Local user authentication.

Hi, I just want to do local user authentication on freeradius. My users file contains testAuth-Type := Local, Password == test1234 I get the following errors in the log and I can't work out why. Jul 29 16:19:43: Main.info: Starting - reading configuration files ... Jul 29 16:19:43:

Re: Experimental modules

Alex Chen wrote: This means the 'experimental module' cannot be configured without the user specifically going to that directory and changing the execution permission bit, right? Is the '--with-experimental-modules' flag working in the 'configure' script or not? In my previous posting, I found

Re: Local user authentication.

On Tue, Jul 29, 2003 at 04:27:59PM +1000, Tran, Julian wrote: My users file contains testAuth-Type := Local, Password == test1234 I get the following errors in the log and I can't work out why. Jul 29 16:19:43: Main.info: Starting - reading configuration files ... Jul 29 16:19:43:

eap/tls authentication using smartcard

Hello! Has anyone got eap/tls authentication working with smartcards? I'm trying to do that but I don't get it work. Below is a part of the radiusd log while trying to logon: -- User-Name = KARLSSON JONNY XX -- BUF-Name = FINSIGN CA for Citizen -- subject = /C=FI/O=VRK-FINSIGN Gov.

Re: Logging - how to specify what to log?

On Sun, 27 Jul 2003 12:39 am, James Green wrote: Hi there, I've been asked as a matter of urgency to ensure that the logs we get from RADIUS include the CLI (Caller-ID), that is, the telephone number of the person making the call. This should prove they called us. I believe I need to log

Re: ldap and pap

On Mon, 28 Jul 2003, Alban Dani wrote: thanks to Alan for the tip. I can see that the prefix is being striped now however the pap module still tells me that the Password don't match rlm_pap: Using password LrmnH//xO8fdaTV3SX3iHEretqloHy1gSBagcg== for user adani authentication. rlm_pap:

LDAP.attrmap + VSA

Hi, I have an entry in a ldap database with an attribute radiusVSA. This attribute has this value - shell:priv-lev=15 In file ldap.attrmap, I have this line - replyItem Vendor-Specific radiusVSA In file users, I have an entry like this - sqdqFS

Re:Unprintable characters in the password

Sorry for re-submitting my e-mail, but I am really looking for help I've downloaded ver 0.9.0 and I've compiled it on 64-bit and again, I've got the same results. Please find the debug messages below. While testing with a 64-bit client as: ./radclient xxx.xxx.xxx.xxx auth secret test_auth The

Re: Duplicated records in MySQL Radacct table.

On Mon, 28 Jul 2003 11:37 pm, Oliver Graf wrote: On Mon, Jul 28, 2003 at 11:16:17PM +0300, Peter Nixon wrote: On Mon July 28 2003 22:59, Oliver Graf wrote: On Mon, Jul 28, 2003 at 09:30:01PM +0300, Peter Nixon wrote: On Thu July 24 2003 23:13, Daniel Destro do Carmo wrote: How can I

installation issue

I'm having an issue installing free radius on my debian box. I go through the ./configure and them type make to get the following output. make[1]: Entering directory `/usr/local/src/freeradius/freeradius-0.9.0-pre1' Making all in libltdl... make[2]: Entering directory

possible bug in src/main/files.c

When processing a $INCLUDE directive, the following code in pairlist_read() of main/files.c may cause any accumulated pair information to be lost when the recursion of the function returns a NULL to its PAIR_LIST **list argument. This can happen, for example, when the users file has a $INCLUDE

Re: installation issue

make[1]: Entering directory `/usr/local/src/freeradius/freeradius-0.9.0-pre1' Making all in libltdl... make[2]: Entering directory `/usr/local/src/freeradius/freeradius-0.9.0-pre1/libltdl' make[2]: *** No rule to make target `all'. Stop. make[2]: Leaving directory

Re: installation issue

At 02:00 PM 7/29/2003 +0100, Graeme Hinchliffe wrote: make[1]: Entering directory `/usr/local/src/freeradius/freeradius-0.9.0-pre1' make: *** [all] Error 2 Per the installation file, I'm attempting to just do $ ./configure $ make $ make install Any help on

External CHAP authorization

Hi All! freeradius-0.9rc3 FreeBSD 4.7 I try to write external auth script for MS-CHAP users from PPPoE. But I get strange form of CHAP_PASSWORD attribute. Here expample: CHAP_CHALLENGE=6857332465513379 CHAP_PASSWORD=0x01a57eeda6a2eab68495c82beb0e53f950 I have tried many examples of auth scripts,

