RE: Freeradius-Users digest, Vol 1 #1300 - 1 msg

Dialup_admin comes with freeradius. You should find in the freeradius install folder after you decompressed it. - Chhai -Original Message- From: Iq [mailto:[EMAIL PROTECTED]] Sent: Thursday, 28 November 2002 5:23 PM To: [EMAIL PROTECTED] Subject: Re: Freeradius-Users digest, Vol 1 #130

Re: Freeradius-Users digest, Vol 1 #1300 - 1 msg

Hi, what is this dial-up admin and where do i get it from > Use dialup_admin to view usage. You can find the sql queries in the = > source code > regards, Iqtadar Raja - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Freeradius-Users digest, Vol 1 #1301 - 2 msgs

Hi Alan, Check out these two websites and follow the instructions U don need to compile FR with mysql options..u can instal freeradius...install mysql..make sure its working..change sql.conf and radiusd.conf. http://www.ccs.neu.edu/home/peterm/freeradiusbuild.html http://www.fron

Re: Linux+freeradius+mysql

Dear Iq, Im trying to get freeradius to work with mysql and having problems. Can you tell me what ./configure options you used to configure it? Cause Im using ./configure --sysconfdir=/etc --with-mysql-lib-dir=/usr/lib/mysql. Its giving me this error rlm_sql (sql): Could not link driver rlm_sql_

help

.+-Šwèþ˛±ÊâmïîžË›±Êâmäžzm§ÿðÃëyêÚv+¬¢¸?–+-þë®Èmš

RE: Linux+freeradius+mysql

Use dialup_admin to view usage. You can find the sql queries in the source code Chhai -Original Message- From: Iq [mailto:[EMAIL PROTECTED]] Sent: Thursday, 28 November 2002 3:29 PM To: [EMAIL PROTECTED] Subject: Linux+freeradius+mysql Hi everyone, tried freeradius w

Linux+freeradius+mysql

Hi everyone, tried freeradius with mysql, got it working but how do I get usage details out of radacct table. Is there a query provided anywhere. I made two sessions and got both of them in radacct. Bellow is a copy of what I got in radacct mysql> select * from radacct where U

rlm_sqlcounter

how do I include rlm_sqlcounter in the compilation? Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Recommend-It: PLS REPLY to CONFIRM [freeradius-users@lists.cistron.nl/6947]

> CONFIRMATION OF RECOMMEND-IT SUBSCRIPTION REQUEST IS REQUIRED! > > We have just received a subscription request to add you to the > free lists run by Recommend-It. You must confirm your subscription to > join these lists by following the simple instructions below. > > INSTRUCTIONS: > > In or

Can I do eap/tls use 2 wire NIC and cisco 2950?

hi,everyone! I know 802.1x support both wireless and wire network authentication,but I found nobody use 802.1x do wire network authentication,why?I don't know.Now I'd to do such a trick,I must show somebody how cisco 2950 support 802.1x authentication,I want use freeradius and xsupplican

Recommend-It: PLS REPLY to CONFIRM [freeradius-users@lists.cistron.nl/6947]

CONFIRMATION OF RECOMMEND-IT SUBSCRIPTION REQUEST IS REQUIRED! We have just received a subscription request to add you to the free lists run by Recommend-It. You must confirm your subscription to join these lists by following the simple instructions below. INSTRUCTIONS: In order to activate you

Please Confirm Your $10,000 Entries!

Please confirm the following contest entries by clicking the link below: Recommend-It Spread the Word and Win $10,000 Sweepstakes (5 Entries) Sony DVD Player Giveaway (5 Entries) Your confirmation link is: http://ric1.com/irec.e?228469CB76F Your confirmation page will also show you how you c

RE: use freeradius to clear line

Radzap doesn't seem to work for me either. I have two users stuck in FR but they have disconnected from NAS a long time ago. -Chhai -Original Message- From: Vitaliy Karlov [mailto:[EMAIL PROTECTED]] Sent: Thursday, 28 November 2002 1:51 AM To: [EMAIL PROTECTED] Subject: Re: use freeradi

