you mind naming it dictionary.university_of_bristol on the basis
that the official IANA vendor code calls it this? I'll also be updating
my documentation to include FreeRADIUS info, as well as spit IAS.
josh.
--
---
Josh Howlett, Networking
as to the formatting of this attribute?
many thanks, josh.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED
? See http://www.freeradius.org/list/users.html
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED
in this hypothesis is that the dead time is configured
at ten minutes (dead_time = 600) yet the server continues to drop RADIUS
packets beyond this time.
I would be interested in any ideas or suggestions to fix this.
many thanks, josh.
--
---
Josh Howlett
appreciate an educated opinion!
best regards, josh.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED
On Tue, 2003-10-14 at 12:18, Josh Howlett wrote:
Can someone please briefly indicate the expected behaviour of FreeRADIUS
where a realm has a single instance of a {auth|acct}host is specified,
but this server has been marked dead owing to inactivity?
My reading of the source suggests to me
On Tue, 2003-10-14 at 15:22, Alan DeKok wrote:
Josh Howlett [EMAIL PROTECTED] wrote:
My reading of the source suggests to me that it will get dropped
silently, but I would appreciate an educated opinion!
Pretty much. Sending a reject request may be friendlier, though.
Yes. It would
On Wed, 2003-10-08 at 17:55, Chris Parker wrote:
At 10:45 AM 10/8/2003, Josh Howlett wrote:
I am using freeradius (0.9) to proxy RADIUS packets.
I have run into a possible bug. A username with a Windows domain
prepended to the user in the format CC\\username gets proxied in the
format C
of users, and non-trivial
networking requirements then you might like to look at it. Hopefully it
might help someone avoid re-inventing a wheel...
http://www.bris.ac.uk/is/services/computers/nwservices/nomadic/download
josh.
--
---
Josh
-pppd.html
josh.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED
.
Is it not possible to access FR internal attributes in this way? If so,
any ideas how I might achieve a similar effect?
best regards, josh.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University
/unsubscribe? See http://www.freeradius.org/list/users.html
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED
whether this was an
accounting packet and, if so, to exit immediable.
Is this possible? Or is there another way of achieving the same effect?
josh.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing
Is it possible to use ldflag=round_robin for the DEFAULT and NULL
realms? I'm using a CVS version post 0.81 and it doesn't seem to work
(just proxies to whichever realm is defined last). Or so it seems...
thanks, josh.
Josh Howlett
What's the easiest way to copy accouting packets to a second server,
without using radrelay?
tia, josh.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928
.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED]
---
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED]
---
-
List info/subscribe
sufficient information to diagnose the error then please
let me know and I will send more information.
Thanks in advance
Guy Warner
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
---
Josh Howlett
On Wed, 2003-03-26 at 14:31, Alan DeKok wrote:
Josh Howlett [EMAIL PROTECTED] wrote:
Might I suggest a general mechanism for implementing this, whereby
arbitrary and application-specific variable/value pairs are passed to
the WWW application within a 'generic' wrapper A/V? The auth server
On Wed, 2003-03-26 at 15:56, Alan DeKok wrote:
The sole objective, at least from where I'm standing, is to pass
information about a user from a database (or equiv.) to apache.
to *where* in Apache?
Ah, I understand. I assumed that Apache would provide an nice easy
interface for this
.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED]
---
-
List info/subscribe/unsubscribe
In the docs, it states the mod_radius_auth does not support digest
authentication.
Is this by virtue of it being impossible-in-principle, or merely
as-yet-not-implemented?
Thanks, josh.
--
---
Josh Howlett, Networking Digital
On Tue, 2003-03-04 at 12:00, Alan DeKok wrote:
Josh Howlett [EMAIL PROTECTED] wrote:
To clarify, I want users to authenticate via HTTP via mod_auth_radius
against a remote RADIUS server without the intermediate WWW server (or,
for that matter, anything else) gaining knowledge of the user's
.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED]
---
-
List info
Is it possible to select a realm using wildcards?
ie.
realm foo* {
...
}
realm *bar {
...
}
Thanks, josh.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing
Hi,
I got an error when I tried to specify a realm length 63 characters.
Is this an arbitrary limitation that could be extended beyond 63
characters?
Thanks.
josh.
--
---
Josh Howlett, Networking Digital Communications,
Information
Regarding:
http://freeradius.org/cvs-log/2003-02-18.09%3A00%3A00.html#file-radiusd-src-main-radiusd-c,0
I can confirm that this fix works.
josh.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing
.
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED]
---
-
List info/subscribe/unsubscribe? See http
be prepared to consider sponsoring the development of an
'rlm_exec' module (depending on the price) - any takers?
josh.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K
.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED]
---
-
List info/subscribe/unsubscribe? See
On Thu, 2002-12-19 at 16:31, Alan DeKok wrote:
Josh Howlett [EMAIL PROTECTED] wrote:
The scripts/exec-program-wait example suggests that you can add
arbitrary AVs to RADIUS packets by writing to stdout from witin the
exec-program script.