Re: installation issue

I didn't get any errors during the ./compile. I did get several 'no' responses but nothing I figured was important for my installation. Rolling back to 0.8.1 to try that. Dylan At 09:00 AM 7/29/2003, you wrote: make[1]: Entering directory `/usr/local/src/freeradius/freeradius-0.9.0-pre1'

Re: installation issue

At 09:08 AM 7/29/2003, you wrote: At 02:00 PM 7/29/2003 +0100, Graeme Hinchliffe wrote: make[1]: Entering directory `/usr/local/src/freeradius/freeradius-0.9.0-pre1' make: *** [all] Error 2 Per the installation file, I'm attempting to just do $ ./configure $ make

Re: installation issue

Try doing an autoconf before ./configure (using autoconf 2.13) Fred - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, July 29, 2003 3:16 PM Subject: Re: installation issue I didn't get any errors during the ./compile. I did get several 'no' responses

CISCO PIX groups

Hi! Is it possible, to setup FreeRadius, to return a group information to the PIX? Litle background of my question. PIX Ver. 6.3 and FreeRadius Ver. 0.9.0pre1. I have configured two pools for PPTP in my PIX. And wont to use my FreeRadius to authenticate users for both pools based on radius

Still problems with BaseDN and recursive search

Hello, I don't think I have been clear enough: with the attached LDAP module of the radiusd.conf file, the search "performing search in DC=firmtest,DC=w2k, with filter (displayName=radius1)" does not work. If I modify the BaseDN that way: basedn = "OU=outest,DC=firmtest,DC=w2k", it works

Re: Accounting with freeradius

On Tue, 29 Jul 2003 04:07 pm, GAUDIN Thomas wrote: Hello, I have configured freeradius with openldap and there is no problem with authentication. Now, I would like to do accounting and I don't understand how do it. I have configured radiusd.conf and I don't know what I can do with acct_users

Ascend never recieves the Access-Accept packet

Hi all, I have been using Cistron radiusd for a while now. I have decided to migrate to FreeRadius, and have therefore setup a testbed. Testbed consists of: (1) Ascend MAX 6000 (with VSA's enabled) (2) FreeBSD 4.8 radius servers. The configuration of FreeRadius seems rather

Re: Ascend never recieves the Access-Accept packet

On Tue, 29 Jul 2003 04:57 pm, Jeff Palmer wrote: Hi all, I have been using Cistron radiusd for a while now. I have decided to migrate to FreeRadius, and have therefore setup a testbed. Testbed consists of: (1) Ascend MAX 6000 (with VSA's enabled) (2) FreeBSD 4.8 radius servers.

RE: Accounting with freeradius

How enable accounting on linux??? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Accounting with freeradius

On Tue, Jul 29, 2003 at 04:12:25PM +0200, GAUDIN Thomas wrote: How enable accounting on linux??? I'm sorry, but the linux kernel has no aaa extensions. Perhaps you would like to write a kernel module which does aaa accounting? What do you want to account? Processor time? Memory usage? I'm just

Re: Accounting with freeradius

On Tue, Jul 29, 2003 at 04:25:30PM +0200, Oliver Graf wrote: On Tue, Jul 29, 2003 at 04:12:25PM +0200, GAUDIN Thomas wrote: How enable accounting on linux??? I'm sorry, but the linux kernel has no aaa extensions. Perhaps you would like to write a kernel module which does aaa accounting?

Re: Ascend never recieves the Access-Accept packet

snip In debugging, I decided to replace freeradius with cistron on one of the testbed servers. It works fine! I've got to be overlooking something simple. I don't suppose you are running a firewall by any chance?? -- Peter Nixon http://www.peternixon.net/ PGP Key:

Re: Reply message from the counter module

Alexander M. Pravking [EMAIL PROTECTED] wrote: By the way, %{Simultaneuos-Use} will not work, since there's no way to expand check items from the request... Nonsense. See 'doc/variables.txt' Huh? Hmm... if it's not there, then it's trivial enough to add. ~10 lines in

Re: Local user authentication.

Oliver Graf [EMAIL PROTECTED] wrote: What version of freeradius are you using? The error you describe is not from a recent version it seems. GNU radiusd. Which has apparently recently hit 1.0, but which has little in the way of features. And there's more list traffic for

Re: Unprintable characters in the password

Yasser Ahmed Hosny [EMAIL PROTECTED] wrote: I've downloaded ver 0.9.0 and I've compiled it on 64-bit and again, I've got the same results. Please find the debug messages below. All I can say is that it appears that parts of the code are not 64-bit clean. If you can get me an account on a

Re: possible bug in src/main/files.c

Vic Abell [EMAIL PROTECTED] wrote: When processing a $INCLUDE directive, the following code in pairlist_read() of main/files.c may cause any accumulated pair information to be lost when the recursion of the function returns a NULL to its PAIR_LIST **list argument. This can happen, for

