Anybody? I must stupid or blind (or maybe even both)
since this sounds trivial and I can't figure this out!
--- Sepp Rudel <[EMAIL PROTECTED]> wrote:
> I'm probably missing something very obvious since I
> can't figure out the following: I've set up
> roaming/proxying scene where NAS sends
> Acces
I try to use this module but the debug wirte:
rlm_sql (sql): Released sql socket id: 4
modcall[authorize]: module "sql" returns ok
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module "noresetcounter" returns noop
rlm_s
That was indeed it! It was set to system, changing it to Local worked! I'm
finally done, and many many thanks to this list!
> On Wednesday 18 June 2003 4:18 pm, Jeff Thompson - World Net Technical
> Support wrote:
>> Ok I got freeradius-0.8.1 installed! ... but now mysql is not
>> authenticating
On Wednesday 18 June 2003 4:18 pm, Jeff Thompson - World Net Technical Support
wrote:
> Ok I got freeradius-0.8.1 installed! ... but now mysql is not
> authenticating users...
>
> I get the following error from radiusd -X:
> rad_recv: Access-Request packet from host 204.57.72.47:1026, id=33,
> len
not after SP1
"Mauricio Rocael García Ocaña" wrote:
>
> xp, XP 802.1X client support EAP/MD5 for wireless links, only need you,
> setup this, in authentication,
>
> we try
> att.
> Mauricio
> - Original Message -
> From: "Artur Hecker" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Se
Ok I got freeradius-0.8.1 installed! It was indeed a malfunctioning
linker, so I backed up all of my configs and reinstalled FreeBSD. I
compiled mysql4 and freeradius8 without any problems, but now mysql is not
authenticating users...
I get the following error from radiusd -X:
rad_recv: Access-Req
In an earlier post which unfortunately elicited no responses I outlined
my problem with muliple Cisco accounting VSA's of the form
Cisco-Service-Info = 'Xstring' where 'X' represents a 'sub' catagory.
My problem is to store a particular attribute in my SQL log, but I have
no means to distinguis
Sorry for the previous posting, it was with some HTML lines.
I'm trying to use net-snmp V5.0.8 to get information from my free-radius
server (V 0.8.1).
I did the following:
Compiled radius server with --enable-snmp option
net-snmp was compiled with SMUX option module
Radius MIBS are accessible by
When you built rlm_ldap, you needed some sort of LDAP library for
it. Usually, this is OpenLDAP. If you used something else, I'm not
sure what to tell you. In my case, I built FreeRadius and the rlm_ldap
module at the same time. I don't know what you did. I didn't install
a certificate on the
Title: Radius does not try to register with SMUX
I'm trying to use net-snmp V5.0.8 to get information from my free-radius server (V 0.8.1).
I did the following:
Compiled radius server with --enable-snmp option
net-snmp was compiled with SMUX option module
Radius MIBS are accessible by the
I try to do a veeery simple radius+perl setup
Im running that issue for 2 days (each time i fix
a small step) but now im stuck in one point...
--DEBUG-
Module: Loaded perl
perl: cmd = "(null)"
perl: persistent = "(null)"
Segmentation fault
I'm new i
At 02:29 PM 6/18/2003, you wrote:
Hi,
I having the following error: Unknown attribute SQL-
User-Name When Authenticating using a MySQL Database.
Here is the output of radiusd -X :
[/usr/local/etc/raddb/users]:1 WARNING! Check
item "Simultaneous-Use" ?found in
reply item list for user "bibo". ?T
Hi,
I having the following error: Unknown attribute SQL-
User-Name When Authenticating using a MySQL Database.
Here is the output of radiusd -X :
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including
file: /usr/local/etc/raddb/proxy.conf
Config:
Try: Called-Station-Id =~ "0010$"
Or some other nice regex.
You could also use huntgroups, that limits the number of entries in your
users / acct_users files...
Regards,
Chris
On Wed, 2003-06-18 at 20:56, Scotty B. Lowe wrote:
> Ossama Suleiman wrote:
>
> > you should add your entry not to the
> xp, XP 802.1X client support EAP/MD5 for wireless links,
> only need you, setup this, in authentication,
Actually XP 802.1x client used to support EAP-MD5. Installation
of Service Pack 1 removed EAP-MD5 support for me (it added
support for PEAP). EAP-MD5 is not recommended as its not safe
a
Ossama Suleiman wrote:
you should add your entry not to the users file but to acct_users file:
DEFAULTCalled-Station-Id = "8145550010", Proxy-To-Realm :=
"realm.net"
hope that helps
regards,
ossama
Thanks a million Ossama.that got it! The only other question I have
is about the
Hi!