RE: use freeradius to clear line

Thanks Alan! I read the FAQ once before and I remembered that freeradius could kick users but I forgot that it was in the FAQ if that make sense at all! Chhai -Original Message- From: Alan DeKok [mailto:[EMAIL PROTECTED]] Sent: Thursday, 28 November 2002 1:41 AM To: [EMAIL PROTECTED] Su

Re: SSL_read Error: EAP-TLS

ah, that's a good one Nikhil Chauhan wrote: > > I generated the certificates as per the HOWTO > by Raymond MacKay. I get a SSL_read Error (Please > see the attached radius server log). > TLS_accept:error in SSLv3 read client certificate A > rlm_eap_tls: SSL_read Error > Error code is .

Re: EAP/TLS testing: SSL_set_my_callback

you don't need x99 token. go in the src/modules directory, locate the "stable" file and throw it out of the list. ciao artur Nikhil Chauhan wrote: > > Hi Artur: > > Thanks for your suggestions. I heartly appreciate > them. > > The problem with SSL_set_msg_callback seems to be > fixed now.

Re: User Configuartion Help and Interesting Scenario

Dear all, Sorry for the badly worded question which has caused a big confusion. I think I should explain the problem at hand instead of asking bits and pieces. I want to be able to use an authenication server which will receive a request. This request asks the authentication server to dynamically

RE: Re: FreeRadius 0.8, Oracle 8.1.7. Problem with CPU load

Title: RE: Re: FreeRadius 0.8, Oracle 8.1.7. Problem with CPU load > -Original Message- > From: Chris Parker [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, November 26, 2002 7:47 PM > To: [EMAIL PROTECTED] > > > > Maybe they cache the responses from Oracle.  Look at the  queries they  do

Re: LDAP bind problem

> Let me guess. When using '-s' you're running as 'root'. You've > also got the 'user' and 'group' entries in radiusd.conf set to > 'nobody'. Nope, it actually is running as nobody in "-s" mode. I tried running with the user and group commented out letting it run as root in both modes: no chan

SSL_read Error: EAP-TLS

Hello: I'm testing EAP TLS functionality with: * freeRADIUS-0.8 and the latest version of openssl -(openssl-0.9.7-beta4) on the server; * Linux machine as a client, and * Cisco's AP350 as the authenticator. I generated the certificates as per the HOWTO by Raymond MacKay. I get a SSL_read Error

Re: Max-Daily-Session token usage, can anyone help?

Thanks... Spasiba Peter Svetlana Vyslanko writes: I have downloaded version 0.8, and I've been lookoing at the sql (mysql) table... It seems that there is no entry for Max-Session-Time (or is it Max-Daily Session?) or either the Daily-Session-Time... Can anyone guide me on how to us

Re: EAP/TLS testing: SSL_set_my_callback

Hi All: The solution... * Clean-up all prior versions of freeRADIUS and openSSL * Install the latest BETA version of openssl (0.9.7-beta4) * Download latest version of freeRADIUS(0.8) * Run ./configure under freeRADIUS root directory * Do necessary changes in the Makefile under rlm_eap_tls di

Re: Does mod_auth_radius can talk with a shiva radius?

Thanks for the quick response. I'm an idiot.. I am using one time password method and just forgot about the caveat that is mentioned in the source file regarding the browser behavior when not directed to a specific url.. Fixed it and it works just fine. Thanks again.. --- Alan DeKok <[EMAIL PROTE

Re[2]: MS-CHAP

Dear Josh Howlett, No. rlm_smb is authentication module, not authorization one. You can use either rlm_mschap or rlm_smb. --Wednesday, November 27, 2002, 6:46:43 PM, you wrote to [EMAIL PROTECTED]: JH> Does that include rlm_smb? JH> thanks, josh. JH> On Wed, 2002-11-27 at 15:34, 3APA3A wrote:

