[EMAIL PROTECTED]
thanks
in aaa.txt state :
"It retrieves 3 types of attributes: check
attributes, configure attributes and reply attributes. It compares the
check attributes with attributes from request items. If none of
database record for this User-Name matches in check attributes with
request items authorization will f
On Tue, 2002-12-10 at 21:46, Martin Gadbois wrote:
> I found that freeradius-0.8 does not encrypt the MS-CHAPv1 MPPE keys as specified by
>RFC 2548 sec.
> 2.4.1.
> In fact, that code was commented out.
If you read the CVS log you will notice that this is becuase the
encryption now is handled in r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello all,
I found that freeradius-0.8 does not encrypt the MS-CHAPv1 MPPE keys as specified by RFC 2548 sec.
2.4.1.
In fact, that code was commented out.
Here is the patch:
- --- freeradius-0.8/src/modules/rlm_mschap/rlm_mschap.c Wed Oct 2 10:37:0
dear all,
can i using sql module for authentication?
Thanks.
Regards,
Tjenen
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi guys. Hope everyone is ok. I am using Cistron FreeRadius Software and
I am having some problems here.
It seems like some access servers are not sending an END signal to the
radius after an abrupt (forced) disconnection by the other end (end
user).
When the user reconnects, the radius gives an
JP Hindin <[EMAIL PROTECTED]> wrote:
> > FreeRADIUS doesn't authenticate through SQL.
> Alrighty.
>
> Considering this would go against the grain of even bothering to have an
> SQL module in my opinion, let me get this clarified:
> FreeRADIUS is unable to store an equivalent of the raddb/users f
On Tue, 10 Dec 2002, Alan DeKok wrote:
> JP Hindin <[EMAIL PROTECTED]> wrote:
> > I've been trying to make FR auth using its SQL module (through MySQL to be
> > specific) and am having no luck whatsoever.
> FreeRADIUS doesn't authenticate through SQL.
Alrighty.
Considering this would go agains
10-Dec-02 at 11:29, JP Hindin ([EMAIL PROTECTED]) wrote :
> On Tue, 10 Dec 2002, Simon White wrote:
> > 09-Dec-02 at 17:03, JP Hindin ([EMAIL PROTECTED]) wrote :
>
> > > The command I'm using to test:
> > > [jphindin@server bin]$ ./radtest testuser testpass localhost 66 *password*
> > The syntax i
10-Dec-02 at 11:29, JP Hindin ([EMAIL PROTECTED]) wrote :
> On Tue, 10 Dec 2002, Simon White wrote:
> > 09-Dec-02 at 17:03, JP Hindin ([EMAIL PROTECTED]) wrote :
>
> > > The command I'm using to test:
> > > [jphindin@server bin]$ ./radtest testuser testpass localhost 66 *password*
> > The syntax i
On Tue, 10 Dec 2002, Simon White wrote:
> 09-Dec-02 at 17:03, JP Hindin ([EMAIL PROTECTED]) wrote :
> > The command I'm using to test:
> > [jphindin@server bin]$ ./radtest testuser testpass localhost 66 *password*
> The syntax is:
> radtest user passwd radius-server[:port] nas-port-id secret
>
Thomas Krantz <[EMAIL PROTECTED]> wrote:
> My problem may already be fixed, I just pulled the latest CVS version (and
> fixed some minor typo in a checked-in sql_postgresql..., and another
> typo(?) in rlm_unix)
Do you have patches?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://
Perhaps try specifying the explicit behavior of the group rather than
using redudant { } ?
>From doc/configurable_failover:
accounting {
group {
sql1 {
fail = 1
notfound = 2
noop = return
ok = return
updated = return
reject
On Tue, 10 Dec 2002, Alan DeKok wrote:
> Check that the modules don't take forever to return.
The only custom built module I tested with live traffic is appending a
line to a file. I did a stresstest with radclient it easily ate about 2700
requests/sec.
> Again, fix your accounting module.
Hi,
I've have a completely mysterious problem here. Using
RH7.3+FreeRADIUS0.8, FreeRADIUS starts well when
booting the computer (FreeRADIUS is installed from the
RPM which includes init scripts). But if I stop and
start FreeRADIUS, it won't start. Nothing helps,
nothing. Only stopping snmpd and st
Thomas Krantz <[EMAIL PROTECTED]> wrote:
> We're running FreeRADIUS 0.8 on a Solaris 2.8 box, and we're planning to
> replace all our radius servers (old Livingston 1.16 and Lucent 2.1) with
> FreeRADIUS. Right now we've written some modules to replace the
> dedicated accounting servers, to start w
Christophe Boyanique <[EMAIL PROTECTED]> wrote:
> I want to log to *one* SQL database and to have a backup database if the
> first one doesn't work.
Ok...
> I did; so I made something like that:
>
> accounting {
> redundant {
> sql1
> sql2
> }
> }
>
> But then it logs
On Tue, 10 Dec 2002, Alan DeKok wrote:
> I'm a little confused by your description. If you want one server
> to log to *two* SQL databases, then you don't want redundancy.
I want to log to *one* SQL database and to have a backup database if the
first one doesn't work.
> See 'doc/configurabl
Hello folks,
We're running FreeRADIUS 0.8 on a Solaris 2.8 box, and we're planning to
replace all our radius servers (old Livingston 1.16 and Lucent 2.1) with
FreeRADIUS. Right now we've written some modules to replace the
dedicated accounting servers, to start with.
