Have you tried running the radius server in
debugging mode?
Try radiusd -X -A and please send the
output. And give the details of the radiusd.conf and users
file.
Atanu DasSystem DevelopmentSS NetCom Pvt
Ltd.DhankhetiShillong-793003Ph: 91+361+2502355/2223741Visit us
at: http://www.ssnetco
Hi,
Attaching the two files, one with a authentication from the local users
file, the other from the LDAP. The reply packet (Access-accept) seems to be
the differentiation, though I am not a RADIUS expert.
Anindya
- Original Message -
From: "freeradius mailing list" <[EMAIL PROTECTED]>
To
Hi,
Attaching the two files, one with a authentication from the local users
file, the other from the LDAP. The reply packet (Access-accept) seems to be
the differentiation, though I am not a RADIUS expert.
Anindya
- Original Message -
From: "freeradius mailing list" <[EMAIL PROTECTED]>
To
> Yes, I did add radiusPortLimit as a replyitem in the ldap.attrmap file. The
> entry looks like this:
>
> replyItemPort-LimitradiusPortLimit
>
> No luck still :-(,
>
> Anindya
I had a problem similar to that a few days ago, so I may be able to help.
Can you send a copy of
Hi,
Yes, I did add radiusPortLimit as a replyitem in the ldap.attrmap file. The
entry looks like this:
replyItemPort-LimitradiusPortLimit
No luck still :-(,
Anindya
- Original Message -
From: "freeradius mailing list" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
S
Hello Sir,
we do have freeradius server in Redhat 6.1 , in
radacct our radius server sending
the multiple user entry because of that we the
billing not works properly and
our log file size increased continuosly... and user
billing going wrong ..so can
u guide us what is the problem , how
Hello Sir,
we do have freeradius server in Redhat 6.1 , in
radacct our radius server sending
the multiple user entry because of that we the
billing not works properly and
our log file size increased continuosly... and user
billing going wrong ..so can
u guide us what is the problem , how i
In radacct our radius server is sending multiple
entry of the users per minute
so we can't do billing properly , on which way the
problem occurs.
thanking you ...
raaj
Title: HOT GRIZZLE WITH CLAM SAUCE!
I've never seen so many of my girl friends getting so sloppy and sticky!
I love my sorority!
I think I'll go back for seconds!
wanna join?
-'Becca
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I think it's possible by cheating... although I have not tested it.
Inside the exe-program-wait sh script, call your php file and pass the
variables to it
Chhai
-Original Message-
From: Eric [mailto:[EMAIL PROTECTED]
Sent: Thursday, 13 March 2003 8:05 PM
To: [EMAIL PROTECTED]
Subject:
Excellent! This is working now mostly.
The Firebox successfully authenticates via MS-CHAP with data stored in LDAP.
One last problem.
The Firebox requires the users to be members of a group called
pptp_users. I've added an LDAP attribute of radiusGroupName with a
value of pptp_users to m
Check Out The Pictures Of My X - Wife. That Biatch Thought She Got The Last Laugh! Ha Ha Ha!!!
She Didn't Realize I Still Had All The Photos From The HoneyMoon. Check Them out for Free.
Forward This To Everyone You Know! Ha Ha Ha
-
List info/subscribe/unsubscribe? S
hi
> When using the EAP attributes ( Radius has the "EAP Start" packet for the client to indicate to the radius
> server about the start of an authentication handshake. Now, the server can
> send a response packet with the "Session-Timeout" attribute optionally
> included in its response, indicat
Simon,
Just wanted to say thanks a ton for helping me, it works like a charm now.
Beat my head against it for weeks and searched dilligently on Google to no avail.
Also, FreeRADIUS is a great project, keep up the good work.
Thanks,
Jeremy
-
List info/subscribe/unsubscribe? See http://www.fre
Hi
I had a general question regarding the behavior of an RADIUS server in the
following scenario:
When using the EAP attributes (http://www.geocities.com/prashthy
==
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Does anyone know why if the user does not authenticate
in LDAP the group overrides it and lets it though.
