Re: freeradius not reading Auth-Type from MySQL

Where do have the Auth-Type := Local listed at; in the radgroupreply? It seems I can only make it work by designating it as local in the DEFUALT Auth-Type := Local. Michael Brininstool wrote: > > On Wed, Feb 05, 2003 at 12:38:56AM -0600, [EMAIL PROTECTED] wrote: > > > > I finally figured out wha

RE: Release: Perl script to parse Cisco H323 VoIP call records into a Postgres DB

godsend work , godsend I say , I have been looking exaclty for this peice of code ! Is anyone interested in some php scripts for daily and monthly stats of mysql databases ? -Original Message- From: Peter Nixon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 04, 2003 8:45 PM To: freer

Re: freeradius not reading Auth-Type from MySQL

On Wed, Feb 05, 2003 at 12:38:56AM -0600, [EMAIL PROTECTED] wrote: > > I finally figured out what was going on. > > Before I call this a bug, I'll racap and let the list hash it out. > > freeradius-2002-10-21 kept setting the Auth-Type to system causing the > radius to use the system authenticat

freeradius not reading Auth-Type from MySQL

I finally figured out what was going on. Before I call this a bug, I'll racap and let the list hash it out. freeradius-2002-10-21 kept setting the Auth-Type to system causing the radius to use the system authentication and not the password pair on the mysql db. I finally commented out every insi

Re: No Authentication (Fall Through)

If I list Auth-Type in the DB as Auth-Type := Local then why is it falling through to the default users file and using Auth-Type := System?? It already found a correct match up, should it not stop there?? Robert Canary wrote: > > Yes, I understand. Thank You. > > Alan DeKok wrote: > > > > Robe

RE: Subrealm Support

At 03:45 PM 2/4/2003, you wrote: Hmm...we already have the DEFAULT in use for other purposes. I suspected this to be the case. Thanks for your responsiveness. O/K. Well, what about using a DEFAULT profile in Users. Do a reg-ex match on the username/realm/whatever, and then set a proxy-to-rea

Re: rlm_perl

At 10:36 AM 2/4/2003, you wrote: Chris Brotsos <[EMAIL PROTECTED]> wrote: > I have recently tried implementing rlm_perl with FR 0.9-pre on Solaris2.8. > > After installing Perl5.6.1, I got the following errors when running 'make' > in the rlm_perl directory: Yeah, perl supplies some dynamic lib

RE: Subrealm Support

Hmm...we already have the DEFAULT in use for other purposes. I suspected this to be the case. Thanks for your responsiveness. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Chris > Brotsos > Sent: Tuesday, February 04, 2003 4:38 PM > To: [EMAIL PR

Re: Questions about proxying

Jacques Caruso <[EMAIL PROTECTED]> wrote: > Huh... a Unix group ? Since I'm working on a SQL backend, that isn't > possible, but all our local users are already in a group in the SQL DB. > I've thus added the Auth-Type attribute to the groups' attributes list > in the radgroupreply table. Here is t

FTP access to accounting logs by rodopi

OS: Solaris8/SPARC I need to ftp (read) the accounting log using a non-priveleged account from RODOPI. I created a non-priveleged user with the 'other' group. Rodopi can change the 'detail' file names but cannot read the files since the default persmision is owner:rw (only). RODOPI changes the

Re: rlm_perl

Chris Brotsos <[EMAIL PROTECTED]> wrote: > I have recently tried implementing rlm_perl with FR 0.9-pre on Solaris2.8. > > After installing Perl5.6.1, I got the following errors when running 'make' > in the rlm_perl directory: Yeah, perl supplies some dynamic libraries, and some static ones. >

RE: cisco command accounting

> > Ahem... in Morocco... Cisco reps... know less than I do about IOS > Regardless of the continent on which they reside, most Cisco Reps don't set the bar too high :) > I was wondering more along the lines of TACACS being reverse > engineered > in some obscure Sourceforge project or runn