Re: MS-CHAP

Does that include rlm_smb? thanks, josh. On Wed, 2002-11-27 at 15:34, 3APA3A wrote: > Dear Josh Howlett, > > You can use mschap authentication module in conjunction with any > authorization module (for example sql or dbm). All you need is cleartext > or NT-crypted password to be accessa

Re: Does mod_auth_radius can talk with a shiva radius?

aviel levy <[EMAIL PROTECTED]> wrote: > We compiled mod_auth_radius-1.5.4 with apache_1.3.27 > on RedHat 8. > > Can it work with a shiva radius server (access manager > 5.7)? I don't see why not. > The client gets an positive reply from the server but > sends another request and then is denied

Re: MS-CHAP

Dear Josh Howlett, You can use mschap authentication module in conjunction with any authorization module (for example sql or dbm). All you need is cleartext or NT-crypted password to be accessable. So you can use almost any DBMS (Oracle, MySQL, PostgreSQL, MS SQL, DB2, Sybase, etc)

Re: Allocating dynamic IP addresses from FreeRadius

On Wed, 2002-11-27 at 09:26, Vitaliy Karlov wrote: > On Wed, Nov 27, 2002 at 04:12:12PM +0200, Kostas Kalevras wrote: > > > Hi All! > > > In radiusd.conf I put this: > > > > > > === radiusd.conf = > > > ippool main_pool { > > > range-start = 10.1.1.1 > > > range-stop = 10.1.1.255 > > >

Re: LDAP bind problem

Samuel T Patterson <[EMAIL PROTECTED]> wrote: > Here is some more information about the problem I am seeing. Running > with debug flags shows a "Can't contact LDAP server" message. The bind > is successful if the "-s" argument is used. I would prefer to run > FreeRADIUS in multi-threaded mode, but

Re: MS-CHAP

Josh Howlett <[EMAIL PROTECTED]> wrote: > What can Freeradius use to authenticate MS-CHAP against? I know of the > following methods: ... Right now, the mschap module can only use clear-text passwords (or /etc/smbpasswd) for authentication. So any module which supplies a clear-text password fo

Re: User Configuartion Help and Interesting Scenario

At 09:14 AM 11/27/2002 -0600, you wrote: I'm not disputing anything; I'm trying to provide information. I have freeradius set up to _always_ send reply messages, and I have NASes that show the string to the user on login, and NASes that completely ignore it. Nothing more, nothing less. I thoug

Re: use freeradius to clear line

On Wed, Nov 27, 2002 at 10:10:33AM -0500, Alan DeKok wrote: > "Chhai Thach" <[EMAIL PROTECTED]> wrote: > > Is there a way to manually disconnect the user using freeradius instead > > of NAS? > > Did you bother reading the FAQ? May be I wrong, but in FR-0.8 radzap is broken! I yourself want de

Re: Authentication vs. Authorization question

Artur Hecker <[EMAIL PROTECTED]> wrote: > his question is how to mangle the response adding authorization data... > Jukka, i think you should take a loot at postproxying available in > freeradius 0.8 or in the snapshots (not sure about that). No. Once the reply is received from the home serve

Re: User Configuartion Help and Interesting Scenario

I'm not disputing anything; I'm trying to provide information. I have freeradius set up to _always_ send reply messages, and I have NASes that show the string to the user on login, and NASes that completely ignore it. Nothing more, nothing less. Vincent Giovannone Network Infrastructure Group

Re: Allocating dynamic IP addresses from FreeRadius

On Wed, Nov 27, 2002 at 04:50:50PM +0200, Kostas Kalevras wrote: > > > You should put a netmask of 255.255.255.0 > > > Delete the db* files and run the server in debug mode (radiusd -X) > > > > I delete all entries with db* and get this (I does not run radiusd in debug mode) > > == radius.log == >

Re: Is freeradius support mips platform?