How can I turn off the group authenticate?
I took out the group check….
# groupname_attribute = cn
# groupmembership_filter = "(|(&(objectClas
Title: Untitled Document
Now Even I Have Videos...
Remember, You Have 30 Minutes For Free
Btw, My Sister Is The One With The Blonde Landing Strip
Carla
This Email Brought To You By Carla's
Corner and AFS
-
List info/subscribe/unsubscribe? See http://ww
-"Davide Beligni" <[EMAIL PROTECTED]> wrote:
> like Francois Atalla, I'm interested in developing a module for EAP-SIM
> support...
> Is there any known implementation of such a module?
I doubt it. The protocol is under active development.
> I'm a newbe as freeRADIUS developer and building rl
Artur Hecker <[EMAIL PROTECTED]> wrote:
> but there is a practical issue. i think that freeradius proxying is
> currently largely based on the User-Name (all the configuration for
> proxying and next server is based on realms which are suffixes or
> prefixes of the User-Name). so, it is very logica
Andrey Lakhno <[EMAIL PROTECTED]> wrote:
> How can I distinguish calling context (acct, auth or post-auth) in
> 'detail_print' function ?
You pass them as parameters.
detail_print(filename, VALUE_PAIR *pairs_to_print)
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freerad
I would like to use attr_rewrite with a conditional associated with it. I
was hoping maybe someone has done this before or may have an idea on an
alternate solution.
For example, say I now have the following:
attr_rewrite nodomain {
attribute = Realm
search
Did you add radiusportlimit to the ldap.attrmap file as a reply item?
On Thu, 13 Mar 2003, Das, Anindya Kishore wrote:
> Hi All,
>
> I have been trying to get Freeradius to authenticate users against the
> entries in my OpenLDAP directory with individual user rights. My setup
> requires that I h
Hi All,
I have been trying to get Freeradius to authenticate users against the
entries in my OpenLDAP directory with individual user rights. My setup
requires that I have a port-limit set up on each user when they register and
I am trying to get this information passed from the LDAP directory to t
At 01:20 PM 3/13/2003 +0100, [EMAIL PROTECTED] wrote:
Hi again,
I don't want to add another proxying principle as the current one fullfill
my requirement, but I don't see why you should drop packet not
containing a User-Name field. From my point of view it should fall in the
NULL , or the DEF
Hi list,
i'm trying to figure out how to access the authentication variables, i.e.
the Called-Station-id, the idea is to check the destination number in a
cisco h323 voip prepaid solution, a script will look into a mysql table for
the prefix of the Called-Station-id and calculate the h323-credit-ti
I am tring to get radius to authenticate to sql and i ma having trouble.
I have include a copy of my radiusd.conf starting at the authorize
section. If anyone could give me some ideas on what i might be doing
wrong and help would greatly be apreacited
Thanks,
Travis Best
authorize {
pr
At 10:39 AM 3/13/2003 -0500, Patrick McShane wrote:
Hello,
I was wondering if anyone had a specific recipe for creating a solid
FreeRadius build on Solaris 7, 8, and 9. We have some big iron 64bit
multi-CPU UltraSparc systems that we would like to try FreeRadius on.
Here's the question:
Given th
Hello,
I was wondering if anyone had a specific recipe for creating a solid
FreeRadius build on Solaris 7, 8, and 9. We have some big iron 64bit
multi-CPU UltraSparc systems that we would like to try FreeRadius on.
Here's the question:
Given that we would be starting with FreeRadius v0.81, Sola
>> id user-name attribute op password
>> radcheck VALUES("1","vasili","Password","==","c940ff4dbb2a408e82895b3a70b1a5ba");
S> The op field for Password should be :=
>> id groupattribute op value
>> radgroupcheck VALUES("1","users","Auth-Type",":=",
On Thu, Mar 13, 2003 at 04:59:19PM +0200, Vasili G. Yanov wrote:
> S> Like the server says, the pairs sent to server don't match what's in
> S> your sql tables. Do you have anything in radcheck/radgroupcheck
> S> associated with the user vasili that isn't included in the request?
