak ([EMAIL PROTECTED]) wrote : > Hello freeradius-users, > > Recently I had RH7.2 with freeradius 0.6 and there was about 10 > process in the system, after installing RH8.0 and starting radius I > can see only 1 process, what's wrong with that? I think now it can't >

Login-Time

i've put Login-Time "1100-1300" in radreply for a user, and i try to login in this interval, but i always get Outside alolowed timespan (time allowed 1100-1300) what can be wrong? -- Remus - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Alteon Webswitch dictionary

you may add this dictionary to the distribution: ## # dictionary.alteon - Alteon Webswitch dictionary# ## VENDORATTR 1872Alteon-Service-Type 26 int

Re: Freeradius 0.7 - Daemon

18-Nov-02 at 09:22, [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote : > ** Your attention is drawn to the note at the end of this message. ** ** Disclaimers have no place on mailing lists ** > > Dear All, > > I manage to get Freeradius 0.7 to work with OpenLDAP 2.1.4. Luckily, I can > start radiusd

Re: isdn users

÷ ÓÏÏÂÝÅÎÉÉ ÏÔ ðÏÎÅÄÅÌØÎÉË 18 îÏÑÂÒØ 2002 16:15 Leandro Machado ÎÁÐÉÓÁÌ: > hi, > > i have been configured freeradius with mysql authentication but now i need > to differ dial-up users from ISDN users 56k and 128. > > how can i make it?? NAS-Port-Type == Sync and/or Framed-Protocol = MP -- With B