> On _2003-06-18 at 13:55, Michael Chernyakhovsky wrote:
>> Just now i try recompile my perl with USE_ITHREADS.
>> no results. radiusd fault after kill -HUP.
>>
> Send output from radiusd -xxx or -X perl -V and gdb trace
>> Mike.
I'm really sorry. I was mistaken :(
perl looks good. troubl
xp, XP 802.1X client support EAP/MD5 for wireless links, only need you,
setup this, in authentication,
we try
att.
Mauricio
- Original Message -
From: "Artur Hecker" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 18, 2003 11:29 AM
Subject: Re: EAP/MD5
>
> hello
>
>
>
hello
> does it make sense to have a users file with MD5 passwords and try to
> authenticate XP wireless clients ?
> (configuration is 801.x wireless LAN 3com client, 3COM Access Point and
> linux freeradius server).
almost. the users file has to contain clear text passwords, because
otherwise
The OpenLDAP build was part of the freeradius build or did you do them
separate? Our LDAP is not on the server it is on another box.
How did you get the certificates installed?
How did you get them to validate?
-Original Message-
From: Owen DeLong [mailto:[EMAIL PROTECTED]
Sent: Wedn
Hi,
does it make sense to have a users file with MD5 passwords and try to
authenticate XP wireless clients ?
(configuration is 801.x wireless LAN 3com client, 3COM Access Point and
linux freeradius server).
if it does what should be the values of the attributes Auth-Type and
User-Password in
One thing to do is make sure you have the bad-password delay timer set to a
good value (3-5 seconds or so). This won't help much if the hacker is using
a threaded process to generate the packets however.
Since it is coming from a server you have authorized, there is not a lot you
can do with a fi
No... The OpenLDAP libraries used to build Freeradius already handle
all of that for you. At least in my case, it just worked, except for
that niggling issue of the self-signed certificate. If your LDAP
server is already set up to handle SSL connections, that should be
all you need.
Owen
--On We
_
Do You Yahoo!?
Información de Estados Unidos y América Latina, en Yahoo! Noticias.
Visítanos en http://noticias.espanol.yahoo.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello all,
How can I prevent to be flooded by RADIUS packets from an IP address?
At first, I tried to deny the 1812/1813 ports from all IP's which does not
have any RADIUS relation to my RADIUS Server using access lists. But then I
found the case, where I have to open the Ports to an external down
Yes, but how do you set up the SSL tunnel and get the certificates to
validate to the LDAP server? are you using stunnel ?
Ron.
-Original Message-
From: Owen DeLong [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 18, 2003 9:55 AM
To: [EMAIL PROTECTED]
Subject: RE: RADIUS + LDAP + TLS
Y
Yes... Don't remember exactly where I found it, but, if you have LDAP
working, then it's just a matter of adding a port=669 phrase to the
configuration file (radiusd.conf) where you specify the ldap server.
Owen
--On Wednesday, June 18, 2003 9:40 AM -0600 Ron Wahler
<[EMAIL PROTECTED]> wrote:
Is
Is there a description someplace that would show how
to setup an SSL connection from Freeradius to an external LDAP database.
Thanks,
Ron.
-Original Message-
From: Owen DeLong [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 18, 2003 9:05 AM
To: [EMAIL PROTECTED]
Subject: Re: RADIUS + LD
eManager Notification *
The following mail was blocked since it contains sensitive content.
Source mailbox: [EMAIL PROTECTED]
Destination mailbox(es): [EMAIL PROTECTED]
Rule/Policy: Profanity
Action: Quarantine to C:\Program
Files\Trend\SMCF\Quarantine\2003-06-18\
On Tue, Jun 17, 2003 at 03:05:07PM -0700, System Administrator wrote:
> Freeradius version 0.8.1
> FreeBSD version 4.8
>
> I am trying to rewrite the User-Name attribute using
>
> attr_rewrite add_realm {
> attribute = User-Name
> searchin = packet
>
I don't know how to get TLS to work, but you should be able to do
SSL by specifying that the LDAP port to use is 669 (LDAPs) in
your radius.conf. I'm, however, having a similar problem in that
I am unable to get it to work because of a complaint about a self-signed
certificate. If you have any id
On Tuesday 17 June 2003 22:16, Jeff Thompson - World Net Technical Support
wrote:
> This was covered all yesterday, but here is the output of radiusd -x when
> compiled using the source tarball from freeradius.org using ./configure
> --with-raddbdir=/etc/raddb --with-logdir=/var/log/radius:
You s
Sylvain MASNADA wrote:
OK, thanks.
