RE: LEAP, LDAP & NT-password

Bryan, I'm planning on setting up a system exactly like this in the coming days now that PEAP support is available. If all goes well, I intend to produce a howto to make it easier for other folks. I've been doing some research for this reason, and I've come across the following thread: http:

RE: SSL header file

The toplevel config.log does not have much information. I go down to the rlm_eap_tls and run 'configure'. This time the config.log does show that it can find the file and compilation passes. When I go back to the root directory and rebuild, it does find the header file. Now it compiles fine. Hav

RE: SSL header file

> From: Alex Chen > Sent: Wednesday, 15 October 2003 8:41 AM > I am using Linux 9 and FreeRadius 0.9.1. > I tried to build the rlm_eap_tls module but somehow the > configuration script cannot find the header file ssl.h. > I have installed the following packages in the box: > [root]# rpm -qa | gre

Re: Operator " =* " in "users" File....

Hello~ My friend tried this last week, and it was still failed. I don't what users' data are stored in his LDAP Server, so I'm not sure what the problem is... - Original Message - From: "Jack J" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October

Re: Operator " =* " in "users" File....

Hi Allen, Did you get any response for this ? If so, could you please share the information ? Thanks, --- Allen Chung <[EMAIL PROTECTED]> wrote: > Hello: > > Thanks for your advise. > > I have another question. > > How to support both Auth-Type EAP-MD5 and > Auth-Typ

SSL header file

I am using Linux 9 and FreeRadius 0.9.1. I tried to build the rlm_eap_tls module but somehow the configuration script cannot find the header file ssl.h. I have installed the following packages in the box: [root]# rpm -qa | grep openssl openssl-devel-0.9.7a-2 openssl-0.9.7a-2 [root]# ls /usr/inclu

Re: Incorrect logins - incorrect

On Tue, 14 Oct 2003, VCI Help Desk wrote: Bill, > Hi, > > I switched to FreeRadius about a week ago and just noticed these errors > in my radius.log file. I see where Radius has rejected a customers > authentication because it says the password is wrong or the shell doesn't > exist. But I

RE: LEAP, LDAP & NT-password

O.K., I've almost got this working... The LDAP stores the NT password in a field called 'ntpassword'. It is stored as a standard NT-hash - '8846F7...'. I've modified the LDAP module section so that it uses 'password_attribute = ntpassword'. Now, if I stick 'password' (un-hashed) into the ntpass

Fwd: RE: WPA w/ EAP-TLS against 0.8.1

Hi, Short update on this one for the interest of people on the list. Browsing around on the Linksys site turned up a set of beta drivers for the WPC54G PCMCIA card, with release notes indicating that these should be tried by users, running the card on laptops with Texas Instruments cardbus con

Re: Disconnecting a user

Turns out my boss was wrong. He thought he could, but when we set up an experiment, we couldn't. Thanks for your time; sorry to waste it. -jag On Tue, 2003-10-14 at 12:03, Chris Parker wrote: > It can't. It is simply not possible, unless VOPRadius has administrative > access to the NAS. - Li

PEAP Version 0 implementation from Masao Nishiku

I've just added an implementation of PEAP Version 0, from Masao Nishiku. It's supposed to work with Windows XP SP1, and Windows 2000 SP4, but I encourage everyone to test it for themselves. The CVS snapshot from Wednesday will contain the implementation of PEAP. Simply download, configure, a

Re: LEAP, LDAP & NT-password

"Michael Kopp" <[EMAIL PROTECTED]> wrote: > > If you can pull the NT-Password out of the LDAP database, the > > EAP/LEAP module can use it for authentication. > > does this mean this also applies to the newly freeradius feature > PEAP-MSCHAP2 ? Yes. The EAP MS-CHAPv2 implementation simply d

Re: LEAP, LDAP & NT-password

Hi, > > Since we already have the NT > > hashed version of the password stored in our LDAP that would work > > beautifully. Am I reading this correctly? Or is my understanding > clouded > > by my need to find a solution? > > If you can pull the NT-Password out of the LDAP database, the > EAP/

Re: Disconnecting a user

At 12:48 PM 10/14/2003, Joshua Ginsberg wrote: First, thank you for responding. > No, if you don't have administrative access on the NAS, then there is > no way to disconnect a user. I've got to believe it is at least possible, given that VOPRadius can do this somehow. Perhaps I need to be inspect

Re: Disconnecting a user

First, thank you for responding. > No, if you don't have administrative access on the NAS, then there is > no way to disconnect a user. I've got to believe it is at least possible, given that VOPRadius can do this somehow. Perhaps I need to be inspecting closer how it does this and work on duplic

