Hi Artur
Iam sending the server debug output file.
Iam trying to authenticate wireless users with XP system. My userbase is in
LDAP.
Any suggestion will be great. Thanks in advance.
radiusd -X -A*
Listening on IP address *, ports 1812/udp and 1813/udp, with pro
I'm terribly sorry, but i have to repost this message, as in more than a
week i didn't even receive a RTFM or something... Maybe it didn't even
reach the list, so here it is, the original message:
I am using freeradius 0.8.1 as a radius server for a certain realm and
as a proxy for all other req
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi all
Is anyone using rlm_perl?
I notice it is still experimental so am very hesitant to put it on a
production system but I would be interested to know how successfull it has
been and how efficient it is memory/cpu wise.
Cheers :)
--
Martin ([EMAIL PROTECTED])
ICQ# 748846
-
List info/subs
Date: Wed, 26 Mar 2003 08:59:45 -0600
To: [EMAIL PROTECTED]
From: Chris Parker <[EMAIL PROTECTED]>
Subject: Re:
Reply-To: [EMAIL PROTECTED]
At 11:56 AM 3/26/2003 +0530, Y Sreenivasulu wrote:
>Hi,
>I am using FreeRADIUS Server Version 0.7.1. The Server is cofigured for
>authentication types loc
First of all. Upgrade to v0.8.1. :)
If that doesn't work then try daemontools. I had a problem with
Freeradius crashing quite often on my FreeBSD system but installing
daemontools has resolved all problems.
http://cr.yp.to/daemontools.html
I think that there might be some specific instruction
I use freeRADIUS-0.7 under Solaris, only loaded rlm_detail and rlm_sql(driver is
oracle),
but it offten crash, I think maybe the problem is about pthread library.
below is the part of /usr/local/var/log/radius/radius.log :
Tue Mar 18 17:09:14 2003 : Error: rlm_sql: Couldn't insert SQL accounting
Hi all
I have a complex authentication problem to solve. The basics are 100,000+
users, 7 different billing systems, different realms and users not using
realm currently (7 separate radius systems). I need to bring these together
and do some authentication based on nas ip address, called id
Title: Hardcore Sex
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
It - I mean the startup script.
Sorry
On Wed, 26 Mar 2003, freeradius mailing list wrote:
> What's it look like? Can you paste it here?
>
> For the logging, what do you have for the following in radiusd.conf
>
> log_auth = no
> log_auth_badpass = no
> log_auth_goodpass = no
>
>
>
> On Wed, 26 M
What's it look like? Can you paste it here?
For the logging, what do you have for the following in radiusd.conf
log_auth = no
log_auth_badpass = no
log_auth_goodpass = no
On Wed, 26 Mar 2003, Squirrel User wrote:
> I created radius.sh in /usr/local/etc/rc.d and it runs manually from shell
>
Tons And Tons Of Free Movie Clips..Killer Ass Shots
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
After more research, I found that I could only get radius to work by
manually removing all the libraries from openldap-2.1.16 and rebuilding
an earlier release (in my case, I used 2.1.12) Just rebuilding and
reinstalling the two programs didn't work, as I said in my first post,
so some residual co
I created radius.sh in /usr/local/etc/rc.d and it runs manually from shell
(./radius.sh), but it won't when server is rebooted. What am I missing?
Also, does FreeRadius not log when using radtest? Only log I see is when
authentication fails. I would like to see whe user logged in and logged o
I only need access to the reply attributes, and only when they it's
an accept.
What's really weird is that I now can get the RP_GROUP_NAME attribute
but
Only when I set another attribute called SERVICE_TYPE ...
I just tried setting a number of attributes to see which ones show
up
When I add
Title: Round Robin
I have the ldflag in the proxy.conf file set to round_robin on all of the realms we have but the system is not doing a round robin on the servers. Has anyone got any idea why this might happen or am I using the wrong flag?
Thanks
Gene Parks
"Ron Wahler" <[EMAIL PROTECTED]> wrote:
> I can get access to the attributes if they are in the ACCESS-REQUEST,
> but not if they are in the ACCESS-ACCEPT.
Hmm... the reply attributes do exist in the data structure, so they
should be accessible to the 'exec' module.
> I tried adding this code a
-- Original Message --
From: Kostas Kalevras <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Date: Wed, 26 Mar 2003 21:11:50 +0200 (EET)
Why don't you do searchfor = "^###.+$" or something like that?
