Dear Eliot Gable,
Try to use shorter secret.
--Tuesday, December 2, 2003, 6:08:17 PM, you wrote to [EMAIL PROTECTED]:
>>From the NAS realms.conf file:
EG> realm homenode.greatlakes.net {
EG> type=radius
EG> authhost=208.244.161.200:1812
EG> accthost=208.244.161.200:1813
Dear Eliot Gable,
--Tuesday, December 2, 2003, 9:58:52 PM, you wrote to [EMAIL PROTECTED]:
EG> | 4 | 56/56 | Vendor-Specific | := | homenode.greatlakes.net | 0 |
Read RFC about what Vendor-Specific attribute is.
--
~/ZARAZA
Патриотизм - это та же религия. (Твен)
-
List info/subscribe/unsu
Hello,
I want to have a graph of simultaneos users with FreeRadius.
I know it can be done with radwho and MRTG, but I don´t know how to
configure
FreeRadius to maintain an active session database
Thanks.
--
**
José Berenguer G
For example of proxy configuration... let say login
as [EMAIL PROTECTED] , Is it possible
for Freeradius to strip the username (user1) and proxied to other radius server
using "abc.com.my" only...
thanks..
--haizam
Upgraded to CVS snapshot.
Identified the problem as an extra attribute that gets sent by the NAS in
the accounting requests when Bandwidth Management is enabled.
It's all working now.
Thanks,
Olmo.
> -Mensaje original-
> De: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] En nombre de
On Tue, 2003-12-02 at 19:26, Alan DeKok wrote:
> "Eliot Gable" <[EMAIL PROTECTED]> wrote:
> > The only essential design feature is this: when a user authenticates =
> > against a localnode, a Vendor-Specific attribute (with a vendor code of =
> > "4363" and attribute number of "5") containing a str
At Mon, 1 Dec 2003 12:10:51 -0500,
Duane Barnes wrote:
>
> [1 ]
> I'm using freeradius 0.7.1. and mysql 3.23. I'm trying to setup radius to
> allow ms-chap and have gotten it to instantiate the module, but I don't know
> how to enter the ms-chap password into the mysql db. Below is the error:
Hello
I have a big prob..
I would like to use the rlm sql mysql module..
My os is redhat 9 and i can't install and use this module..
When i do a config , make & make install
(in dynamic or static), all module 'll be loaded
except mysql
rlm_sqlippool: Could not link driver rlm_sql_mysql
Hi,
Yes, that's what I also deduced. My problem is that I really don't
know how to tell the Radius server to send that info to the NAS. I tried to
put in the nastype file, the type "alteon", but it does not seem to work.
And no, there is not any firewall doing NAT with these addre
Hello
I have a big prob..
I would like to use the rlm sql mysql module..
My os is redhat 9 and i can't install and use this module..
When i do a config , make & make install
(in dynamic or static), all module 'll be loaded
except mysql
rlm_sqlippool: Could not link driver rlm_sql_mysql
hi!
I'm using freeradius cvs(Nov 25 -2003) as a radius proxy. And as a remote
radius server I got another copy of freeradius running.
For my application enviorenment I need my radius-proxy server to pass all
requests to the remote server. But under one condition.
i.e.
I need to remove the attr
The file is missing. Go to
$(radiussource)/src/modules/rlm_sql/drivers/rlm_sql_mysql/ and see if it is
built.
On Wednesday 03 December 2003 09:55, Breuer Nicolas - BelCenter.com wrote:
> Hello
>
> I have a big prob..
>
> I would like to use the rlm sql mysql module..
> My os is redhat 9 and
Liste files i have
config.log
configure
db_mysql.sql
Makefile.in
rlm_sql_mysql.la
sql_mysql.lo
config.status
configure.in
Makefile
rlm_sql_mysql.a
sql_mysql.c
sql_mysql.o
On 3 Dec 2003 at 11:16, Arthur B Olsen wrote:
> The file is missing. Go to
> $(radiussource)/src/modules/rlm_sql/drivers/r
> Of course, you may mean that the *NAS* sends retry packets, and
> those are logged. There isn't much that can be done about that...