Re: Subrealm Support

At 03:31 PM 2/4/2003, you wrote: Is there a way to proxy subrealms to downstream radius servers? We have [EMAIL PROTECTED], [EMAIL PROTECTED], subrealm3.foo.com and want to proxy all three subrealms to the same downstream radius server without having to specify each subrealm...just the *.foo.com

Re: Invalid reply digest error

John Horne <[EMAIL PROTECTED]> wrote: > By stopping radius on one server I can see (using radiusd -xx) that the > users are being authenticated on the other server and that a reply is > being sent back. However on the local server the log file is showing > > Feb 4 18:42:51 fred pppd[1784]: rc_s

RE: Monthly usage limits -slowly but surely

On Tue, 4 Feb 2003, Keith Ballard wrote: > I too am interested in this, as I have just set up my system (RH7.2, mySQL, > freeRaduis) to use counters and get: > > Error: radiusd.conf[1018] Failed to link to module 'rlm_counter': File not > found. ls /lib/rlm_counter* ldd /lib/rlm_counter.so Tha

Re: cisco command accounting

04-Feb-03 at 15:15, Mike Ockenga ([EMAIL PROTECTED]) wrote : > > I have been banging around with a Cisco 3640 with a PRI card on it, > > trying to work out why I don't get accounting data from it. Are there > > any workarounds? > > > > Not right now. That functionality isn't "broken" in IOS; I

Subrealm Support

Is there a way to proxy subrealms to downstream radius servers? We have [EMAIL PROTECTED], [EMAIL PROTECTED], subrealm3.foo.com and want to proxy all three subrealms to the same downstream radius server without having to specify each subrealm...just the *.foo.com realm portion. There were some ol

Re: cisco command accounting

At 09:17 PM 2/4/2003 +, Simon White wrote: 04-Feb-03 at 15:15, Mike Ockenga ([EMAIL PROTECTED]) wrote : I was wondering more along the lines of TACACS being reverse engineered in some obscure Sourceforge project or running a TACACS server, or something. If you want TACACS, you can get it fr

Re: cisco command accounting

Simon White <[EMAIL PROTECTED]> wrote: > Ahem... in Morocco... Cisco reps... know less than I do about IOS > I was wondering more along the lines of TACACS being reverse engineered > in some obscure Sourceforge project or running a TACACS server, or > something. Miquel wrote a tacacs+ to ra

rlm_perl

Hello All, I have recently tried implementing rlm_perl with FR 0.9-pre on Solaris2.8. After installing Perl5.6.1, I got the following errors when running 'make' in the rlm_perl directory: *** Warning: Linking the shared library rlm_perl.la against the *** static library /home/cbrotsos/lib/perl

Re: Questions about proxying

At 10:04 PM 2/4/2003 +0100, Jacques Caruso wrote: Le Lundi 3 Février 2003 14:22, Alan DeKok a écrit : > The solution would be to put all of *your* users into a Unix group. > You can then do: > > DEFAULT Group == "myusers", Auth-Type := System > # NO fall-through! > > DEFAULT Proxy-To

Re: cisco command accounting

04-Feb-03 at 15:15, Mike Ockenga ([EMAIL PROTECTED]) wrote : > > I have been banging around with a Cisco 3640 with a PRI card on it, > > trying to work out why I don't get accounting data from it. Are there > > any workarounds? > > > > Not right now. That functionality isn't "broken" in IOS; I

RE: cisco command accounting

> I have been banging around with a Cisco 3640 with a PRI card on it, > trying to work out why I don't get accounting data from it. Are there > any workarounds? > Not right now. That functionality isn't "broken" in IOS; I think it's "missing completely" at this point. As was suggested, bug yo

RE: Monthly usage limits -slowly but surely

I too am interested in this, as I have just set up my system (RH7.2, mySQL, freeRaduis) to use counters and get: Error: radiusd.conf[1018] Failed to link to module 'rlm_counter': File not found. I have definitely got counters called up in radiusd, and cannot see anything I did wrong. I have look