Re: External CHAP authorization

Dmitriy Nikitinskiy [EMAIL PROTECTED] wrote: I try to write external auth script for MS-CHAP users from PPPoE. Why? The server already does MS-CHAP. But I get strange form of CHAP_PASSWORD attribute. Here expample: CHAP_CHALLENGE=6857332465513379

Re: CISCO PIX groups

Janis Pinkis [EMAIL PROTECTED] wrote: Is it possible, to setup FreeRadius, to return a group information to the PIX? Is there a Cisco RADIUS attribute which contains that group information? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: possible bug in src/main/files.c

Vic Abell [EMAIL PROTECTED] wrote: *last = t; last = t-next If t == NULL, won't t-next attempt to de-reference a NULL pointer? Yes, but I didn't show all of the code I commited. Check the CVS version of files.c Isn't last (currently) supposed to point to the end of the chain

RE: possible bug in src/main/files.c

Alan DeKok writes: Vic Abell [EMAIL PROTECTED] wrote: *last = t; last = t-next If t == NULL, won't t-next attempt to de-reference a NULL pointer? Yes, but I didn't show all of the code I commited. Check the CVS version of files.c Isn't last (currently) supposed to

RE: possible bug in src/main/files.c

At 11:04 AM 7/29/2003 -0500, Vic Abell wrote: Alan DeKok writes: Vic Abell [EMAIL PROTECTED] wrote: *last = t; last = t-next If t == NULL, won't t-next attempt to de-reference a NULL pointer? Yes, but I didn't show all of the code I commited. Check the CVS version of

Re: possible bug in src/main/files.c

Vic Abell [EMAIL PROTECTED] wrote: Unfortunately it's not possible for me to read the code, because the CVS web interface at: http://www.freeradius.org/cgi-bin/cvsweb.cgi/radiusd/ returns Internal Server Error. Is there another method to access the CVS archives? Anonymous

Re: Reply message from the counter module

On Tue, Jul 29, 2003 at 10:52:59AM -0400, Alan DeKok wrote: Alexander M. Pravking [EMAIL PROTECTED] wrote: By the way, %{Simultaneuos-Use} will not work, since there's no way to expand check items from the request... Nonsense. See 'doc/variables.txt' Huh? Hmm... if

Re: eap/tls authentication using smartcard

Jonny Karlsson [EMAIL PROTECTED] wrote: Has anyone got eap/tls authentication working with smartcards? I've had it working, but not with smartcards. rlm_eap_tls: TLS 1.0 Handshake [length 0086], ClientKeyExchange TLS_accept: SSLv3 read client key exchange A rlm_eap_tls: TLS 1.0 Alert

RE: possible bug in src/main/files.c

Chris Parker writes (in part): Wow, you caught that fast. It was disabled about 30 minutes ago due to a spider from China crawling the site and trying to recurse throught the cvs archives. Failing the pretty GUI, there is always the command line cvs interface.

Re: A question about implementing PEAP

pankaj Goel [EMAIL PROTECTED] wrote: I'm trying to implement PEAP. After SSL session is negotiated , I try to write a PEAP request packet into SSL, But do not get a responce from the XP client,using MS-CHAP v2 for phase 2, may be something wrong with data written. Can you please help me

Re: Need Help with SNMP

Atanu Das [EMAIL PROTECTED] wrote: net-snmp-5.0.6-17 FreeRADIUS can't use net-snmp. This is just a wild guess. But I have the ucd-snmp as well net-snmp headers in /usr/include/ucd-snmp and /usr/include/net-snmp. Then get the server to look at *only* ucd-snmp, and ignore net-snmp. Alan

problems with rlm_sql_freetds

I am wanting to connect to a MSSQL server via freetds. After I do a successful install, I get the following when I try to start radius (radiusd -X). rlm_sql (sql): Could not link driver rlm_sql_freetds: file not found rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the

Re: problems with rlm_sql_freetds

[EMAIL PROTECTED] wrote: I am wanting to connect to a MSSQL server via freetds. The server doesn't support FreeTDS, see: src/modules/rlm_sql/drivers/rlm_sql_freetds/Makefile After I do a successful install, I get the following when I try to start radius (radiusd -X). rlm_sql

Re: Local user authentication.