--
We did as you suggested and
YES, it does EXAC
I can get access to the attributes if they are in the ACCESS-REQUEST,
but not if they are in the ACCESS-ACCEPT.
I tried adding this code and the exec module, but I only get a subset of
the attributes.
The shell variables:
PWD=/usr/local/etc/raddb
CALLBACK_ID="my callback ID 8 SBR"
SHLVL
On Wed, 2003-03-26 at 15:56, Alan DeKok wrote:
>
> > The sole objective, at least from where I'm standing, is to pass
> > information about a user from a database (or equiv.) to apache.
>
> to *where* in Apache?
Ah, I understand. I assumed that Apache would provide an nice & easy
interface fo
Thanks, will give it a look.-
Best Regards
Carlos
-- Original Message --
From: "Alan DeKok" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Date: Wed, 26 Mar 2003 08:04:11 -0500
Look at the source to rlm_attr_rewrite.
Alan DeKok.
-
List info/subscr
Kostas,
Sorry we don't understand what is the meaning of this searchfor command.-
Perhaps it is what we are looking for.-
We know User-Name that we need to rewrite is ALWAYS "[EMAIL PROTECTED]" then the
searchfor will filter the packet we would like to modify but attr_rewrite replaces
ONLY the
hello
Currently I administer approximately 100 Cisco routers, switches and access
servers, every device uses radius authentication for access weather
accessed via async, ISDN or VTY. Access to VTY has in the past been
restricted solely by access-lists applied to the terminal lines. A
situatio
Josh Howlett <[EMAIL PROTECTED]> wrote:
> Forgive me, I don't follow. Why would Apache need to add information to
> a request?
It doesn't.
> The sole objective, at least from where I'm standing, is to pass
> information about a user from a database (or equiv.) to apache.
to *where* in Apach
On Wed, 2003-03-26 at 14:31, Alan DeKok wrote:
> Josh Howlett <[EMAIL PROTECTED]> wrote:
> > Might I suggest a general mechanism for implementing this, whereby
> > arbitrary and application-specific variable/value pairs are passed to
> > the WWW application within a 'generic' wrapper A/V? The auth
Margrete Raaum <[EMAIL PROTECTED]> wrote:
> We have configured freeradius-snapshot-20030310 with LEAP and using
> Cisco Aironet 350. We've done some modification,
... to what?
> and we're using rlm_smb
> to authorize and read the NThash from "/etc/smbpasswd".
Hmm... rlm_smb does SMB *protoc
Alan,
15xx msec means 1512 to 1532 milliseconds.
Even if I set reject_delay to something higher than 1.
If I set it to 0, I'll get normally a reject after 10 to 20 milliseconds
Regards
Stefan
"Stefan Auweiler" <[EMAIL PROTECTED]> wrote:
> If I configure radiusd.conf parameter 'reject_delay' to
Arnaud G <[EMAIL PROTECTED]> wrote:
> PS: I posted a message a while ago about proxying of request without
> User-name (RFC 2866 compliant), but it seems that nothing has changed in
> the realm code. What is the status?
The rlm_realm module WILL NOT be changed.
The rlm_realm module sets the
Title: mailer_SEP_02
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
We have configured freeradius-snapshot-20030310 with LEAP and using
Cisco Aironet 350. We've done some modification, and we're using rlm_smb
to authorize and read the NThash from "/etc/smbpasswd".
First time a user logs on, it works. If we "reset" the 802.11 card and
try to log on, it's fails in
Josh Howlett <[EMAIL PROTECTED]> wrote:
> I am quite interested in this concept of passing WWW-flavoured
> attributes to a WWW application via RADIUS.
>
> Alan has already pointed out that the need to prevent (i) re-defining
> existing attributes and (ii) not implementing site-specific attributes.
On Wed, 26 Mar 2003, Carlos Alejandro Aguero wrote:
> Thanks for pointing out our mistake.-
> But perhaps I didn't make clear the problem.-
> The replacewith string correctly replaces the searchfor string leaving the
> rest of the username as it is, but we need to CHANGE it completely.-
>
> If Use
"Ron Wahler" <[EMAIL PROTECTED]> wrote:
> How can I tell it to only run if it is ACCEPT, I don't want
> To run it if it is REJECT.