Re: cisco command accounting

04-Feb-03 at 11:37, Frank Cusack ([EMAIL PROTECTED]) wrote : > On Tue, Feb 04, 2003 at 05:31:37AM +0300, Peter V. Saveliev wrote: > > RT001-005 uses radius for all aaa: author., authent. and acc. > > No it doesn't. No version of IOS supports RADIUS accounting. Please > bring this up with your Ci

Invalid reply digest error

Hello, I have two redhat 8 linux servers running freeradius 0.8.1, with pppd (2.4.2b1) using the radius plugin. Each server is configured such that if the local radius server fails then the other one is used by the radius plugin. By stopping radius on one server I can see (using radiusd -xx) that

Re: Questions about proxying

Le Lundi 3 Février 2003 14:22, Alan DeKok a écrit : > The best thing to do would be to convince them that using a realm > for logins would be the best thing. That's how everybody else in the > world does it. Yes, I am well aware of that, but hey, I simply don't have the power to do that (*sigh*

Binary for debian

Hello, Does anyone happen to have a freeradius binary for Debian. I'm running debain 3.0 and am having trouble compiling the rlm_krb5 module. I get the :warning: silently not building rlm_krb5 warning: FAILURE rlm_krb5 requires: krb5 I installed the debian packages for krb5 and that seems t

Huntgroup by calledstationid?

Anyone on the list ever hacked something up to create hunt groups based on calledstationid? I have a situation where I have a NAS with a couple different DID's on it. I'd like an easy method to differentiate between users on these DID's. IE, user bob can dial the local XXX number, but not the 80

Re: No Authentication

Yes, I understand. Thank You. Alan DeKok wrote: > > Robert Canary <[EMAIL PROTECTED]> wrote: > > Yeah I see it. I know it is trying to use the Auth-type=System, but > > why? > > Because you told it to. The default 'users' file comes configured > to authenticate against the system /etc/passw

Re: Added trailing slash to password...plus 3 digits. ??

Ryan Beisner <[EMAIL PROTECTED]> wrote: > Something very odd is happening to my FreeRADIUS server. From a Win98 > PC (multiple different ones), dialing in with the SAME user name and > password (re-entering it each time), I get different results. > > It seems there's a "\003" added sometimes for

Re: Auth-type and sql

On Tuesday 04 February 2003 06:55, Alessandro Lazzini wrote: > I have a problem to set atrribute Auth-Type in the sql field. > > My table are: > > mysql> select * from radgroupreply; > | 5 | testgroup | Auth-Type| := | Reject |1 | > > mysql> select * from radreply; > | 5 | testuser |

Added trailing slash to password...plus 3 digits. ??

Something very odd is happening to my FreeRADIUS server. From a Win98 PC (multiple different ones), dialing in with the SAME user name and password (re-entering it each time), I get different results. It seems there's a "\003" added sometimes for an unknown reason. FYI: The real password should

Re: Problems with Ascend TNTs?

On Tue, 4 Feb 2003, Chris Parker wrote: > At 05:02 PM 2/3/2003 -0800, Jim wrote: > > > >Questions: > > > >1. Are there any known issues with Ascend MaxTNTs? If so, what would be > >the fix? > > First, I'd make sure you've read the 'doc/ascend' writeup. Basically, > you *really* want to run you

Re: cisco command accounting

On Tue, Feb 04, 2003 at 05:31:37AM +0300, Peter V. Saveliev wrote: > RT001-005 uses radius for all aaa: author., authent. and acc. No it doesn't. No version of IOS supports RADIUS accounting. Please bring this up with your Cisco sales rep. (It would be really easy for them to support this.) /f

RE: eap: Module instantiation failed

hi, thank to Raymond and Artur for answering my earlier questions. I'm following the "EAP/TLS +windXP howto " to setup freeradius. on a redhat 7.2 using freeradius 0.8.1 + openssl 0.9.7 stable. after I compiled and installed openssl and freeradius, got a "Module instantiation failed" when start

Re: no install to /usr/local ?