>
>
S> Like the server says, the pairs sent to server don't match what's in
S> your sql tables. Do you have anything in radcheck/radgroupcheck
S> associated with the user vasili that isn't included in the request?
id user-name attribute op password
radcheck VALUES("1","vasili","Pas
On Thu, Mar 13, 2003 at 04:21:26PM +0200, Vasili G. Yanov wrote:
> Nothing to do. Sleeping until we see a request.
> rad_recv: Access-Request packet from host 127.0.0.1:1048, id=219, length=64
> User-Name = "vasili"
> User-Password = "xxx"
> Service-Type = Framed-User
>
hi
> challenge. EAP-MD5 specifies that supplicant, replying to the server
> at the challenge, carries out a hash on the password and sends it to
> the server. The server performs a hash on the password for that
> supplicant in its database and compares the two hashed values. If
> there's a matchin
I can now connect and query an Active
Directory, but I’m not sure what
Results I am getting back from the LDAP
query to Active Directory. The
Authentication fails.
Is there a way to get the results of the
query to print out ? also the passwords
And what was different ?
Thanks,
Hi,
thanks your help I think I'm on the right way to get my system run. Now the algorithm
seems start but there are problem on the challenge. EAP-MD5 specifies that supplicant,
replying to the server at the challenge, carries out a hash on the password and sends
it to the server. The server perf
S> Try changing Authtype to Auth-Type .
S> If that doesn't help send the output of radiusd -X when you try logging
S> in.
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 127.0.0.1:1048, id=219, length=64
User-Name = "vasili"
User-Password
On Thu, Mar 13, 2003 at 03:43:53PM +0200, Vasili G. Yanov wrote:
> Table radgroupcheck:
> id - 1, GroupName - users, Attribute - Authtype, op - :=, Value = MD5
Try changing Authtype to Auth-Type .
If that doesn't help send the output of radiusd -X when you try logging
in.
--
Simon
-
List inf
help
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>> S> authenticate {
>> S> authtype MD5 {
>> S> md5
>> S> }
>> S> }
>>
>> S> And set auth-type := MD5 in your sql tables.
>> S> That should work.
S> Why? I just tested it locally and it worked fine.
Table radgroupcheck:
id - 1, GroupName - users, Attribute - Aut
On Thu, Mar 13, 2003 at 02:59:54PM +0200, Vasili G. Yanov wrote:
> This doesn't work.
>
> S> authenticate {
> S> authtype MD5 {
> S> md5
> S> }
> S> }
>
> S> And set auth-type := MD5 in your sql tables.
> S> That should work.
Why? I just tested it locally and it w
Dear Jay Lyerly,
You better add radiusAuthType attribute in your LDAP schema with value
of MSCHAP for MS-CHAP users.
--Thursday, March 13, 2003, 3:53:34 PM, you wrote to [EMAIL PROTECTED]:
JL> Okay. That sounds like it should work. In fact, I tried that, but I
JL> don't quite understand the
Hello,
How would I go about it?, I have people interested in calling Jarkata and
indonesia in general, let me know you requirement.
Omollo
- Original Message -
From: "Novel-Dahsyat" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 18, 2002 11:18 AM
Subject: Trafict
This doesn't work.
S> authenticate {
S> authtype MD5 {
S> md5
S> }
S> }
S> And set auth-type := MD5 in your sql tables.
S> That should work.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hi
I don't want to add another proxying principle as the current one
fullfill my requirement, but I don't see why you should drop packet
not containing a User-Name field. From my point of view it should fall
in the NULL , or the DEFAULT case (same way as packet not containing a
realm) can y
Okay. That sounds like it should work. In fact, I tried that, but I
don't quite understand the file format of radiusd.conf yet. Do I put in
the line
authtype= MS-CHAP
in the config file? If that's right, where does it go?
thanks,
jay
> Dear Jay Lyerly,
>
> Remove mschap from authorize
Hi again,
I don't want to add another proxying principle as the current one
fullfill my requirement, but I don't see why you should drop packet
not containing a User-Name field. From my point of view it should fall
in the NULL , or the DEFAULT case (same way as packet not containing a
realm
Hi,
like Francois Atalla, I'm interested in developing a module for EAP-SIM
support...