For now, poke at the source code to rlm_exec. In the function
exec_dispatch(), add near the top:
if (request->reply->code == PW__AUTHENTICATION_REJECT) {
ret
How can I tell it to only run if it is ACCEPT, I don't want
To run it if it is REJECT.
Ron.
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 26, 2003 6:31 AM
To: [EMAIL PROTECTED]
Subject: Re: Can RADIUS attributes pass through to Apache?
"Ron Wahle
"Ron Wahler" <[EMAIL PROTECTED]> wrote:
> Here's the problem:
> It looks like only attributes in the ACCESS-REQUEST create shell
> variables. I need the attributes in the ACCESS-ACCEPT to create
> Shell variables.
Use the 'exec' module.
exec my_exec_postauth {
wait = no
progr
Alan,
What I am trying to do is pass some attributes in a shell script.
I currently pass the USER_NAME to a shell script. I call it
In the users file with the following line.
Exec-Program = /usr/local/etc/raddb/authUser.sh
In the shell script I access $USER_NAME and pass the user name
3APA3A <[EMAIL PROTECTED]> wrote:
> I have updated MS-CHAP authentication to understand cleartext password
> to avoid authentication{} misconfiguration. But 50% of questions are
> because of misconfigured LDAP/SQL etc.
A substantial amount of questions are answered by "re-order mschap
in
sorry for the delay.
I've tried to install the certificate in the local machine store. It
worked for the Certificate Authority Root, but I don't know where to
install the private key certificate. I've tried to put it in the
Personal store. It works when I'm loging as a local admin, but it stil
"Carlos Alejandro Aguero" <[EMAIL PROTECTED]> wrote:
> If User-Name = ###myusername, we need that the NEW string that you helped us
> to write goes in that place.-
>
> What we are getting is:
> User-Name = $$$%{Stripped-User-Name}$%{Acct-Unique-Session-Id}myusername
>
> We need myusername left ou
Michael Hare" <[EMAIL PROTECTED]> wrote:
> My intent is to have all users use LDAP with or without chap, so I have
> this setup in my users file.
>
> DEFAULT Auth-Type := LDAP
The LDAP module doesn't know how to authenticate MS-CHAP requests.
Alan DeKok.
-
List info/subscribe/unsubscribe?
Josh Howlett <[EMAIL PROTECTED]> wrote:
> What's the best way of matching a realm on the basis of username but
> /without/ using a realm prefix/suffix?
...
> Is the only way of doing this by creating a realm per user?
I would suggest creating groups, and putting the users into them.
The groups c
Hi,
i'm novice of FreeRadius.
I've a problem;
i've 3 realms:
@1
@2
@3
for @1 and @2 i proxy the request to another radius, work !
for @3 (test realm) i want to connect any username with any password without
authentication.
I've check the proxy.conf and users file but he don't work, freeradius
re
Title: USA Escorts
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks for pointing out our mistake.-
But perhaps I didn't make clear the problem.-
The replacewith string correctly replaces the searchfor string leaving the
rest of the username as it is, but we need to CHANGE it completely.-
If User-Name = ###myusername, we need that the NEW string that you hel
"Ron Wahler" <[EMAIL PROTECTED]> wrote:
> I was thinking more of how Freeradius could assign a variable to an
> attribute from the access Accept message, in a proxy configuration.
...
> what file do I need to update to create the Attribute-name, I did add my
> own
> VSA file and added it to diction
Dear Michael Hare,
Send complete log for request processing.
--Wednesday, March 26, 2003, 8:06:43 PM, you wrote to [EMAIL PROTECTED]:
MH> Thanks for your continued help.
MH> Yup, if you mean the following configs, already there!
MH> mschap {
MH> ...
MH> ...
MH>
Thanks for your continued help.
Yup, if you mean the following configs, already there!
mschap {
...
...
# authtype value, if present, will be used
# to overwrite (or add) Auth-Type during
# authorization. Normally sho
I was thinking more of how Freeradius could assign a variable to an
attribute from the access Accept message, in a proxy configuration.
Variables.txt talks about using attribute as follows:
%{Attribute-Name} Corresponding value for
Attribute-Name
Dear Alan DeKok,
I have updated MS-CHAP authentication to understand cleartext password
to avoid authentication{} misconfiguration. But 50% of questions are
because of misconfigured LDAP/SQL etc. I think it's time to update all
examples in documentation and configuration to include := ope
Arnaud G <[EMAIL PROTECTED]> wrote:
> The octets doesn't work either (get same result with integer) to decode
> this field.