At 12:12 PM 2/4/2003 -0700, Brian Quinn wrote: I am getting ready to install Freeradius and will make the prefix /opt/freeradius. The main thing i want to know is that nothing can be written to "/usr/local" since it's a mount point. How do i make sure that nothing will try to be written to tha

no install to /usr/local ?

I am getting ready to install Freeradius and will make the prefix /opt/freeradius. The main thing i want to know is that nothing can be written to "/usr/local" since it's a mount point. How do i make sure that nothing will try to be written to that directory? Thanks Brian - List info/subs

cisco_vsa_hack (rlm_preprocess)

I offer to add functionality in the function "cisco_vsa_hack". Example value pair: Cisco-AVPair = "h323-incoming-conf-id=cc0576cf 379011d7 95c8ef6a 9f419c36" I can not will address to attribute h323-incoming-conf-id through macro %{h323-incoming-conf-id} Offer: if "h323-incoming-conf-id" exists i

Release: Perl script to parse Cisco H323 VoIP call records into a Postgres DB

Hi Guys Here is a release (version 1.0) of a program I wrote and have found very useful. Maybe someone else will too. http://www.peternixon.net/code/h323detail2db.pl.txt Its purpose is to parse h323 VoIP call records as emmitted by ciscos and insert them into a database if they dont already exis

Disconnecting a remote user

Hi, I'm new to freeradius and to this mailing list, and wanna known one thing, there's a way to disconnect a remote user within a FreeRadius command? Thanks -- = SCSA - Certificado Conectiva Security Officer - Net Site S/A. Michel Angelo da Silva Pereira [EMAIL P

Re: AP/NAS MAC string format list

Frank Keeney wrote: Also add that Cisco wants the MAC in all lower case (according to the Cisco documentation). Good point. Also, Cisco wants the MAC in the same format as the password. Please submit: Vendor Model [userid, password] Software/Firmware version only if relevant. I will compile

Re: AP/NAS MAC string format list

Also add that Cisco wants the MAC in all lower case (according to the Cisco documentation). Has anyone got Freeradius and MAC authentication working? Frank On Tue, 4 Feb 2003, Aron Silverton wrote: > Cisco 1100 (IOS) (Other models?) > "" - List info/subscribe/unsubscribe? See

AP/NAS MAC string format list

Hi all, Anybody out there have an interest in compiling a list of MAC address formats for the various APs out there? I've seen some stuff in the archive, but I don't know of a master list or even if there is much variance. I'll start: Cisco 1100 (IOS) (Other models?) "" Orinoco

Re: sql op field

Thanks! Skimmed through that section several times and never saw it. On Tue, Feb 04, 2003 at 11:38:24AM -0500, [EMAIL PROTECTED] wrote: > If you have the RADIUS book, it's on page 89 > > -Original Message- > From: Michael Brininstool [mailto:[EMAIL PROTECTED]] > Subject: sql op field >

Re: sql op field

On Tue, Feb 04, 2003 at 10:37:01AM -0600, [EMAIL PROTECTED] wrote: > > At 10:34 AM 2/4/2003 -0600, Michael Brininstool wrote: > >I do not understand the difference in Radius files or SQL of > >the following operands: > > > >'=' > >'==' > >':=' > > > >Is that documented? > > Yes. Try looking in t

Re: sql op field

At 10:34 AM 2/4/2003 -0600, Michael Brininstool wrote: I do not understand the difference in Radius files or SQL of the following operands: '=' '==' ':=' Is that documented? Yes. Try looking in the aptly named 'doc' directory of the server source. -Chris -- \\\|||/// \ StarNet I

RE: sql op field

If you have the RADIUS book, it's on page 89 -Original Message- From: Michael Brininstool [mailto:[EMAIL PROTECTED]] Subject: sql op field I do not understand the difference in Radius files or SQL of the following operands: '=' '==' ':=' Is that documented? - List info/subscribe/u

sql op field

I do not understand the difference in Radius files or SQL of the following operands: '=' '==' ':=' Is that documented? -- Michael P. Brininstool [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: cisco command accounting

At 05:31 AM 2/4/2003 +0300, Peter V. Saveliev wrote: ... Hello! I'm trying to set up logging of shell commands from cisco to freeradius. On cisco: You need TACACS for this. FreeRADIUS does not support TACACS. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~

Re: Problems with Ascend TNTs?