On Tue, Jul 29, 2003 at 10:55:30AM -0400, Alan DeKok wrote: And it uses guile. Yuck. Uhhh guile! I love lisp-like languages. Perhaps I should switch? ;) Hmmm... or I could add rlm_elisp... Oliver. P.S.: no, the last one was also a joke. - List info/subscribe/unsubscribe? See

Re: problems with rlm_sql_freetds

At 02:15 PM 7/29/2003, you wrote: [EMAIL PROTECTED] wrote: I am wanting to connect to a MSSQL server via freetds. The server doesn't support FreeTDS, see: src/modules/rlm_sql/drivers/rlm_sql_freetds/Makefile After I do a successful install, I get the following when I try to start

Re: problems with rlm_sql_freetds

On Tue July 29 2003 21:04, [EMAIL PROTECTED] wrote: I am wanting to connect to a MSSQL server via freetds. After I do a successful install, I get the following when I try to start radius (radiusd -X). rlm_sql (sql): Could not link driver rlm_sql_freetds: file not found rlm_sql (sql): Make

Re: Unprintable characters in the password

On Tue July 29 2003 18:06, Alan DeKok wrote: Yasser Ahmed Hosny [EMAIL PROTECTED] wrote: I've downloaded ver 0.9.0 and I've compiled it on 64-bit and again, I've got the same results. Please find the debug messages below. All I can say is that it appears that parts of the code are not

Re: Need Help with SNMP

Hi Alan, Thanks for such a prompt reply. I got your point. I think I will have to install the **OLD** version of ucd-snmp (ucd-snmp-4.2.6) in my RedHat 9 box. The headers that i have in /usr/include/ucd-snmp are asn1.h- #ifdef UCD_COMPATIBLE #include

Has anyone been able to get rlm_sql to auth users

I was trying to get the PostgreSQL driver working. The SQL tables need to be fixed significantly, I have fixed some of the data types and have the tables functional. With so little documentation for rlm_sql it is very difficult to work with. I have made my own patch for Cistron 1.6.7-rc4 that

Re: Has anyone been able to get rlm_sql to auth users

Guy Fraser [EMAIL PROTECTED] wrote: The SQL tables need to be fixed significantly, I have fixed some of the data types and have the tables functional. 0.9.0 and the latest CVS snapshot contain a number of fixes to the SQL tables. Do you have any *other* information, like examples of what

RE: Has anyone been able to get rlm_sql to auth users

I have it running authenticating hotspot controllers in my lab. Jeremy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: Tuesday, July 29, 2003 3:44 PM To: [EMAIL PROTECTED] Subject: Re: Has anyone been able to get rlm_sql to auth users Guy

Re: A question about implementing PEAP

Hi, I configured rlm_eap-peap module and used the code from eap-tls module to get till the first phase of peap. I have been using freeradius 0.8.1. Are you talking about the latest snapshot from CVS regarding the changes ? Thanks, Pankaj Goel. --- Alan DeKok [EMAIL PROTECTED] wrote: pankaj

Error starting

Hi I get sparc20:~/freeradius-0.9.0# /usr/local/sbin/radiusd -Xradiusd: Cannot findELF

Killedsparc20:~/freeradius-0.9.0# The 3 squares are smiley faces! What is ELF? This is on Solaris8 with gcc 3.3 Dave

Re: A question about implementing PEAP

pankaj Goel [EMAIL PROTECTED] wrote: I configured rlm_eap-peap module and used the code from eap-tls module to get till the first phase of peap. I have been using freeradius 0.8.1. Are you talking about the latest snapshot from CVS regarding the changes ? Yes. The issue is that the

Re: Has anyone been able to get rlm_sql to auth users

On Tue July 29 2003 22:26, Guy Fraser wrote: I was trying to get the PostgreSQL driver working. It should just work (tm) The SQL tables need to be fixed significantly, I have fixed some of the data types and have the tables functional. They are function and should not need fixing. I

Re: Reply message from the counter module

On Mon, Jul 28, 2003 at 02:02:22PM -0400, Alan DeKok wrote: Dear developers, how about customizable messages? Something like this in radiusd.conf: messages { multiple_login = You are already logged in %{Simultaneous-Use} times\r\n timespan_violation = You are calling outside

RE: Need Help with SNMP

Ats, The way I got this working was to remove the ifdefs in the headers files in /usr/include/ucd-snmp. Then it complies fine. I have also started making some other changes to allow more snmp information to be collected (it was to a pre 0.9.0 snapshot), but will need a bit more time to sort it

MSSQL connectivity

Does anybody on the list successfully have freeradius reading from a MSSQL database? I've tried the freetds module as well as sybase to connect but am not having much luck. Any pointers would be much appreciated. Dylan - List info/subscribe/unsubscribe? See

Re: MSSQL connectivity

On Wednesday 30 July 2003 03:52, [EMAIL PROTECTED] wrote: Does anybody on the list successfully have freeradius reading from a MSSQL database? I've tried the freetds module as well as sybase to connect but am not having much luck. Any pointers would be much appreciated. Dylan - List