> I get this: IMSI = 0x24076301002058f6
> where I should read: 247036100020856
Are you sure?
WHERE should it "read" this? Why do you think the value is wrong?
Did you
Dear Michael Hare,
Either your LDAP is not configured to add User-Password attribute to
configuration (:= operation should be used) or mschap module is not
configured to set Auth-Type to MS-CHAP (see module configuration).
--Wednesday, March 26, 2003, 7:47:48 PM, you wrote to [EMAIL PROT
"Ron Wahler" <[EMAIL PROTECTED]> wrote:
> Is there a way to define internal variables "USER_GROUP" for a VSA like
> the
> $USER_NAME variable. I could then pass it to a shell script to user for
> group authentication.
Not that I know of. The internals of Apache are pretty magic, and
not that we
Alan-
Thanks for the update. I do admit I need to read about it and learn some
more.
Thanks-
-Michael
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Michael Hare
UW-Madison/WiscNet Network Engineering
My phone: 608-262-5236
24-Hour NOC: 608-263-4188
WiscNet: 608-265-6761
-Original Message
"Andrew Grimmett" <[EMAIL PROTECTED]> wrote:
> The users that are setup on my Radius server 8.1 are being authenticated
> against the system /etc/shadow file. The passwords have aging of 180
> days, after the 180 days if a user authenticates through the radius
> server it still allows them to login
Hello-
Yes, I've seen that advice many times on the mailing list, however, I do
have that setup already.
authorize {
preprocess
attr_filter
suffix
files
ldap
chap
mschap
force_username
}
authenticate {
authtype PAP {
Dear Guy Warner,
This line simply notifies you there is no authentication schema may be
used for packet (for MS-CHAPv1 both LM and NT authentication is
available, for MS-CHAPv2 only NT and it fails in your case). Packet
corruption is most unlikely from all variants.
--Wednesday, M
"Michael Hare" <[EMAIL PROTECTED]> wrote:
> I'm in the initial stages of understanding and trying to set up our LDAP
> auth environment (storing plaintext passwords) with MSCHAP.
With the amount of confusion over MS-CHAP, I think I will tear the
guts out of rlm_mschap, and simplify it, so that i
"Stefan Auweiler" <[EMAIL PROTECTED]> wrote:
> If I configure radiusd.conf parameter 'reject_delay' to '0' then I will get
> the reject emidiatly.
> For any other allowed settings I will get the reject after 15xx msec. Is
> ther an other setting, which I have to check?
What is "15xx msec" ?
"Carlos Alejandro Aguero" <[EMAIL PROTECTED]> wrote:
> We need to change the User-Name according to following rules:
> -All User-Name starting with "###"
> -Change by: "$$$"+%{Stripped-User-Name}+"$"+%{Acct-Unique-Session-Id}
OK...
> attr_rewrite fixusername {
> Attribute =
Thanks for the fast replies. The line
Debug: rlm_mschap: Nothing in the packet I recognise: Rejecting the user
makes me believe the packet is corrupted. Is there any way to test this. My
suspicion is that the packet is being corrupted by the proxy server, however
since this is running a dedicat
Hi,
I've tryied without '@', and it worked fine.
I'll do a revision on my FreeRadius REALM settings.
Thanks a lot for your help!
Abraços,
Igor
--
[EMAIL PROTECTED]
- Original Message -
From: "3APA3A" <[EMAIL PROTECTED]>
To: "Igor Maciel Macaubas" <[EMAIL PROTECTED]>
Sent: Wednesday, Mar
Guy,
Do the LDAP server logs show anything?
josh.
On Wed, 2003-03-26 at 16:10, Guy Warner wrote:
> Hi
>
> I am trying to set up a Freeradius 0.8.1 server to authenticate users with
> MS Chap v2. The information about each user is obtained from an LDAP server.
> The requests for authentication a
Dear Guy Warner,
Authentication fails because of username or password mismatch. It may be
if packet is corrupted, if realm is not stripped from username or
password contains non-ASCII characters.
--Wednesday, March 26, 2003, 7:10:32 PM, you wrote to [EMAIL PROTECTED]:
GW> Hi
GW> I am try
Hi
I am trying to set up a Freeradius 0.8.1 server to authenticate users with
MS Chap v2. The information about each user is obtained from an LDAP server.