At 05:02 PM 2/3/2003 -0800, Jim wrote: Using 0.8.1 on FreeBSD 4.3 w/MySQL. We only proxy with this setup. radiusd.conf has all of the default settings for timeouts and retries, etc. We use several networks. All work fine except one that uses Ascend TNTs. We've had no problems with our other setu

First help

Hi all Any guy know how can i test a radius whith ldap auth ? i make a configure, make, make install and configure a radius.conf hes is started ok but i donk know how can i test the ldap authentication ... any can help-me thanks a lot Alexandre .+-Šwèþ˛±ÊâmïîžË›±Êâmäžzm§ÿðÃëyêÚv+

MS-CHAP and SMC Elite Connect?

I'm assisting a local school to add an SMC EliteConnect to an existing Freeradius system. This school has used Freeradius for uears but this seems to be the first time they've needed MS-CHAP. Before posting this we spent several hours going over the configuration, documentation and the archives o

Re: /usr/bin/ld: cannot find -lperl ...

On _ 2003-02-04 at 17:10, Do-Risika RAFIEFERANTSIARONJY wrote: > Though, libperl seems to be present : > > indri:/etc/raddb# locate libperl > /usr/doc/libperl5.6 > /usr/lib/libperl.so.5.6 > /usr/lib/libperl.so.5.6.1 > > Do you know what's wrong in my config ? Try adding a link with name libperl

Re: No Authentication

Robert Canary <[EMAIL PROTECTED]> wrote: > Yeah I see it. I know it is trying to use the Auth-type=System, but > why? Because you told it to. The default 'users' file comes configured to authenticate against the system /etc/passwd file. Reading the output of the debugging mode tells you thi

/usr/bin/ld: cannot find -lperl ...

Hi all, When compiling freeradius with rlm_perl, i have this error message "/usr/bin/ld: cannot find -lperl", Though, libperl seems to be present : indri:/etc/raddb# locate libperl /usr/doc/libperl5.6 /usr/lib/libperl.so.5.6 /usr/lib/libperl.so.5.6.1 Do you know what's wrong in my config ? .

Re: No Authentication

Yeah I see it. I know it is trying to use the Auth-type=System, but why? The password for the username is correct. I don't like asking to direct questions 'cuase it tends to lead a readers thoughts to my own view, however, I see now that in the usergroupreply it *is* missing the AUth-Type=local.

Re: Testing freeradius and EAP/TLS

well, you could use xsupplicant to do this... www.open1x.org Norbert Wegener wrote: > > Artur Hecker wrote: > > no, there is no such tool which i know about. what exactly do you want > > to test? > radtest in one window, radius in debugging mode in another one often > helped me finding configu

Re[2]: No Authentication

Hello Simon, Tuesday, February 4, 2003, 6:34:02 PM, you wrote: >> May be to faq this question? SW> It's in the SW> www.frontios.com/freeradius.html I'm not see direct solution here. I had this problem with db, i'm read www.frontios.com, www.google.com, etc, but does'nt solve problem. Alan help

Re: Testing freeradius and EAP/TLS

Artur Hecker wrote: no, there is no such tool which i know about. what exactly do you want to test? radtest in one window, radius in debugging mode in another one often helped me finding configuration problems. Until now I have no experience in using EAP/TLS, but in the future I probably have

Re: Failed attempts to install EAP/TLS (on FreeBSD and Debian, withOpenSSL0.9.7 and 0.9.8-dev, and FreeRadius 0.8.1 and FreeRadius Snapshot)

hi Paul > Well, I took the openssl-0.9.7 release initialy, it's no beta anymore > :-) I tried an OpenSSL-snapshot this time, ok, i don't follow it very exactly. so you say that 0.9.7 isn't enough right? you still need the newest snapshot, did i get it correctly? s. below. > TLS_accept: SSLv3 w