But just my first question was answered. Please answer the others.
(for the clients for exemple, even newbies can answer)
Thx again
Sylvain
- Original Message -
From: "Dustin Doris"
To:
Sent: Tuesday, June 17, 2003 3:49 PM
Subject: Re: freerad
Title: RE: attr_rewrite troubles
Good Morning,
Where are you placing this code? I think the attribute you should be using is "%{User-Name}". This will get you the sql_user_name attribute from the sql.conf file. If this is what you want.
Regards
Kenneth L. Miller
Information Techn
Victor,
I've had the same problem, with an CVS release from about 5/2003. There
have been fixes. With the latest snapshot used with MySQL 4.0.13, InnoDB
tables and also with a snapshot of 11/02/2003 I didn't have these
problems.
Of course I don't know which version you're using. The other thing c
OK, thanks.
But just my first question was answered. Please answer the others.
(for the clients for exemple, even newbies can answer)
Thx again
Sylvain
- Original Message -
From: "Dustin Doris"
To:
Sent: Tuesday, June 17, 2003 3:49 PM
Subject: Re: freeradius and openldap
They a
On _2003-06-18 at 13:55, Michael Chernyakhovsky wrote:
> Just now i try recompile my perl with USE_ITHREADS.
> no results. radiusd fault after kill -HUP.
>
Send output from radiusd -xxx or -X perl -V and gdb trace
> Mike.
--
Best Regards,
Boian Jordanov
SNE
Orbitel - the Internet Company
tel
when he module counter return:
rlm_counter: Entering module authorize code
rlm_counter: Could not find Check item value pair
modcall[authorize]: module "counter" returns noop
modcall: group authorize returns ok
What's the matter?
Rob
-
List info/subscribe/unsubscribe? See http://www.freer
Just now i try recompile my perl with USE_ITHREADS.
no results. radiusd fault after kill -HUP.
Mike.
> No results :(
> it segmentation faults.
> It seems my perl (slackware 9.0, perl 5.8.0) is built without -Duseithreads flag
> there are
> /*#define USE_ITHREADS/ **/
> line i
Hello to all,
I've been using FreeRadius for a year, but now I'd like to implement
RADIUS with LDAP authentication, I've test it and It works great.
Now I'd like to protect radius - ldap server comunication using TLS. But
I'm not able to do it.
My LDAP server is Notes Domino and I've been ab
No results :(
it segmentation faults.
It seems my perl (slackware 9.0, perl 5.8.0) is built without -Duseithreads flag
there are
/*#define USE_ITHREADS/ **/
line in my /usr/lib/perl5/5.8.0/i386-linux/CORE/config.h
Also, as i noticed, perl_destruct and perl_free does not exec
I read in the radiusd.conf that the reset option fo the counter module can
be user define.
How can I do this?
Thanks
Rob
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On _ 2003-06-17 at 21:55, [EMAIL PROTECTED] wrote:
> > Hi. I have a problem with rlm_perl on version 0.8.1 (under FreeBSD 5.1 Release).
> > After starting radiusd with -xyz I've got segmentation fault.
> > What I do wrong?
>
> I confirm the problem.
>
> My radiusd (latest snapshot) works fine unt
you should add your entry not to the users file but to acct_users file:
DEFAULTCalled-Station-Id = "8145550010", Proxy-To-Realm :=
"realm.net"
hope that helps
regards,
ossama
Scotty B. Lowe wrote:
I have read all of the archived posts about this subject and I can't
seem to get this to
> From: Sepp Rudel
> Sent: Friday, 13 June 2003 12:21 AM
> it seems that both MySQL and PostgreSQL default schema
> define NAS-Port-Id as integer/numeric although RFC and
> FreeRADIUS dictionary says it's string. How come? I
> haven't tested, but I would expect that SQL query will
> fail if non-nu
45 matches
Mail list logo