Yes, start the second with:
radiusd -p 1645
it will read the same configuration file thereby mirroring the config on 2
ports. Other options of interest can be seen by issuing: radiusd --help
If you were going to run a different config on two port, you will have to
get creative.
-Original
Title: Message
When I use the
network inclusive clients config to allow NAS on a given network radius access,
under /var/radacct the nas is named via the IP address. If I were to use single
entries for all these clients I would see the client shorname. I propose (when
network inclusive used)
Title: Message
It goes without
saying that my last message (password in log was what was coming
from the NAS, not what was configured) was an id10t moment.
ROFLAM!
--
Michael
If I remember correctly, the password for the ascend users is Ascend
(capital A) although it has been awhile since I have touched a Max or TNT.
--
Michael
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 11, 2002 4:13 PM
To: [EMAIL PROTECTED]
Subjec
What format are you entering the MAC username in? You cannot use
xx:yy:zz:11:22:33 you will have to change it to: xxyyzz-112233
-Original Message-
From: David Petruzzella [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 08, 2002 7:32 PM
To: [EMAIL PROTECTED]
Subject: Re: Configuring Free R
Not sure if there are other implications or not, but I did a quick test of:
1) ran radiusd.init start
2) radiusd -p 1645
First command runs the normal init script and starts radius on port 1812
Second command runs the radiusd executable with the port flag -p to specify
port 1645 (it still reads
Title: Message
I
found the documentation within the file that comes with it most helpful. I
really like the feature that lets you setup a client network rather than a
client. This saved me from having to add almost 100 client entries. Instead I
only had to enter about 12 different networks.
P/EAP.
--
Esteban.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Michael S.
McCollough
Sent: Friday, April 05, 2002 12:01 PM
To: '[EMAIL PROTECTED]'
Subject: RE: Using Radius for Mac Auth. with Wireless Internet.
Wireless access points
Title: Message
Wireless access points to simple auth. Username will be the MAC address
with the password same as the radius secret (most ones I have used anyway.
Username will be either in the format 00-00-00-00-00-00 or
00-00
Basically, go into your access point and point it to the
ccounting {
detail
unix
radutmp
}
session {
radutmp
}
-Original Message-
From: Kostas Kalevras [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 28, 2002 4:06 AM
To: Michael S. McCollough
Cc: '[EMAIL PROTECTED]'
Subject: RE: CHAP-LDAP PAP-LDAP
On We
ticate {
chap
pap
}
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 27, 2002 10:37 PM
To: [EMAIL PROTECTED]
Subject: Re: CHAP-LDAP PAP-LDAP
"Michael S. McCollough" <[EMAIL PROTECTED]> wrote:
> I noticed in radiusd -X
Title: Message
This is
example debug from my previous post
PAP attempt
(Fails) note bind as .
rlm_ldap: login attempt by "testuser" with
password "uchubtest"rlm_ldap: user DN: [EMAIL PROTECTED],ou=People,dc=uchub,dc=comrlm_ldap: (re)connect to ldap:389:389, authentication
1rlm_ldap: bi
I noticed in radiusd -X that PAP trys to bind to the ldap directory where
CHAP appears to do a simple search/read The bind status does not show up in
the debug. Is there a way to make PAP behave like CHAP with the ldap module?
-Original Message-
From: Michael S. McCollough [mailto:[EMAIL
sday, March 27, 2002 5:43 PM
To: '[EMAIL PROTECTED]'
Subject: Re: CHAP-LDAP PAP-LDAP
On Wed, 27 Mar 2002, Michael S. McCollough wrote:
> This is fun:
> Now, PAP will authenticate when an LDAP user has a {crypt} password
> and will not work with a clear text password stored in ldap? Th
Message-
From: Michael S. McCollough [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 27, 2002 1:58 PM
To: '[EMAIL PROTECTED]'
Subject: CHAP-LDAP PAP-LDAP
This is fun:
Now, PAP will authenticate when an LDAP user has a {crypt} password and will
not work with a clear text password stor
This is fun:
Now, PAP will authenticate when an LDAP user has a {crypt} password and will
not work with a clear text password stored in ldap? The following user has
password stored {clear}
Can you tell me how to get around this as I will need to store all ldap
passwords {clear} to use CHAP.
Than
I am usually not a complete idiot, but I cannot get this to work. Using the
settings for radiusd you recommended I cannot get PAP or CHAP to work. PAP
will work if I put ldap back in the authenticate section. I am beyond the
point of embarrassed now but must keep going.
Below are my results:
Rad
I am using:
ldapadd -h localhost -D "cn=manager,dc=uchub,dc=com" -W -f adduser.ldif -x
This is what the file contains
[root@radius migration]# cat /adduser.ldif
dn: uid=me,ou=People,dc=uchub,dc=com
uid: me
cn: Test Account
objectClass: account
objectClass: posixAccount
objectClass: top
objectCla
Thanks for the answer, but I believe you conclusion is my original question.