Re: Testing freeradius and EAP/TLS

no, there is no such tool which i know about. what exactly do you want to test? Norbert Wegener wrote: > > Is there a tool like radtest available, which helps in testing the > correct configuration of eap/tls in freeradius? > > Norbert Wegener > > -- > Norbert WegenerPhone:(49)2012661379

Re: No Authentication

04-Feb-03 at 18:32, Pavel S. Shirshov ([EMAIL PROTECTED]) wrote : > Tuesday, February 4, 2003, 1:44:21 PM, you wrote: > > SW> 04-Feb-03 at 01:19, Robert Canary ([EMAIL PROTECTED]) wrote : > >> modcall[authorize]: module "sql" returns ok > > SW> The SQL part is working > > >> users: Matched D

Re[2]: No Authentication

Hello Simon, Tuesday, February 4, 2003, 1:44:21 PM, you wrote: SW> 04-Feb-03 at 01:19, Robert Canary ([EMAIL PROTECTED]) wrote : >> modcall[authorize]: module "sql" returns ok SW> The SQL part is working >> users: Matched DEFAULT at 152 >> modcall[authorize]: module "files" returns ok >> mo

Testing freeradius and EAP/TLS

Is there a tool like radtest available, which helps in testing the correct configuration of eap/tls in freeradius? Norbert Wegener -- Norbert WegenerPhone:(49)2012661379 Fax:(49)2012661377 SBS Essen,Germany Mail: [EMAIL PROTECTED] Mailfax:(49)2018165521379 smime.p7s Description: S/MIME C

Re: Failed attempts to install EAP/TLS (on FreeBSD and Debian, with OpenSSL0.9.7 and 0.9.8-dev, and FreeRadius 0.8.1 and FreeRadius Snapshot)

Hi, Well, I took the openssl-0.9.7 release initialy, it's no beta anymore :-) I tried an OpenSSL-snapshot this time, and modified the FreeRadius 0.8.1 Makefile of rlm_eap_tls as you suggested. In fact the important difference between your solution and mine is that you included -lcrypto in the fi

Re[9]: sql and MSCHAP and disabling user.

Dear Roman Bessyadovskii, There are few solutions: you can use Expiration attribute with the date in the past or you can change username to some prefix (like disabled_username) and filter this prefix or you can rename User-Password attribute to something else. I can ch

RE: Re[7]: sql and MSCHAP and disabling user.

And once again... :-) Ok, that patch works good for pptp authorization, butm i need to use same users and passwords for squid authorization. And such method not work for disabling users. In other words. I whant to use one DB to keep passwords, but authorize users with different methods - by plain

RE: Re[7]: sql and MSCHAP and disabling user.

Ok, It's works and if SMB-Account-CTRL := 17 then return rad_recv: Access-Request packet from host 127.0.0.1:32772, id=89, length=132 Service-Type = Framed-User Framed-Protocol = PPP User-Name = "test" MS-CHAP-Challenge = 0x2e15b498ec23a1f12c56efee2681c534 M

Auth-type and sql

I have a problem to set atrribute Auth-Type in the sql field. My table are: mysql> select * from radcheck; ++--+---++---+ | id | UserName | Attribute | op | Value | ++--+---++---+ | 1 | testuser | User-Password | == | test |

Re: Failed attempts to install EAP/TLS (on FreeBSD and Debian, with OpenSSL0.9.7 and 0.9.8-dev, and FreeRadius 0.8.1 and FreeRadius Snapshot)

hi, you seem to use a version of openssl which is too old. you need openssl 0.9.7beta or newer. there seem to have some minor problem disturbing you since you seem to know what you are doing. i can only say that it definitely works with FR 0.8.1 and some newer openssl snapshot on debian. you were

Failed attempts to install EAP/TLS (on FreeBSD and Debian, with OpenSSL0.9.7 and 0.9.8-dev, and FreeRadius 0.8.1 and FreeRadius Snapshot)

quot;checking for SSL_new in -lssl" failed because -lcrypto was not included, just -lssl - so eap_tls wasn't built at all. As a final attempt I installed openssl-SNAP-20030203 (verified with strings /usr/lib/libcrypto.a en /usr/lib/libssl.a (symlinks I made to /usr/local/ssl/lib) that th

RE: does freeradius 0.8.1 support EAP/TLS and MPPE dynamic keying?