Is there any known implementation of such a module? I'm a newbe as
freeRADIUS developer and building rlm_eap_sim from the scratch is a hard job
;-)...
It seems EAP-SIM will be RFC'zed this June and there is an i
hi
> hi
>
>
> > I'm using FreeRADIUS and OpenSSL for EAP-TLS authentication. It's
working
> > correctly, but I don't know how to configure FreeRADIUS to enable CRL
> > (Certificate Revocation List).
>
> i think it's not possible for the moment.
>
>
> > I make a client's certificate signed by CA an
On Thu, 13 Mar 2003 11:32:52 +0100
Simon <[EMAIL PROTECTED]> wrote:
>
> Hmm, the mysql module seems to ignore the port that's passed to it via
> the configuration files.
>
> I've included an (untested) one line fix against current cvs that
> should help. It applies to 0.8.1 also.
>
> Does this
hi!
you are right that the RFC permits 0-1 occurencies of the User-Name
attribute.
I'm not sure about this but the RFC 2866 also explicitly states that the
proxying should be done in the same manner as with usual RADIUS packets:
RFC2866:
2.1. Proxy
See the "RADIUS" RFC [2] for information
On Thu, Mar 13, 2003 at 05:21:24AM -, Jeremy Brown wrote:
> So, after all this rambling, I guess my question is: Is there anyway to get
> the server to md5 hash the password before doing the MySQL query? I believe
> this would solve all my problems.
Try:
modules {
[stuff]
pap
On Thu, Mar 13, 2003 at 10:08:46AM +0100, Nils Rønhovde wrote:
> Regrettably a snoop on my MySQL-server reveals that the mysql module uses the
> default mysql port:
>
> radius-server -> mysql-server TCP D=3306 S=52117 Rst Seq=4288337583 Len=0 Win=24820
>
> Has anyone tried using a non-standard p
Hello,
We are trying to use the freeradius as a proxy server for another
network element but we have the followin issue:
The realm code is the following:
if ((request->proxy != NULL) ||
(request->username == NULL)) {
DEBUG2("rlm_realm: Proxy reply, or no user nam
It is possible on not?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Thu, 13 Mar 2003 09:09:32 +0100
Nils Rønhovde <[EMAIL PROTECTED]> wrote:
>
> radius-server> /local/db/mysql/3.23.43/bin/mysql -P15022
> -h10.122.95.163 -uradius -pradius radius Reading table information for
> completion of table and column names You can turn off this feature to
> get a quicker
Dear Lucian D Hule,
read doc/rlm_mschap and doc/rlm_sql
--Thursday, March 13, 2003, 3:21:23 AM, you wrote to [EMAIL PROTECTED]:
LDH> Knows anyone, hot to use freeradius with MSCHAPv2 scheme and mssql (wich is on
Windows - MS SQL server, differet machine on lan network)
LDH> or does anyone has a
Dear Jay Lyerly,
Remove mschap from authorize section (you don't need it to be in
authorize) and set Auth-Type for user to MSCHAP (you have Auth-Type LDAP
instead of MSCHAP).
--Thursday, March 13, 2003, 1:21:02 AM, you wrote to [EMAIL PROTECTED]:
JL> Hi,
JL> I'm trying to set up a radiu
On Wed, 12 Mar 2003 15:02:38 -0500
"Matt Simpson" <[EMAIL PROTECTED]> wrote:
> What operating system and what version are you using. I ran into a
> similar problem with a fresh install of RedHat 8.0 and MySQL with
> glibc. Aparently when you connect to MySQL via anything but localhost
> it crashes
59 matches
Mail list logo