Allen,
You could try to put the following in the users file:
DEFAULT Realm =~ "\.us$", Proxy-To-Realm += "us"
DEFAULT Realm =~ "\.jp$", Proxy-To-Realm += "jp"
In proxy.conf you can put something like:
realm us {
type= radius
authhost= 123.123.234.234:1812
Hi Tom,
I'm using this on a MaxTNT NAS. Maybe your NAS also supports it. From the
MaxTNT:
IO-Admin >read answer
ANSWER-DEFAULTS read
IO-Admin >set clid-auth-mode ?
clid-auth-mode:
Specifies how calling line identification (CLID) will be used for
incoming call authentication.
Enumerated field, v
dacct logging the start and stop records are
logged. I'll try to get more info.
Regards, Chris
On Thu, 2003-08-28 at 15:20, Chris van Meerendonk wrote:
> Hi Paul,
> > > > I can install a recent (cvs) version, but I'd like to know how to check
>
> This is gonna take som
Hi Paul,
> > > I can install a recent (cvs) version, but I'd like to know how to check
This is gonna take some time. I installed rlm_ippool only from cvs (the
rest is still 0.9.0 release), but by server is crashing with it. I'll
let you know when I have something interesting.
Chris
-
List info
Wauw, that's fun! I'll try if I can find any bugs...
Thanks,
Chris
On Wed, 2003-08-27 at 14:31, Paul Hampson wrote:
> > From: Chris van Meerendonk
> > Sent: Wednesday, 27 August 2003 7:12 PM
>
> > I can install a recent (cvs) version, but I'd like to know
Hi Paul,
I can install a recent (cvs) version, but I'd like to know how to check
which ip-addresses are assigned according to the radius-server. On the
NAS I can check that, just need to know how to compare these. Radius
keeps these things in memory, doesn't it? Are there tools for tracking
this?
On Mon, 2003-08-18 at 05:30, Adam Carmichael wrote:
> Hi All!
>
> I'm currently running FreeRADIUS 0.9.0 on several *BSD boxes with
> MySQL4 for logging accounting and retrieving authentication
> information. I am interested in knowing how to log authentication
> attempts and even possibly why an
t;On Fri, 2003-08-08 at 15:48, Alan DeKok wrote:
> > > Chris van Meerendonk <[EMAIL PROTECTED]> wrote:
> > > > Is it possible to filter attributes that are sent by using radius proxy
> > > > to the home-server? Something like attr_filter in the pre-proxy stage
Include sql in radius.conf in the authorize, authentication and
accounting sections.
Chris
On Mon, 2003-08-11 at 10:55, Ilja A Marchew wrote:
> Hello all.
>
> Where is my fault? How to tell FR to get all auth/acct from mysql
> only?
>
> Mon Aug 11 12:35:01 2003 : Debug: rlm_sql (sql): Released
Sorry, the server is right ;-)
In authenticate you can specify PAP or one of the other types. If you
store your passwords clear-text in mysql change the encryption-scheme in
pap-module to clear.
Regards,
Chris
On Mon, 2003-08-11 at 11:53, Ilja A Marchew wrote:
> Hello Chris.
>
> CvM> Include s
On Mon, 2003-08-11 at 16:45, Chris Brotsos wrote:
> >Another strange thing, if I dialin without a realm, that realm is added
> >after the files section (Proxy-To-Realm =+ realmname). This works for
> >authentication, but not for accounting. With pre-proxy an accounting
> >packet the attr_filter re
On Tue, 2003-08-12 at 15:11, Chris Brotsos wrote:
> >This is probably different behaviour for authorize compared to preacct
> >in rlm_files I guess. Any ideas? Or am I trying to solve this the wrong
> >way?
>
> I've never really used the Replicate-To-Realm option, or changed any code
> regarding
Hi Alan,
On Tue, 2003-08-12 at 15:44, Alan DeKok wrote:
> Chris van Meerendonk <[EMAIL PROTECTED]> wrote:
> > As far as I can see now the problem is that in the acct_users I've got
> > the following:
> >
> > DEFAULT Huntgroup-Name == "h
Thanks Chris!
Your patch cleared things up. It's up and filtering now.
It was indeed very simple (well, you have to know what to look for ;-).
Chris
On Mon, 2003-08-11 at 14:57, Chris Brotsos wrote:
> At 11:03 AM 8/9/2003, you wrote:
> >Hi Chris,
> >
> >I'm having problems finding your mail in t
On Fri, 2003-08-08 at 15:48, Alan DeKok wrote:
> Chris van Meerendonk <[EMAIL PROTECTED]> wrote:
> > Is it possible to filter attributes that are sent by using radius proxy
> > to the home-server? Something like attr_filter in the pre-proxy stage?
>
> If attr_filter
> I sent the post-proxy patch...you probably hadn't received it by the time
> you sent this.
Yes, I guess I was a little impatient, a bad attitude of me...
