quest packets properly.
Livingston Portmasters were one. I'd highly recommend looking at
upgrading the NAS code as the suspect here.
Also, if this is an older Ascend box, Ascend didn't quite follow the RFC
method of encrypting PAP passwords when sending to the NAS ( they added
addition
Damn, I was minutes away from posting about the exact same problem. :)
I await the fix eagerly.
Chris Kalin
- Original Message -
From: "Chris Parker" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, May 31, 2002 09:06 AM
Subject: Re: Removal of Proxy-S
roxy. Is there a
>way to make freeradius only return the specific Proxy-State attribute from
>the request and not include those which it creates.
Yes, it should do this. It's a bug. This will get fixed shortly.
-Chris
--
\\\|||/// \ StarNet Inc. \ C
search failed
>ldap_release_conn: Release Id: 0
> modcall[authorize]: module "ldap" returns notfound
If this is the problem you are talking about, you can configure LDAP
to use a different attribute ( Stripped-User-Name I believe ) rather
than the full User-Name.
If that
t doesn't seem to be included in the mySQL schema. It's something I'll have to take a look at, I'm sure there's documentation out there.
Thanks again Simon, I'll be sure to leave ya alone for a few days, hehe.
Chris DeRamus
HQ VPN Administrator
Verizon
301-903-2093
>pointing live customers at the server.
Please see the methods documented in 'doc/performance-testing'
-Chris
>Thanks in advance for any help you can give me.
>
>Cheers,
>John
>
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
exec.
>
>Could one of the developers please take a look at the patch sent to
>-devel so this could perhaps be integrated?
This patch was integrated yesterday, so it exists in the snapshot for
last night, and all current CVS builds.
Thank you very much for submitting the patch! :)
-Chris
up name and group password. Next I want the user TestRad to authenticate himself. After these two authentication requests pass through, everything *should* be okay.
Chris DeRamus
HQ VPN Administrator
Verizon
301-903-2093
-Original Message-
From: Simon [mailto:[EMAIL PROTECTED]]
Sent:
omehow *trick* FreeRadius into realizing that the first authorization/authentication request is the Group Name and Pass, and then it will still listen for another request (Username/Pass)?
Thanks again for your patience,
Chris DeRamus
-Original Message-
From: Simon [mailto:[EMAIL PROTECTED]]
modcall: group authorize returns ok
rad_check_password: Found Auth-Type pap
auth: type "PAP"
modcall: entering group authenticate
rlm_pap: login attempt by "TestRad" with password TestRad
rlm_pap: Could not find password for user TestRad
modcall[authenticate]: module &q
alue pair
modcall[authorize]: module "counter" returns noop
users: Matched DEFAULT at 148
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Local
auth: type Local
auth: No password configured for the
cally done, but tying it into FreeRadius would be nearly impossible from what I'm understanding. That means the password needs to also be stored in one of the configuration files correct? Such as clients.conf? Or is PAP just used to verify the password stored in the SQL database?
Thanks again,
t I'm missing my sql.conf or does it look like something is screwy in the radiusd.conf itself possibly?
I can copy paste the entire conf files but I figured I wouldn't start out with that for now to make this thread a bit smaller in case other people experience this.
Thanks,
Chris
ailed to validate the user.
Login incorrect: [TestRad]
I apologize for seeming like an idiot or any confusion I may
be causing but I am totally out of ideas, I appreciate your time.
Cordially,
Chris DeRamus
HQ VPN Administrator
Verizon
301-903-2093
but that would take more overhead.
Another way could be to call an external program to do the logging. Also,
I believe you may also be able to include multiple SQL queries, but I'm
not sure if that will work.
-Chris
>Hooman
>
>
>_
#x27; module. This is exactly what
they were created for.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \
=
>sql_escape in: 'DEFAULT'
>sql_escape out: 'DEFAULT'
>sql_set_user: escaped user --> 'DEFAULT'
>
>I'm running Freeradius v0.5 on a FreeBSD machine.
>
>Where is it getting DEFAULT from?
Do you have a DEFA
mary jobs ( though some are fortunate to have employers that allow work
on FreeRADIUS as part of normal work ).
Sorry this doesn't answer your question, but there really isn't a
defined schedule.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~
Ascend Max I'm using didn't like the data it got
>as part of the radius reply. Is there some flaw in the abinary data type
>that's mis-interpreting the data filter as syntax errors??
dstpost is a typo in the examples listed in the 'dictionary.ascend'. It
should b
r := "ip in forward dstip ip.of.mailbox/32",
> Ascend-Data-Filter := "ip in drop tcp dstport = 25",
> Ascend-Data-Filter := "ip in forward",
> Fall-Through = yes
>
>what gives?
Run a recent version. Earlier versions have known problems t
scription of what
>'==' does.
This is not 'users'. This is 'attrs'. The operators specified were
correct for that usage, apart from the Data-Filter ones, which should
have been := ( Set Operator ). :)
-Chris
--
\\\|||/// \ StarNet In
t;ip in forward"
>
>
>but alas, the filters do not get send. What am I missing?