Jeffery Huang <[EMAIL PROTECTED]> wrote: > Here is my error message! > > gmake[4]: Entering directory `/home/jeffery/Project/radiusd/src/lib' > mipsel-linux-gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall > -D_GNU_SOURCE -g -Wshadow -Wpointer-arith -Wcast-qual -Wcast-align > -Wwrite-st

Re: use freeradius to clear line

"Chhai Thach" <[EMAIL PROTECTED]> wrote: > Is there a way to manually disconnect the user using freeradius instead > of NAS? Did you bother reading the FAQ? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: User Configuartion Help and Interesting Scenario

At 07:50 AM 11/27/2002 -0600, you wrote: You do NOT need to use a database to cause freeradius to re-read its users file. You simply have to sigHUP it. Fair enough, I was considering a SIGHUP to be a restart of the process...my apologies for any confusion. I can say though, Alan, if you are w

Re: Allocating dynamic IP addresses from FreeRadius

On Wed, 27 Nov 2002, Vitaliy Karlov wrote: > On Wed, Nov 27, 2002 at 04:12:12PM +0200, Kostas Kalevras wrote: > > > Hi All! > > > In radiusd.conf I put this: > > > > > > === radiusd.conf = > > > ippool main_pool { > > > range-start = 10.1.1.1 > > > range-stop = 10.1.1.255 > > > net

Re: Allocating dynamic IP addresses from FreeRadius

On Wed, Nov 27, 2002 at 04:12:12PM +0200, Kostas Kalevras wrote: > > Hi All! > > In radiusd.conf I put this: > > > > === radiusd.conf = > > ippool main_pool { > > range-start = 10.1.1.1 > > range-stop = 10.1.1.255 > > netmask = 255.255.255.255 > > You should put a netmask of 255.25

MS-CHAP

Hi, What can Freeradius use to authenticate MS-CHAP against? I know of the following methods: - the 'users' file - /etc/smbpasswd - LDAP directory - proxy to another RADIUS server Are there any others? thanks, josh. -- --- Josh Howle

Re: Allocating dynamic IP addresses from FreeRadius

On Wed, 27 Nov 2002, Vitaliy Karlov wrote: > On Tue, Nov 26, 2002 at 11:54:59AM -0500, Mike Varley wrote: > > There is a module that does dynamic IP assignment: look in > > ${freeradius_source_dir}/src/modules/rlm_ippool > > > > It is not built by default, so you need to add it to the top level >

Re: Allocating dynamic IP addresses from FreeRadius

On Tue, Nov 26, 2002 at 11:54:59AM -0500, Mike Varley wrote: > There is a module that does dynamic IP assignment: look in > ${freeradius_source_dir}/src/modules/rlm_ippool > > It is not built by default, so you need to add it to the top level > Makefile. There is a description on how to configure

Re: ERROR 2002: Can't connect to local MySQL server through socket '/ var/lib/mysql/mysql.sock' (111)

27-Nov-02 at 19:28, Vijay Reddy ([EMAIL PROTECTED]) wrote : > Hi, > I have just installed freeradius 0.8 on Linux. How can we connect the mysql > server running on different machine,what changes are required to make mysql > client contact the server running on different machine,always i am getting

Re: ERROR 2002: Can't connect to local MySQL server through socket'/ var/lib/mysql/mysql.sock' (111)

You should check out the mysql documentation on mysql.com. This is a freeradius list and I doubt you will get much mysql support here. On Wed, 2002-11-27 at 08:58, Vijay Reddy wrote: > Hi, > I have just installed freeradius 0.8 on Linux. How can we connect the mysql > server running on different

ERROR 2002: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111)

Hi, I have just installed freeradius 0.8 on Linux. How can we connect the mysql server running on different machine,what changes are required to make mysql client contact the server running on different machine,always i am getting ERROR 2002: Can't connect to local MySQL server through so

Re: User Configuartion Help and Interesting Scenario

You do NOT need to use a database to cause freeradius to re-read its users file. You simply have to sigHUP it. Also, the "reply-message" packet is not guaranteed. Well, let me say that better. It's guaranteed that Freeradius will send it if you specify it. It is NOT guaranteed what the NAS w

Re: User Configuartion Help and Interesting Scenario

Alan, At 11:38 PM 11/27/2002 +1100, you wrote: Dear all, I have just installed radius 0.8 on my redhat 7.2 box. Being a total newbie I just wanted to know two things... 1) Firstly how do I add new users and then without restarting make radius reread the users file? Is there a configuration sw

Re: Max-Daily-Session token usage, can anyone help?