> I included a patch this time with the post-proxy() and accounting()
> functions. Pay attention to the accounting function as it will mirro
Hello,
Is it possible to filter attributes that are sent by using radius proxy
to the home-server? Something like attr_filter in the pre-proxy stage?
Regards,
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Fri, 2003-08-08 at 15:48, Alan DeKok wrote:
> Chris van Meerendonk <[EMAIL PROTECTED]> wrote:
> > Is it possible to filter attributes that are sent by using radius proxy
> > to the home-server? Something like attr_filter in the pre-proxy stage?
>
> If attr_filter
On Thu, 2003-06-19 at 10:05, gunce ciftci wrote:
>
> Hi All,
> I am stuck at a point while configuring FreeRadius 0.8.1 for a pool of NAS's and
> annex's.
>
> I want to give a group of admin users such ip's that they are above
> 10.0.0.100 and won't be affected by simultaneous-use parameter. My
it with "--enable-snmp=yes".
Chris
> What can cause not compiling with SNMP though I specified that?
> Could it be a bug in the version I'm using (I'm using the latest
> version).
>
> -Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROT
It looks like your freeradius isn't compiled with snmp support, although
you specified it. The only way of *not* getting the SMUX messages in
debug mode was to compile freeradius again with --enable-snmp=no.
Please double check that snmp support was compiled. Since it's default,
you dont have to s
Try: Called-Station-Id =~ "0010$"
Or some other nice regex.
You could also use huntgroups, that limits the number of entries in your
users / acct_users files...
Regards,
Chris
On Wed, 2003-06-18 at 20:56, Scotty B. Lowe wrote:
> Ossama Suleiman wrote:
>
> > you should add your entry not to the
Victor,
I've had the same problem, with an CVS release from about 5/2003. There
have been fixes. With the latest snapshot used with MySQL 4.0.13, InnoDB
tables and also with a snapshot of 11/02/2003 I didn't have these
problems.
Of course I don't know which version you're using. The other thing c
On Fri, 2003-06-13 at 11:39, Roberto Pioli wrote:
> > It's possible for sure, I'm using start/stop date/time, in Dialup-Admin
> > is implemented something for callduration per month if I remember
> > correctly. I changed the sql query in the Authorization Queries:
> >
> > authorize_check_query = "S
Roberto,
It's possible for sure, I'm using start/stop date/time, in Dialup-Admin
is implemented something for callduration per month if I remember
correctly. I changed the sql query in the Authorization Queries:
authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM
${authcheck_table
If you don't need snmp support you can disable it in radius.cfg:
snmp= no
Otherwise you need to configure your snmpd for smux. Smux is used to
pass information to your snmp daemon.
In /etc/raddb/snmp.conf:
smux_password = your_secret
In /etc/snmp/snmpd.conf:
smuxpeer .1.3.6.1.4.1.3317.1.
On Wed, 2003-05-28 at 12:40, Pieter Droogendijk wrote:
> Greetings,
>
> I'm facing an odd problem at the moment.
>
> The ISP i work for has it's own radius servers, however we don't own the CVX. The
> company that owns the CVX decided that it would be a good idea to automatically
> reject a dia
My guess is that the query is ok. It's used for cleaning up all open
accouting records (started, but not stopped) whenever your nas reboots.
It works fine for me.
Chris
On Tue, 2003-05-20 at 10:57, Sepp Rudel wrote:
> When looking at sql.conf and postgresql.conf I'm
> confused. In sql.conf accoun
/4/2003 +0100, Chris van Meerendonk wrote:
> >Hello,
> >
> >I'm using Freeradius 0.81. It's an impressive radius-daemon. Though I've
> >a little problem. I hope you can help me with it.
> >Trying to put accouting tickets into a mysql database (which wor
Hello,
I'm using Freeradius 0.81. It's an impressive radius-daemon. Though I've
a little problem. I hope you can help me with it.
Trying to put accouting tickets into a mysql database (which works
fine), I've added a few extra fields in both the sql database as well as
the sql.conf. This works for
Hi,
Using freeradius 0.81 I've tried the Autz setup using the examples in
/doc. It's working great, but here's a question:
Can I select an Autz-type based on a wildcard Called-Station-Id?
Something like:
DEFAULT Called-Station-Id == "*0015", Autz-Type := Ldap
Regards,
Chris
-
List info/subsc
Thanks, Kostas.
That did the trick indeed.
On Wed, 2003-02-05 at 11:03, Kostas Kalevras wrote:
> On Sun, 2 Feb 2003, Chris van Meerendonk wrote:
>
> > Hi,
> >
> > I've got Freeradius 0.81 installed with ldap-support. Unfortunately our
> > ldap is (a sort of)
Hi,
I've got Freeradius 0.81 installed with ldap-support. Unfortunately our
ldap is (a sort of) OpenLdap v1.2.x. Is it possible to let Freeradius do
auth on this version (ldap v2) of ldap?
Ldap logging:
20030201 23142+0100 ldap1 imdirserv 5350 0 10
Note;LDAPConnMade(62/11) fromhost=192.168.0
33 matches
Mail list logo