:= is the operator you want.
And you really want to upgrade to the latest release, as there have been
changes to the way attrs is parsed and the operators you can use ( two new
ones are now available =* and
t
>present the correct username and password and their Calling Station Id. The
>information is required in case of abuse of the service. I use local
>authentication as below.
Add to your check-items:
Calling-Station-ID =* ANY
-Chris
--
\\\|||/// \ StarNet Inc.
I run make I
>get the following errors
Try to use the CVS snapshots. We are nearing the 0.6 release, so there
have been many fixes since 0.5 came out.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Direct
nk we should break the RFC becuase Lucent killed the PM3 without
completing ComOS.
( Yes it does suck, as I was a big fan of the PM3, but have moved on to
cisco and Ascend gear because I need something that is supported. )
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris P
to understand "core"
>files... gdb is a bit mysterious for me...
See the 'docs/bugs'. You may not be able to understand it, but if you can
capture it and send it to the list, then we can analyze it.
-Chris
--
\\\|||/// \ S
should look at your mysql tables, and investigate creating additional
indexes. Use the 'explain' function of mysql.
More docs on tuning mysql available at: www.mysql.com.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \
an accounting-stop packet there
> is a "segmentation fault".
This should create a 'core' file that you can back-trace with gdb. Or,
you could run radiusd from inside gdb and issue the 'bt' ( backtrace )
command when/if it crashes.
-Chris
--
\\\|||/// \
ilter rules from the NAS ( PIX )
documentation.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \
ill be
>able to proxy them to radius2.
Setup the realm 'sybase.com' as you have now.
Add entries to the users file that contain the 'Proxy-To-Realm' attribute.
Usage is the same as the 'Replicate-To-Realm' attribute discussed on this
list a short
directed to a support list for the NAS you are
using, as FreeRADIUS is certainly capable of returning any attribute to
the NAS. What attributes are required are up the the NAS vendor.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX
r. That
is not something the server does currently, so you'd have to patch it
to do that if that's really what you want.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* W
ll expand variables, yes.
See the info in './docs/variables.txt' for what and how this will expand
variables to values.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @
At 05:06 PM 5/21/2002 +0300, Kostas Kalevras wrote:
>On Tue, 21 May 2002, Chris Parker wrote:
>
> > You could implement this via a modified 'rlm_counter' module that returns
> > a 'Session-Timeout' value for the remaining time allocated to the user, if
> &
NAS. It is possible to have
radius attempt to handle ip pools, but there are many pitfalls to this
type of implementation. See the 'rlm_ippool' experimental module for
one way to try ip pools managed by the FreeRADIUS server.
-Chris
--
\\\|||/// \ StarNet Inc. \
is
not guaranteed or required, caveat emptor.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starne
use
>Ascend-Terminate-Cause, but it still doesn't save it. I turned on detail
>logging and I see the attribute being returned by the terminal server, but
>it's getting lost somewhere after that. Has anybody else had this problem?
Not sure there, what are the column definitions
the filter syntax at the top of the dictionary file.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \ (847) 963-011
s this possible??
>
>Thanks for your help, and sorry for the repeated question
See the ./raddb/acct_users for an example on usage of 'Replicate-To-Realm'.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireles
ay need to modify/update your 'sql.conf', so that the username is
pulled correctly from the packet. See the part where it discusess the
options you can use to set what values ( and what order it tries ) to
find the username to use.
-Chris
--
\\\|||/// \ StarNet Inc.
oesn't
>send the Framed-IP-Address returned to the user in the first accounting
Read the docs. This is covered in the 'cisco' readme in the 'docs' directory.
You need to add a config command to your cisco NAS that tells them not
to send the acco
he heck do I know about building a big network...
I've spoken my bit here, so I'll stop flogging the deceased equine.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Enginee
iour was not
what you'd expect.
-Chris
>thx.
>
>--
>Cheers,
>CM.
>
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wi
that is not clear, you need to study routing, route summarization,
and ip subnetting some more.
>Back to the original question; can I have two Radius server
> managing the same IP address pool?
No. ( And you really really really don't want to for 30,000 ips ).
-Ch
radius does not share infop about the ips already in use?
>
> Yes, I kown I can have 'N' different ip pools configured, one for
> each NAS , but I'm talking about 30.000 dial ports, so I can't allocate
> 30.000 * N ips available.
Why would you not want t
At 11:28 AM 5/15/2002 -0700, Raghu wrote:
>Chris Parker wrote:
> >
> > Yes, but that has far less support ( at the moment ) than IPSec and is
> > still draft. :\
> >
>
>I think, for now EAP-TTLS does not have any added advantage over IPSec.
>
>Just cur
hone number calling from, one could imagine
some social engineering attacks...
Yes it is pretty paranoid to think that someone would be interested
in that, but it also appears that it might not be overly hard to
add IPSec hooks, either.
-Chris
--
\\\|||/// \ StarNet Inc.
Solaris:
Supported in Solaris8
Linux:
http://www.freeswan.org/intro.html
Others:
?