> > I have downloaded version 0.8, and I've been lookoing at the sql (mysql) > table... It seems that there is no entry for Max-Session-Time (or is it > Max-Daily Session?) or either the Daily-Session-Time... > > Can anyone guide me on how to use these tokens properly... TIA > > Peter I used

User Configuartion Help and Interesting Scenario

Dear all, I have just installed radius 0.8 on my redhat 7.2 box. Being a total newbie I just wanted to know two things... 1) Firstly how do I add new users and then without restarting make radius reread the users file? Is there a configuration switch to allow me to do that? If it isnt possible

Re: EAP/TLS testing: SSL_set_my_callback

Hi Artur: Thanks for your suggestions. I heartly appreciate them. The problem with SSL_set_msg_callback seems to be fixed now. I installed the latest Beta version of the openssl and /usr/local/lib/ldd rlm_eap_tls-0.7-pre.so seems to give me libraries from this version of openssl. I tried again w

Re: Authentication vs. Authorization question

> Jukka wanted to know how to ADD authorization data > to the response sent by the remote server. The > remote server _doesn't_ send any authorization data, > it's not supposed to and there is nothing to be done > about it, at least not by Jukka. > > his question is how to mangle the response add

Re: Authentication vs. Authorization question

The data should be in radreply table or radgroupreply (if your user is in a group in usergroup table) I am not a proxying expert but I think it would be nice to check the remote server if its even able to send these data. I might be off the track also! You can perhaps use the radclient program to

Re: Authentication vs. Authorization question

Well I suspected if the remote server maybe dont even have this data inside or somehow it doesnt send back. I thought the first thing is to check if the remote server is working good, without any problems. But definetely I am not an expert at proxying but I thought the proxy should automaticly for

Re: Authentication vs. Authorization question

Evren, i think you misunderstand the question: Jukka wanted to know how to ADD authorization data to the response sent by the remote server. The remote server _doesn't_ send any authorization data, it's not supposed to and there is nothing to be done about it, at least not by Jukka. his questi

Re: Authentication vs. Authorization question

--- Evren Yurtesen <[EMAIL PROTECTED]> wrote: > What kind of db are you using? can you send > radiusd -xx > output of authentication session? I'm using MySQL at the moment and it's working ok. Output attached. > do you mean that the remote server is working good > when you connect it > directly?

Does mod_auth_radius can talk with a shiva radius?

Hi, We compiled mod_auth_radius-1.5.4 with apache_1.3.27 on RedHat 8. Can it work with a shiva radius server (access manager 5.7)? It seems like those folks don't understand each other.. or the client doesn't get well the server's response. The client gets an positive reply from the server but

Re: Authentication vs. Authorization question

What kind of db are you using? can you send radiusd -xx output of authentication session? do you mean that the remote server is working good when you connect it directly? for example with radclient ? Evren On Wed, 27 Nov 2002, Jukka Lehti wrote: > Hi, > > I've set up freeradius 0.8 so that use

Authentication vs. Authorization question

Hi, I've set up freeradius 0.8 so that users like john@test get authenticated from a remote RADIUS server, i.e., freeradius works as a proxy. This is working well, so no problem here. But: the remote server only returns authentication data (un/pw ok/bad), I have authorization data in my local DB (

Re: FreeRadius 0.8, Oracle 8.1.7. Problem with CPU load

Novoselsky Alexander wrote: > May be. But OpenRADIUS and Navis Radius use simple SQL queries: "SELECT password >FROM users > WHERE username = ?". IMNAODBA (= I am not an Oracle DBA), but I have it on reasonable authority that queries of the above form (bindable?) are cacheable by Oracle. > It s