Is this a correct interpretation? Should
at 15:52, 3APA3A wrote:
Dear Josh Howlett,
No. rlm_smb is authentication module, not authorization one. You can use
either rlm_mschap or rlm_smb.
--Wednesday, November 27, 2002, 6:46:43 PM, you wrote to [EMAIL PROTECTED]:
JH Does that include rlm_smb?
JH thanks, josh.
JH On Wed, 2002
Hi,
What can Freeradius use to authenticate MS-CHAP against? I know of the
following methods:
- the 'users' file
- /etc/smbpasswd
- LDAP directory
- proxy to another RADIUS server
Are there any others?
thanks, josh.
--
---
Josh
Does that include rlm_smb?
thanks, josh.
On Wed, 2002-11-27 at 15:34, 3APA3A wrote:
Dear Josh Howlett,
You can use mschap authentication module in conjunction with any
authorization module (for example sql or dbm). All you need is cleartext
or NT-crypted password to be accessable
,
for some reason Freeradius sees this as !
Does anyone have any suggestions what else I could try?
many thanks, josh.
--
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone
(Microsoft implementation of RADIUS) and use FreeRADIUS as
proxy to IAS.
I do this. It works (even if MS IAS is a toy compared to FreeRADIUS).
josh.
Josh Howlett, Networking and Digital Communications Group,
Information Systems Computing, University of Bristol.
email: [EMAIL PROTECTED
to xxx.xxx.xxx.xxx:xx
And the NAS generates the error:
WARNING: Identifier does not match - ignoring response
WARNING: Invalid response signature - check secret!
Josh Howlett, Networking and Digital Communications Group,
Information Systems Computing, University of Bristol
this behaviour?
josh.
Josh Howlett, Networking and Digital Communications Group,
Information Systems Computing, University of Bristol.
email: [EMAIL PROTECTED] | phone: +44 (0)117 928 7850
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
1) Does freeradius write it's PID anywhere?
2) What signals does freeradius accept?
thanks, josh.
Josh Howlett, Networking and Digital Communications Group,
Information Systems Computing, University of Bristol.
email: [EMAIL PROTECTED] | phone: +44 (0)117 928 7850
-
List info/subscribe
.
Josh Howlett, Networking and Digital Communications Group,
Information Systems Computing, University of Bristol.
email: [EMAIL PROTECTED] | phone: +44 (0)117 928 7850
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Which attribute do NASes usually expect to specify the speed of a
connection for a user?
thanks, josh.
Josh Howlett, Networking and Digital Communications Group,
Information Systems Computing, University of Bristol.
email: [EMAIL PROTECTED] | phone: +44 (0)117 928 7850
-
List info
Hi,
Is it possible to ocnfigure a Freeradius proxy to log details of accounting
packets that it is proxying?
thanks, josh.
Josh Howlett, Networking and Digital Communications Group,
Information Systems Computing, University of Bristol.
email: [EMAIL PROTECTED] | phone: +44 (0)117 928 7850
Hi all,
Is it possible for freeradius, acting as a proxy, to add an arbitrary
A/V pair to a RADIUS packet?
thanks, josh.
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K
I should add: specifically, accounting packets.
thanks, josh.
Hi all,
Is it possible for freeradius, acting as a proxy, to add an arbitrary
A/V pair to a RADIUS packet?
thanks, josh.
Josh Howlett, Networking Digital
/unsubscribe? See http://www.freeradius.org/list/users.html
Josh Howlett, Networking Digital Communications,
Information Systems Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED
Hi all,
Is it possible to configure freeradius to only compile and install
certain specified modules? Or do you have to compile the lot, and then
remove the modules you don't use?
cheers, josh.
Josh Howlett, Networking Digital
in this matter,
josh.
On Mon, 27 May 2002, 3APA3A wrote:
Dear Josh Howlett,
Replace dictionary.microsoft in _both_ RADIUS source and installation
(normally /usr/local/etc/raddb) dir, it should help (make sure you have
latest CVS snapshot, older FreeRADIUS incorrectly handles tunnel
Hi,
What is the status of encrypted attribute support in Freeradius at the
moment? It appears to be broken - has anyone had similar problems?
thanks, josh.
Josh Howlett, Networking Digital Communications,
Information Systems
Josh Howlett [EMAIL PROTECTED] wrote:
What is the status of encrypted attribute support in Freeradius at the
moment? It appears to be broken - has anyone had similar problems?
WHICH encrypted attribute? There's more than one, and there are a
number of different encryption schemes
suggest sounds sensible to me, but I do not know much at all
about RADIUS :-(.
regards, josh.
--This is a forwarded message
From: Josh Howlett [EMAIL PROTECTED]
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
Date: Monday, May 27, 2002, 7:28:36 PM
Subject: Encrypted attribute problems
===8
51 matches
Mail list logo