How do you store passwords in plain text in ldap? It is plain text in my
ldif file but not in the ldap directory.
-Original Message-
From: pavesi [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 27, 2002 12:06
I have only one more question and my critical elements will be done (not to
say I will never have questions again). I have identified my problem with
CHAP as my ldap directory is storing encrypted passwords. I removed rootdn =
{crypt}q2r124lojqslk and replaced it with rootdn = mypassword to see if
4:17 PM
To: Michael S. McCollough
Cc: '[EMAIL PROTECTED]'
Subject: RE: CHAP-Password & LDAP Auth?
On Tue, 26 Mar 2002, Michael S. McCollough wrote:
> Are you using LDAP? This did not work for me. I did get the realms
> working though.
Yes, but you _do not_ authenticate off of L
PPP,
Ascend-Data-Filter = "IP IN FORWARD TCP",
Ascend-Data-Filter += "IP IN FORWARD 0 DSTIP AA.BB.CC.DD/EE",
Ascend-Data-Filter += "IP IN DROP TCP DSTPORT = 25",
Ascend-Data-Filter += "IP IN FORWARD 0",
Ascend-Assign-IP-Poo
It is my understanding that when
Something.com LOCAL
Is in the realms file, when an username of [EMAIL PROTECTED] is sent to the
radius server it will lookup something.com in the realms file and pass "me"
as a username to authenticate. That is not how it is working so can someone
explain how
This is what I am getting with radiusd -X:
rlm_ldap: waiting for bind result ...
rlm_ldap: performing search in dc=uchub,dc=com, with filter
([EMAIL PROTECTED])
rlm_ldap: object not found or got ambiguous search result
ldap_release_conn: Release Id: 0
modcall[authenticate]: module "ldap" return
I am probably just dense but either the faq is incomplete or I cannot
translate to suit my needs. I cannot even get chap to work with Auth-Type
:=system I need it to work with ldap. Once key point may be CHAP vs
MS-CHAP. The radiusd.conf file only has ms-chap in it. I remember log time
ago when c
you didn't filter the attributes when you enable attr_filter
module. If you disable the module, you shouldn't have the problem.
> -Original Message-----
> From: Michael S. McCollough [mailto:[EMAIL PROTECTED]]
> Sent: Monday, March 25, 2002 7:02 PM
> To: '[EMAIL PRO
Why don't you use groups?
-Original Message-
From: Steve Tolman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 21, 2002 1:25 PM
To: [EMAIL PROTECTED]
Subject: LDAP Attributes
Hello,
I am using FreeRadius 0.5 and need to be able to Authorize users based
on an LDAP attribute. I would
Can someone provide an example that shows how to see all attributes the
radius server responds with?
Specifically I have:
DEFAULT Service-Type = Framed-User
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-MTU = 576,
X-Ascend-Data-Filter = "ip in
Thanks to all for the feedback, I appreciate the quick responses.
Unfortunately I had to go to a funeral (no one close) and could not repond
sooner.
Thanks again
Michael
-Original Message-
From: Michael S. McCollough [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 22, 2002 3:50 PM
To
Can someone provide example of using radclient to verify CHAP works?
Thanks
Michael
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
We are in the process of setting up Radius to work with Wcom/UUNet resell as
well. If you could share your user config with me so I could see how the
setup looks (I assume yours is working), it would save me a lot of time
trying to understand their less than adaquate documentation on how to set i
Funny thing is Wcom give you a choice in their configure sheet of using PAP
or CHAP but then tell you both must be supported when you go to schedule the
test time. :)
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 20, 2002 4:13 PM
To: [EMAIL PROTECT
There are only about 15 user accounts in the directory, nothing else.
Indices are Defaults
index objectClass,uid,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq,subinitial
-Original Message-
From: Mike Cathey [mailto:[EMAIL PROTECTED]]
Sen
orize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "suffix" returns ok
users: Matched DEFAULT at 100
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type l
ldap cache size will be unlimited
# default: 0
ldap_cache_size = 0
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 18, 2002 10:54 AM
To: [EMAIL PROTECTED]
Subject: Re: LDAP
"Michael S. McCollough" <[EMAIL PROTECTED]>
ax: +61 (03) 58 711 874
"It's the smell! If there is such a thing." Agent Smith - The Matrix
- Original Message -
From: "Michael S. McCollough" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, March 18, 2002 3:24 PM
Subject: RE: Welcome to the
I am having trouble with radiusd. I am using Freeradius 0.4 (0.5 came out
just a couple of days after I downloaded this so rather than update, I would
like to get 0.4 working properly first then update). I am authenticating off
an LDAP directory and it connects and authenticates (sometimes). When
37 matches
Mail list logo