The requests for authentication are being received via a proxy server.
The problem is that all requests to authenticate a user result in
Title: DVD Buddy
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Dear "Daniele Brevi",
Read RFC 2548.
MS-CHAPv2 is implemented in FreeRADIUS (src/modules/mschap).
--Wednesday, March 26, 2003, 7:00:46 PM, you wrote to [EMAIL PROTECTED]:
DB> Hi at all,
DB> someone known how I can understand the method that use IAS for decode and building
ms-chap
DB> packe
Hi at all,
someone known how I can understand the method that use IAS for decode and building
ms-chap
packet it follow the rfc 2759 and 1994.
(I'm developing PEAP ms-chapv2 for linux but IAS don't response at my message)
Thanks for all your time and I hope it's not too off topic
Daniele
-
Lis
Dear Michael Hare,
In authorize section mschap should follow the module retrieving user's
password (for example ldap).
--Wednesday, March 26, 2003, 6:26:01 PM, you wrote to [EMAIL PROTECTED]:
MH> All-
MH> I'm in the initial stages of understanding and trying to set up our LDAP
MH> auth envir
This morning I upgraded my ldap server to the latest revision (from
openldap-2.1.12 to openldap-2.1.16). Then restarted radius (freeradius
v 0.8.1) and was surprised by a slew of errors in my radius.log file.
They were:
"Error: rlm_ldap: All ldap connections are in use"
and
"Error: Dropping p
I also see a need to pass VSA's in the Access-Accept to something like a
web server.
Is there a way to define internal variables "USER_GROUP" for a VSA like
the
$USER_NAME variable. I could then pass it to a shell script to user for
group authentication.
Thanks,
Ron.
-Original Message
The users that are setup on my Radius server 8.1 are being authenticated
against the system /etc/shadow file. The passwords have aging of 180
days, after the 180 days if a user authenticates through the radius
server it still allows them to login, ignoring the expiration of the
password. How do y
Hi,
I had this problem once, but I can't
remember how I did fix it. All I remember is that it comes from openssl.
Check if you have the right links between libcrypto.so,libcrypto.so.0 and
libcrypto.so.0.9.7 and also between libssl.so libssl.so.0 and libssl.so.0.9.7
I also advice oyu to install
All-
I'm in the initial stages of understanding and trying to set up our LDAP
auth environment (storing plaintext passwords) with MSCHAP. We're using a
Cisco 30xx VPN concentrator.
I've read the rlm_mschap doc in the docs/ subdir, and I think I have my
radius config setup OK. However, I'm start
All,
If I configure radiusd.conf parameter 'reject_delay' to '0' then I will get
the reject emidiatly.
For any other allowed settings I will get the reject after 15xx msec. Is
ther an other setting, which I have to check?
My environment:
SuSe 8.1, FreeRADIUS 0.8.1
Test with NTRadPing
Thanks
Ste
All,
If I configure radiusd.conf parameter 'reject_delay' to '0' then I will get
the reject emidiatly.
For any other allowed settings I will get the reject after 15xx msec. Is
ther an other setting, which I have to check?
My environment:
SuSe 8.1, FreeRADIUS 0.8.1
Test with NTRadPing
Thanks
Ste
Frederic Jacquet wrote:
Hello
try to remove every text before -BEGIN... and END CERTIFICATE - as the logs tell you
Didn't really help. And now I am not sure if the radiusd needs the
private key for server.pem, and for that matter root.pem.
Does anyone know?
Cheers
My 2 eurocent
At 11:56 AM 3/26/2003 +0530, Y Sreenivasulu wrote:
Hi,
I am using FreeRADIUS Server Version 0.7.1. The Server is cofigured for
authentication types local and EAP. When I send an Access_Request
with only user-password and NAS-Identifier, the Server is sending
Access_Reject
to the client. What auth
At 03:05 PM 3/26/2003 +1100, [EMAIL PROTECTED] wrote:
hello
Currently I administer approximately 100 Cisco routers, switches and
access servers, every device uses radius authentication for access weather
accessed via async, ISDN or VTY. Access to VTY has in the past been
restricted solely by a
Hi All,
I'm trying to get FreeRadius to work with my
wireless Avaya Access Points. Is anyone else doing this? There's very little
documentation from Avaya regarding wireless, and I'm hoping to get any leads at
all!