AH! hadn't thought of it that way, sounds most logical.. I am using radclient to sent
the auth packets, and it just sits waiting for a response, so I guess it i
Hi all
when I run the log_badlogins, The result "username" is just a "-" in the db.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Content-Type: application/octet-stream;
name=prodImage[72].jpg
Content-Transfer-Encoding: base64
Content-ID:
/9j/4AAQSkZJRgABAQEASABIAAD/2wBDAAUDBAQEAwUEBAQFBQUGBwwIBwcHBw8LCwkMEQ8S
EhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/2wBDAQUFBQcGBw4ICA4eFBEU
Hh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh
Alan DeKok <[EMAIL PROTECTED]> wrote:
>Ben Hockenhull <[EMAIL PROTECTED]> wrote:
>> Under 0.9.3, only the first AVPair is sent back. I'm not sure why.
>
> Read the 'man' page for the 'users' file. I think it's also in the
>FAQ.
>
> Try '+=', instead of '='.
Ah ha. That did it. I didn't see
* From: Guy Fraser
* Subject: Re: adding Client-Short-Name attribute
* Date: Mon, 01 Dec 2003 10:21:46 -0800
Here is a script I wrote in perl to process the clients.conf file and
output a
comma seperated variable l
I am running Redhat 9 and Freeradius-0.9.3. When a user trys to log in
that is using chap I get a reject . This is what the radius.log shows.
Users that are not in the chap file login just fine.
Tue Dec 2 13:14:23 2003 : Auth: rlm_unix: Attribute "User-Password" is required for
authentication.
Hi all
when I run the log_badlogins, The result "username" is just a "-" in the db.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Leonard Childers <[EMAIL PROTECTED]> wrote:
> Tue Dec 2 13:14:23 2003 : Auth: rlm_unix: Attribute "User-Password" is required for
> authentication. Cannot use "CHAP-Password".
...
> Here is the debug file. I know it has to be something simple that I am
> overlooking.
The FAQ. Go read it.
=?iso-8859-1?Q?Jos=E9?= Berenguer <[EMAIL PROTECTED]> wrote:
> I want to have a graph of simultaneos users with FreeRadius.
> I know it can be done with radwho and MRTG, but I don´t know how to
> configure
> FreeRadius to maintain an active session database
FreeRADIUS does this already. That's
Josh Howlett <[EMAIL PROTECTED]> wrote:
> Thanks, this will make life a bit easier. Thanks also for helping Elliot
> out. This thread was started while I was out of the office, so I wasn't
> able to cut in and help Elliot myself.
You're welcome.
> Would you mind naming it "dictionary.university
Victor Mira <[EMAIL PROTECTED]> wrote:
> Yes, that's what I also deduced. My problem is that I really don't
> know how to tell the Radius server to send that info to the NAS. I tried to
> put in the nastype file, the type "alteon", but it does not seem to work.
Go read the 'dictionary.al
What version of FR did you get this from?
Are the usenames in your log file?
alantu wrote:
>Hi all
> when I run the log_badlogins, The result "username" is just a "-" in the db.
>
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I did read FAQ and here is the acct_users line for him.
clhilton Auth-Type += Local, Password == "**"
> Leonard Childers <[EMAIL PROTECTED]> wrote:
> > Tue Dec 2 13:14:23 2003 : Auth: rlm_unix: Attribute "User-Password" is required
> > for authentication. Cannot use "CHAP-Password".
> ...
Leonard Childers <[EMAIL PROTECTED]> wrote:
> I did read FAQ and here is the acct_users line for him.
>
> clhilton Auth-Type += Local, Password == "**"
WTF? You're trying to authenticate accounting packets?
You're even more confused than I thought.
For the record, that entry in 'acct
Thanks Alan, I thought I already tried
that. Anyway I'll keep trying.