Incorrect logins - incorrect

Hi, I switched to FreeRadius about a week ago and just noticed these errors in my radius.log file. I see where Radius has rejected a customers authentication because it says the password is wrong or the shell doesn't exist. But I have checked these usernames and passwords and shells and th

Re: Upgrading freeradius

"Lisa Casey" <[EMAIL PROTECTED]> wrote: > OK, so I see part of the problem. My old freeradius used /etc/raddb for it's > conf files and /var/log/radiusd-freeradius for it's log files. This new one > seems to want to use /usr/local/etc/raddb for it's conf files and > /usr/local/var/log/radius for it

Re: Disconnecting a user

At 12:20 PM 10/14/2003, Joshua Ginsberg wrote: Hello - I've perused the archives for awhile, so I know this is decently dealt with, but hopefully my questions are new. Does anybody know how VOPRadius does this? Or does anybody know how this "Ping of Death" works and if FreeRadius can do this? Or

Disconnecting a user

Hello - I've perused the archives for awhile, so I know this is decently dealt with, but hopefully my questions are new. Basically, we're running VOPRadius on WinNT that has the ability to disconnect a user at the administrator's will. I do not know exactly how it does this. We would like to be a

Re: Upgrading freeradius

Hi, OK, so I see part of the problem. My old freeradius used /etc/raddb for it's conf files and /var/log/radiusd-freeradius for it's log files. This new one seems to want to use /usr/local/etc/raddb for it's conf files and /usr/local/var/log/radius for it's logfiles. I'ld like to have this work th

Re: Proxy where a single server is marked dead?

On Tue, 2003-10-14 at 15:22, Alan DeKok wrote: > Josh Howlett <[EMAIL PROTECTED]> wrote: > > My reading of the source suggests to me that it will get dropped > > silently, but I would appreciate an educated opinion! > > Pretty much. Sending a reject request may be friendlier, though. Yes. It w

Upgrading freeradius

Hi, I just upgraded from freeradius 0.4 to freeradius 0.9.1. I thought I was logging the output of configure, make and make install, but it did not log so I lost that. The radius binary was installed in /usr/local/sbin, and my old binary is in /usr/sbin so I cacked up the 0.4 binary and copied the

Re: LEAP, LDAP & NT-password

"Woods, Bryan" <[EMAIL PROTECTED]> wrote: > Since my "real" users are in the LDAP, I won't be using the 'users' file. > So where do I define the Auth-Type? And what value should it be set to? You don't define the Auth-Type. The server will figure it out on its own. > And I'm guessing that I c

RE: LEAP, LDAP & NT-password

Thank you for clarifying that for me. Since my "real" users are in the LDAP, I won't be using the 'users' file. So where do I define the Auth-Type? And what value should it be set to? And I'm guessing that I can setup the ldap section of 'modules' to use the 'password_attribute' in which we stor

Re: LEAP, LDAP & NT-password

"Woods, Bryan" <[EMAIL PROTECTED]> wrote: > This all works quite nicely with the test accounts that I setup in the > 'users' file: > > "testeap" Auth-Type := EAP, User-Password == "password" Don't set Auth-Type to EAP. If there is an EAP message in the request, then the EAP module will take c

LEAP, LDAP & NT-password

Greetings all, I'm quite new to FR and this list, but I have searched the archives and been unable to find the answers that I'm looking for. I'm using 0.9.1 on a slackware-based distro to provide LEAP authentication for wireless clients through a Cisco Aironet 1200 wireless network. The client i

Akár havi 3000$

Keressen havi több ezer dollárt könnyû internetes munkával! Részletek: [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Install issues with Redhat and MySQL

Dennis Skinner <[EMAIL PROTECTED]> wrote: > Interesting that other compiled programs on this system don't seem to > have these issues. Exim, for example, seems to be able to find and use > the mysql libraries fine when I tell it where they are... Maybe exim doesn't use libltdl. Exim probably

Re: Proxy where a single server is marked dead?

Josh Howlett <[EMAIL PROTECTED]> wrote: > My reading of the source suggests to me that it will get dropped > silently, but I would appreciate an educated opinion! Pretty much. Sending a reject request may be friendlier, though. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.

Re: Billing sw?

On the commercial (not freeware) side, you can look at Rodopi. It is a pretty good package, and I think they have a trial program available. I have been using it for over a year. I have it integrated with FR/MySql and my CGP mail server so that all customer service is done through Rodopi and i

Re: Billing sw?

Have you also used freeside? I have not installed and looked at either yet but am wondering what the major benfits of modernbill are over freeside? - Original Message - From: "Jyran Glucky" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, October 14, 2003 11:49 PM Subject: Re:

Re: Billing sw?