Anyway, our problem is that
Christophe Boyanique <[EMAIL PROTECTED]> wrote:
> After the test run, the number of accounting lines on radproxy is
> strictly equal to the sum of lines from radclient1 and radclient2. So
> there is no redundancy but duplicity.
I'm a little confused by your description. If you want one server
t
Rodolfo Siviero Stein <[EMAIL PROTECTED]> wrote:
> Anybody can send me a working radiusd PAM file (my files are above)?
>
> Is this way ( freradius -> PAM -> pam_smb -> NT Domain) the best way to
> authenticate these users ? I see in the experimental.conf about a SMB
> authication
Sergio de Almeida Lenzi <[EMAIL PROTECTED]> wrote:
> The system builds ok but I cannot find any information about how to load
> the dictionary into the sql table (dictionary).
That's because there is none.
Putting the dictionary into an SQL database won't help much, if at
all.
Alan DeKok.
Mike Paneth <[EMAIL PROTECTED]> wrote:
> I have got FR 0.8 & MySQL up and running on
> LINUX 8, but I cannot authenticate. Where am
> I going wrong?
You didn't read the output you posted to the list.
I would have thought that was obvious, but maybe it needs to be
added to the FAQ: "Run the
JP Hindin <[EMAIL PROTECTED]> wrote:
> I've been trying to make FR auth using its SQL module (through MySQL to be
> specific) and am having no luck whatsoever.
FreeRADIUS doesn't authenticate through SQL.
> modcall: group authorize returns ok
> rad_check_password: Found Auth-Type System
> au
[EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
> i simply cannot get this thing to work. i thought i could get this thing
> working with cisco-avpairs; but either it does not work with these tags or i
> did make several mistakes (which wouldn't make me wonder, really). when
> debugging radius in a
Ray <[EMAIL PROTECTED]> wrote:
> both are right, but they have there place (assuming i'm reading the docs
> right, and assuming my other assumtions about it are correct)
>
> := in the replies and == in the checks unless your doing something that the
> check needs to be something else.
>
> i agree
Ray <[EMAIL PROTECTED]> wrote:
> > modcall: entering group authenticate
> > modcall[authenticate]: module "unix"
> > returns notfound
>
> it says bob/bobbob is not a user on your machine, but since your trying to
> auth via MySQL you probably aren't looking to auth via real users.
> if so then
I would concur that using the NAS is the preferred solution.
Especially if you are considering using redundant radius servers.
Tim
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Simon White
> Sent: Tuesday, December 10, 2002 2:56 AM
> To: [EMAIL PR
radiusd: FreeRADIUS Version 0.9-pre, for host i686-pc-linux-gnu, built on Dec
10 2002 at 08:24:25
"sweet" Thankyou!
> <[EMAIL PROTECTED]> wrote:
>> When i start freeradius i get this message below.
>> I can authenticate through mysql using -X or -xx and can still
>> authenticate after calling r
At 05:42 PM 12/9/2002 -0500, you wrote:
Is is possible to setup proxy radius not based so much on realms but based
on Key/Value pairs in the authentication packets? For example, I have many
resellers and I need to be able to proxy requests based on DNIS
(CalledStationID) or even just the last 4 di
I may be wrong here, but I think you don´t need and you can´t load the
dictionary into an SQL table. Since I guess this kinda of info is
loaded into memory at start, keeping this on SQL doesn´t make much sense
to me. Static files do this fine, unless, of course, you really have a
need to keep all
Hello,
I have the same problem the one explained here:
http://lists.cistron.nl/pipermail/freeradius-users/2002-September/011562.html
Basically, I set up two redundant sql instances (sql1 and sql2) for
accounting:
accounting {
acct_unique
redundant {
sql1
I dont know about radius but its a lot easier configuration when the ip's
in the cisco =)
Evren
On Mon, 9 Dec 2002, Bill wrote:
> Hello!
>
> I have a question. I have a Cisco AS5200. It was suggested that I
> place the public IP's into the AS5200, however there are provisions in
> freer
Kostas Kalevras wrote:
The counter module should come *after* the files module so that
Max-Daily-Session has been set when it runs.
Also add the counter module in the instantiate section.
That's it! Thanks very much. This is a now working setup:
radiusd.conf
...
authorize {
prep
09-Dec-02 at 22:59, Bill ([EMAIL PROTECTED]) wrote :
> Hello!
>
> I have a question. I have a Cisco AS5200. It was suggested that I
> place the public IP's into the AS5200, however there are provisions in
> freeradius to do this also. Which is the correct way, put the Public IP's
> into
09-Dec-02 at 17:03, JP Hindin ([EMAIL PROTECTED]) wrote :
>
> Greetings;
> I've been trying to make FR auth using its SQL module (through MySQL to be
> specific) and am having no luck whatsoever.
> I've thoroughly consulted the frontios.com/freeradius.html
> documentation and just can't seem to ma
hello, everybody.
i'm currently trying to set up a cisco-config in which a user logs on,
executes a preconfigured command on the nas and then is being logged out
immediately afterwards (some sort of automated script execution on user
logon).
but don't think that i've got it so far.
i simply c
37 matches
Mail list logo