Thanks
Matt AshfieldNetwork Analyst -
ITSUniversity of New Brunswick(50
On FreeRadius-0.8.1,
What situation will lead to radwho doesn't
show the location info of supplicant ?
In my case, nester & martin have their own IP addr.
Regards,
nester
[EMAIL PROTECTED] bin]# ./radwho -r
Login Name What TTY When From Location
nester,nester,shell,
> From: Manuel Sánchez Cuenca
>
> Hello, it is possible to create a eaptls connection with a
> client without a client certificate??
The EAP-TLS RFC allows this (if and only if the client is
authenticated by means other than TLS). However, the FreeRADIUS
implementation requires mutual TLS-authen
Hello, it is possible to create a eaptls connection with a client without a client
certificate??
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi All,
We are running a FreeRadius 0.8 box as a Proxy Server.-
We need to change the User-Name according to following rules:
-All User-Name starting with "###"
-Change by: "$$$"+%{Stripped-User-Name}+"$"+%{Acct-Unique-Session-Id}
We understand that it should be done by attr_rewrite modu
Hello
try to remove every text before -BEGIN... and END CERTIFICATE - as the
logs tell you
My 2 eurocents
Fred
--
Selon Project Manager <[EMAIL PROTECTED]>:
> Hi all,
>
> I've been getting mad with setting up Freeradius for EAP/TLS. Mainly the
> problems seem with OpenSSL.
>
hi
that's not very correct. eap/md5 is still supported for wired links for
as much as i know. please provide input on that topic.
ciao
artur
Marco Teixeira wrote:
Do you have Service Pack 1 on XP ? If you do,
you should know that after XP SP1, microsoft
no longer supports EAP/MD5. Instead you sh
please provide server debug output.
we can't help you without.
read http://www.freeradius.org/doc/EAP-MD5.html
ciao
artur
Narasimha Reddy Gujja wrote:
Hi All
I have enabled MAC based authentication for my wireless network using RADIUS
and LDAP. Now I want to authenticate using EAP.
I have serv
Hi all,
I've been getting mad with setting up Freeradius for EAP/TLS. Mainly the
problems seem with OpenSSL.
My setup is:
* openssl-0.9.7a
* freeradius-snapshot-20021028
I have the certificates generated now and checked with ./CA.sh -verify
.pem and the verification exited with OK. So me co
i have this problem in a last time and now i can work fine with this config.
radius server user files.
jack Auth-Type := Accept
Service-Type = Framed-User,
Framed-Protocol = PPP,
Session-Timeout=1815,
Idle-Timeout = 1825
Hi,
I am using radius version 0.7 (stable) with mysql and a CISCO 3640 as NAS.
The configuration work fine but I deal with a problem lately with Timeout
attributes. Here is an examples:
Radius Access-Accept packet attributes:
Port-Limit = 1
Framed-Protocol = PPP
Framed-Pool = 255.255.255.254
No nokia is not using vendor specific definition, don't ask me why!
The octets doesn't work either (get same result with integer) to decode
this field.
I get this: IMSI = 0x24076301002058f6
where I should read: 247036100020856
Do you think I should add a new type definition in the code?
Thanks,
What's the best way of matching a realm on the basis of username but
/without/ using a realm prefix/suffix?
ie. user1 -> realm1
user2 -> realm1
user3 -> realm2
user3 -> realm2
Is the only way of doing this by creating a realm per user?
thanks, josh.
--
-
Hi!
I'm new to freeradius and eap. So sorry for may be a stupid question.
I'm using:
OpenCA 0.9.1.1 for issuing certificates
freeradius-snapshot-20030324 with openssl-SNAP-20030323 as Radius server
*Cisco 350 Series AP 12.02T1* as wireless AP
xsupplicant-0.6 with openssl-9.7a as a 802.1x client.
radius=> select * from radcheck;
id | username | attribute | value | op
+--+---+-+
1 | den | Password | fuflo | :=
2 | steve| Password | testing | :=
radius=> select * from radgroupcheck;
id | groupname |attribute|value| op
+
Dear Igor Maciel Macaubas,
Can you try to use usernames without '@'? '@' and domain has a meaning
of realm in RADIUS and needs special processing.
--Tuesday, March 25, 2003, 8:19:52 PM, you wrote to [EMAIL PROTECTED]:
IMM> Hi,
IMM> I did it, and the error message changed. The error "Error: rl
94 matches
Mail list logo