You can pretty much use it as is and if you do need help customizing it there are alot of people on the forums that can help. I would recommend maybe downloading the 30 day trial and playing around with it. jyran - Original Message - From: "Steve Hampson" <[EMAIL PROTECTED]> To: <[EMAIL

Re: Billing sw?

What needs to be done to it to modify it for the ISP senario? - Original Message - From: "Jyran Glucky" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, October 14, 2003 10:44 PM Subject: Re: Billing sw? > You can try modernbill. http://www.modernbill.com/ > You can lease it f

Re: Install issues with Redhat and MySQL

On Mon, 2003-10-13 at 16:47, Alan DeKok wrote: > Dennis Skinner <[EMAIL PROTECTED]> wrote: > > I tried the LD_CONFIG_PATH, modifying ld.so.conf, and --disable-shared > > with same results. > > LD_CONFIG_PATH? Have you tried LD_LIBRARY_PATH? Sorry, brain fart. LD_LIBRARY_PATH does not work. >

RE: Install issues with Redhat and MySQL

On Tue, 2003-10-14 at 00:35, Aris Prasetya NCS wrote: > Hi Dennis, > I use: > mysql-standard-4.0.15-pc-linux-i686.tar.gz > freeradius-0.9.1.tar.gz > > pls check whether your: > /usr/local/freeradius-0.9.1/src/modules/rlm_sql/drivers/rlm_sql_mysql > has: > rlm_sql_mysql.a > rlm_sql_mysql.la > sql_

Module contribuition: rlm_pre_proxy_pap2chap

Hi, I want to contribute a module a just wrote for FreeRadius: rlm_pre_proxy_pap2chap allows FreeRadius to receive a PAP authorization request and forwards it to a remote RADIUS server using the CHAP protocol. The PAP to CHAP convertion is usefull in the cases where the remote RADIUS serv

Re: Billing sw?

You can try modernbill. http://www.modernbill.com/ You can lease it for 25.00 per month and get technical support and forum access. Its designed for web hosting companies, but you get access to the source code and it is easily modifiable for isp's. jyran - Original Message - From: "Stef

Re: Need held to install radius for cdr recording

You can download the FREE radius server freeradius from the ftp site ftp.freeradius.org/pub/radius/freeradius.tar.gz. You then have to compile and run radius server. Then setup your cisco router to send the accounting packets to freeradius. Don't forget to choose where you want the CDR to be logged

Re: Proxy where a single server is marked dead?

On Tue, 2003-10-14 at 12:18, Josh Howlett wrote: > Can someone please briefly indicate the expected behaviour of FreeRADIUS > where a realm has a single instance of a {auth|acct}host is specified, > but this server has been marked dead owing to inactivity? > > My reading of the source suggests to

RE: Billing sw?

You could try freeside, http://www.sisd.com/freeside/ > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Stefano > Costantini > Sent: 14 October 2003 12:52 > To: [EMAIL PROTECTED] > Subject: Billing sw? > > > I've installed a brand new freeradius server, a

Billing sw?

I've installed a brand new freeradius server, and everything is really ok. But ... i need to build a billing system for mi wi-fi network and i'd like to know if there's a good full made billing system somewhere Tks Stefano - List info/subscribe/unsubscribe? See http://www.freeradius.org/list

Proxy where a single server is marked dead?

Can someone please briefly indicate the expected behaviour of FreeRADIUS where a realm has a single instance of a {auth|acct}host is specified, but this server has been marked dead owing to inactivity? My reading of the source suggests to me that it will get dropped silently, but I would appreciat

Huntgroups and IPPOOL allocation based on NAS Request

Hi Currently attempting to set-up multiple ippools, which are correctly assigned due to the NAS making the request. --start huntgroups- llgcis01-hunt NAS-IP-Address == 127.0.0.1 btsurf01-hunt NAS-IP-Address == 10.1.1.100 ---end huntgroups ---start users D

Re: order the default session time

You have two Reply-Items: 'Idle-Timeout' and 'Session-Timeout'. Both take integer values. Am Die, 2003-10-14 um 02.58 schrieb alantu: > freeradius-users > Hi all, I get one question how to order users default session time? such as > per user > session is 600s. - List info/subscribe/uns

Account packet loop

Hi all. (B (BI manage the RADIUS system. (BIt consists of redhat9, freeradius0.9.1 and MS-SQL|mySQL. (BThe system are organized redundantly. Account information is doubled (Bby radrelay. (B (BI stopped temporarily the redundant server of them for maintenance (Bon the other day. Account pa

Need held to install radius for cdr recording

Hi, I need to dump Caller Detail Record from our cisco router to sql database in another machine. And I want to know from where I can download a free radius server module to get this done. And if you may pls send me a configuration guide for this. Thank You. Manjula - List info/subscribe/unsub