"Alan DeKok" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
03/12/2003 17:26
Please respond to freeradius-users
To:
[EMAIL PROTECTED]
cc:
Subject:
Re: Freeradius and
Alan,
I must be blind. I can't find it. I am going to www.freeradius.org/faq and
the only thing I see is under section 4.4 that pertains to chap.
Sorry.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
confirm 591668
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, Dec 03, 2003, Breuer Nicolas - BelCenter.com wrote:
>
> Hello
>
> I have a big prob..
>
> I would like to use the rlm sql mysql module..
> My os is redhat 9 and i can't install and use this module..
I just ran into this last week when building freeradius under the
OpenPKG.org packaging sys
OK, I had my FreeRadius server working fine for Wireless LAN MAC
authentication using the clients and users text files.
My next step was to setup a MySQL database that would store the
usernames and groups rather than having the text file. I followed the
directions in Hassell's RADIUS book and eve
same problem..
On 3 Dec 2003 at 13:22, Michael Shanafelt wrote:
> OK, I had my FreeRadius server working fine for Wireless LAN MAC
> authentication using the clients and users text files.
>
> My next step was to setup a MySQL database that would store the
> usernames and groups rather than havi
Leonard Childers <[EMAIL PROTECTED]> wrote:
> I must be blind. I can't find it. I am going to www.freeradius.org/faq and
> the only thing I see is under section 4.4 that pertains to chap.
Yes... what part of it is unclear?
You have the RADIUS server set up to authenticate against
/etc/passwd
"denz" <[EMAIL PROTECTED]> wrote:
> I need to remove the attribute
> Calling-Station-Id = xxx
> from the requests before passing it to the remote radius server.
Use rlm_attr_filter in pre-proxy.
> And while doing that I need to run some script and put those
> Calling-station-id
I guess I have misunderstood everything. I am running cistron radius and
it can do both. I have some users in the user file and the rest on the
system. We have 10 different nas that verify thru cistron and some only
work with chap and the other use pap.
Thanks for your help.
-
List info/subs
Leonard Childers <[EMAIL PROTECTED]> wrote:
> I guess I have misunderstood everything. I am running cistron radius
Then you're even ruder than I thought. You're asking questions on
the FreeRADIUS list. See the list name? It says FREERADIUS. It
doesn't say CISTRON.
I'm appalled at your beh
Alan,
You misunderstood. I am trying to get freeradius running. I am currently
using cistron with it authenticating using both the user file and the
password file. And I am not trying to be rude. If anyone is you are. I am
just trying to under stand how freeradius works. Now if that offends you
Leonard,
What *you* are misunderstanding is that there is ABSOLUTELY NO WAY for
ANY system (Cistron, FreeRADIUS, or otherwise) to be able to
authenticate CHAP passwords with ONLY a standard salted crypt()
password, which is what the /etc/passwd systems use. The /etc/passwd
passwords are one-way p
Leonard Childers <[EMAIL PROTECTED]> wrote:
> You misunderstood. I am trying to get freeradius running. I am currently
> using cistron with it authenticating using both the user file and the
> password file. And I am not trying to be rude. If anyone is you are.
Right.
What part of "go away"
I have put my realm in the realms file: bigrivertel.net
192.168.69.10
When I run ‘radiusd –X’, I get the
following error:
/usr/local/etc/raddb/realms[28]: Cannot find 'clients' file
entry of remote server 209.16.220.10 for realm "bigrivertel.net"
Errors reading realms
Errors
"Anson Rinesmith" <[EMAIL PROTECTED]> wrote:
> I have put my realm in the realms file: bigrivertel.net
> 192.168.69.10
You've also got to list it in the 'clients' file, OR use the
"proxy.conf" file.
> /usr/local/etc/raddb/realms[28]: Cannot find 'clients' file entry of remote
> server 209.16.22
Hmm,
You probably forgot to install the mysql devel rpm.
Cheers
Patrick
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Breuer
Nicolas - BelCenter.com
Sent: woensdag 3 december 2003 10:55
To: [EMAIL PROTECTED]
Subject: Help with RLM MYSQL
Hello
I have
I have a question regarding the implementation of Digest-MD5 authentication
protocol as defined in 'expired' draft "draft-sterman-aaa-sip-00.txt"
As per the everything seems to be perfect other than step-4 in the below
sequence diagram.