> From: Jason Jin [mailto:[EMAIL PROTECTED]] > Sent: den 3 februari 2003 18:26 > To: [EMAIL PROTECTED] > Subject: RE: does freeradius 0.8.1 support EAP/TLS and MPPE > dynamic keying? > > > hi,all > > I'm trying to setup freeradius EAP/TLS + MPPE for windows XP > wireless client. I'm followio

Re[7]: sql and MSCHAP and disabling user.

Dear Roman Bessyadovskii, RB> I think, that with User-Password I need use '==' operation, it's condition, RB> not defention... It's definition. In case of MS-CHAP request will never contain User-Password attribute and comparison should fail. But as far as I know there is a _special

RE: Radius rekeying

> From: Jianping Jiang [mailto:[EMAIL PROTECTED]] > Sent: den 31 januari 2003 20:49 > To: [EMAIL PROTECTED] > Subject: Radius rekeying > > > All, > > I just started using FreeRadius. > I am using the freeradius server (along with openssl) > on a linux PC, a cisco access point, and a wireless

RE: Counters

On Mon, 3 Feb 2003, Keith Ballard wrote: > Does it matter that I will have 10,000 counters running which choice I make? No it does not. GDBM can handle the load just fine, especially if you enable caching. One thing is that the sqlcounter module for all i know is not maintained right now. Also th

Re: cisco command accounting

On Tue February 4 2003 04:31, Peter V. Saveliev wrote: > ... > > Hello! > > I'm trying to set up logging of shell commands from cisco to freeradius. On > cisco: > > > RT001-005#show running-config > > aaa accounting commands 0 default stop-only group radius > aaa accounting commands 15 default sto

RE: Re[5]: sql and MSCHAP and disabling user.

Hello. Sorry for some pause in conversation. > >> Any of SMB-Account-CTRL, User-Password and Auth-Type > >> attributes should > >> present with :=, not == operation. I think, that with User-Password I need use '==' operation, it's condition, not defention... Here Logs without SMB-Account-CTRL

RE: Compiling Freeradius v0.8.1 on FreeBSD v3.4

Nope. I'm running 3.4 and aside from a ICMP overflow problem has been very stable for me. Actually 3.4 is not 10 years old. More like 3 or 4. I know its old but its been some time since I upgraded and I don't have the time right now to build a new box. Any suggestions on the quickest way to

Re: No Authentication

04-Feb-03 at 01:19, Robert Canary ([EMAIL PROTECTED]) wrote : > modcall[authorize]: module "sql" returns ok The SQL part is working > users: Matched DEFAULT at 152 > modcall[authorize]: module "files" returns ok > modcall: group authorize returns ok Files is also ready to authenticate after

FW: Load balancing over two freeRADIUS Server

Hi, regarding the loadbalancing ... it is quite easy ( in theory ) why you don't put that 2 servers together in a cluster If you configure that right also the problem of swapping the requests is solved Let me know if you want to discuss further. Paul - List info/subscribe/unsubscribe

Re: One more question..

Drew Weaver wrote: is there a howto, or specific instructions available on how to make FreeRadius authenticate from a Mysql Database, and furthermore, can accounting information also be stored in this database? -Drew Sorry if it sounds like a personal attack it is not meant to be. BUT D

Re: FW: Load balancing over two freeRADIUS Server

[EMAIL PROTECTED] wrote: Most load balancers (ex: foundry and extreme switches) have various methods of hashing whether a connection goes to machine A or B (or C or D or ...). I was originally going to suggest changing the default hashing algorithm to something other than the default. Many