User RADIUSRAD
I added
realm bigrivertel.net {
type= radius
authhost= 192.168.69.10:1645
accthost= 192.168.69.10:1646
secret = ascend
}
With the same errors, should I remove my entry from realms that I added
earlier?
-Original Message-
From: [EMAIL PR
"Anson Rinesmith" <[EMAIL PROTECTED]> wrote:
> I added
> realm bigrivertel.net {
> type= radius
> authhost= 192.168.69.10:1645
> accthost= 192.168.69.10:1646
> secret = ascend
> }
>
> With the same errors, should I remove my entry from realms th
Has someone an idea what happens with
this?
I paste my last post,
Best regards,
Rodrigo Gonzalez.
The problem is still there, but I notice something, the user I tested has
anempty password, I tested with a non empty password user and everything
isok.I uncommented two DEBUG lines in rl
When I remove the realms entry, it tries to authenticate locally, when
watching 'radiusd -X'
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: Wednesday, December 03, 2003 3:38 PM
To: [EMAIL PROTECTED]
Subject: Re: proxy
"Anson Rinesmith"
Is it possible to have FreeRadius authenticate against a SAMBA 3.x
implementation?
Bob
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 05:06 PM 12/3/2003, [EMAIL PROTECTED] wrote:
Is it possible to have FreeRadius authenticate against a SAMBA 3.x
implementation?
rlm_smb ? I don't know how widely used this module is, but it should
do what you are looking for.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris
Hi,
First of all let me start with the standard "I am new to RADIUS, be patient
with me" disclaimer. :)
I'm trying to get WPA Enterprise LEAP support running using Aiport Extreme,
FreeRADIUS v0.9.2 on FreeBSD 4.9p1
When I try to authenticate, the wireless client machine times out and no
authentica
On Dec 3, 2003, at 3:20 PM, Sean Page wrote:
Hi,
First of all let me start with the standard "I am new to RADIUS, be
patient
with me" disclaimer. :)
I'm trying to get WPA Enterprise LEAP support running using Aiport
Extreme,
FreeRADIUS v0.9.2 on FreeBSD 4.9p1
WPA Enterprise does not support L
Hi there,
For once more I seem to be having a slight problem with
FreeRadius. During mostly times of high connectivity from the dialup
users some users they connect normally but only a few seconds later the
link fails and get an error for redialing without any reason.
I've noticed a few
> > I need to remove the attribute
> > Calling-Station-Id = xxx
> > from the requests before passing it to the remote radius server.
>
> Use rlm_attr_filter in pre-proxy.
I modified the radiusd.conf as suggested,
pre-proxy {
attr_filter
# If you want to hav
Hi all,
While running freeradius with a sybase backend, I've found a few errors:
1. It incorrectly returns the number of rows modified by a query. This
means
that a successful query from a start/stop record
always runs the alternate start/stop query also. This is generally a
waste of resource
Hi guys,
I am implementing wireless EAP-TLS with freeradius authentication. It has
been running already for a month now until one day all of my clients can no
longer authenticate. Then I found out that the root certificate has
expired.. it is only good for one month. My temporary solution for now
> Just want to ask if how to make a root.der certificate
> to extend to more that one month?
To get certificates valid for one year, when you request the cert in
your script, stick in a "-days 365":
openssl req -new -x509 -days 365 -keyout newreq.pem -out newreq.pem -passin
pass:whatever -passo
On Thu, Dec 04, 2003 at 03:07:41AM +0200, m0bius wrote:
> DEFAULT Service-Type == Framed-User, Pool-Name := "main_pool"
> Framed-MTU = 1500,
> Service-Type = Framed-User,
> Fall-Through = 1,
> Ascend-IP-Pool-Definition = "1 111.222.333.97 93"
As far as I understand
58 matches
Mail list logo