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
At 11:54 AM 5/15/2002 -0400, Alan DeKok wrote:
>Chris Parker <[EMAIL PROTECTED]> wrote:
> > That could be solved by establishing an IPSec tunnel between our radius
> > and your servers, setting up a direct network connection ( peering point )
> > for exchange of radius
At 08:39 AM 5/15/2002 -0700, Bill Campbell wrote:
>On Wed, May 15, 2002 at 08:58:17AM -0500, Chris Parker wrote:
> >At 03:18 PM 5/15/2002 +1000, Andrew Tait wrote:
> >>http://www.untruth.org/~josh/security/radius/radius-auth.html
> >>
> >>For those interested
t;
>Psl help in solving this..
Fix the 3com hiper so it sends accounting. Not much the server can do
there.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.ne
ounter: (Check item - counter) is greater than zero");
-x sets debug level to one, prints all DEBUG() statements.
-x -x sets debug level to two, prints all DEBUG() and DEBUG2() statements.
-x -x -x sets debug level to three, prints all DEBUG() and DEBUG2()
statements w
values are known only locally to each server. You could use the
'sqlcounter' which would allow you to centralize the counter data to an
sql server that both radius servers would query/update.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~
yet widely supported
on dialup NAS, though it does seem to be used on quite a few
Wireless/Ethernet access products.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starne
us server. Like
I said before, if an attacker has access to your network in such a manner
there are *lot* of interesting things they can do, cracking radius is
just one of them. :)
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is*
it
>is. Examples are always welcome.
Sorry, it's just not possible with *any* radius server.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://ww
or not, but they all depend on what you are trying to do.
Try rephrasing your question with more details, instead of a demanding
"tell me how to do this" statement, you'll get better responses that way.
-Chris
--
\\\|||/// \ StarNet Inc. \ Ch
"Patches are welcome!" :)
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \ (847) 96
up ).
More information is available from here:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t3/dt_asmib.htm
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
course, changing the variable in
the sql.conf file made everything work, but I'm curious why this change was
made in the first place. Am I doing something wrong?
Thanks,
Chris Kalin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
icitly permitted, 'rlm_attr_filter' will not permit an
attribute through.
attrs:
realm.com
Class =* ANY,
Proxy-State =* ANY
users:
DEFAULT
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255
hive
shows that others were having a similar problem with the "classic"
radutmp-based simultaneous use code. Does anyone have any suggestions?
Thanks,
Chris Kalin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 05:56 PM 5/10/2002 -0400, Aamer Akhter wrote:
>Chris,
>
>still problems. can you also CC me on the reply directly? I have to cut
>and past from the
>archive currently..
>
>
>
>At 11:27 AM 5/10/2002 -0400, Aamer Akhter wrote:
> >Hello,
> >
> >I jus
ng the user
That's the problem. Module 'files' returned 'notfound', so it didn't
match the username for some reason.
>smartbits Auth-Type := Local
> Password == "xxx",
These should all be on one line.
>any ideas on what my ne
At 12:58 PM 5/10/2002 +0300, Aleksandr Kuzminsky wrote:
>On Thu, 9 May 2002, Chris Parker wrote:
>
> > DEFAULT Auth-Type := Reject, Calling-Station-Id = "5551212"
> > Reply-Message = "Your Phone Number Is Banned"
>
>Well, but some auth-requ
s still a development release ( albeit one
that is more likely not to have show-stopping bugs than nightly builds ).
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Parker
\ ~ ~ / \ WX *is* Wireless!\
on := 216000
Fall-Through = 1
Which is more than a little different from the docs included with the
sqlcounter module. Although this works exactly the way I'd expect it to, am
_I_ the one doing this wrong?
Chris Kalin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 06:24 PM 5/7/2002 +0300, Andrey Lakhno wrote:
>Hi !
>
>It seems there is a bug in proxy implementation in freeradius-0.5.
Which has been fixed in the latest CVS.
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Parker
\ ~ ~ / \ WX *is*
ess in my opinion anyway. It is always
best to let the NAS handle ip assignment, IMHO.
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \ (847)
NAS-Port-Id = "0"
>rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=111, length=66
> Reply-Message = "Your account cannot be used to dial in with."
>
>
>but test with realm doesn't.
What does your 'proxy.conf' file look like
operator.
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \ (847) 963-0116
oOo---
t? I don't want to use RIP or anything like that to propagate
> tousands of host routes.
Then let your NAS assign the addresses. You can run NAS assigned dynamic
addresses with a dynamic protocol just fine.
If you don't want to announce ( and withdraw ) thousands of host routes
into
Alan, you da man. :) The rlm_unix fix you commited to CVS this morning
worked like a charm. Thanks so much for jumping on this.
Chris Kalin
> - Original Message -
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, M
Yeah, for some reason, I can't make it work by replacing the rlm_unix module
in the CVS with the ones from 0.4 or even 0.3. I'll wait for the fix
tonight and give it a shot.
Thanks again,
Chris Kalin
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]
o what you want.
These both sound like good ideas, thanks for all the help!
Chris Kalin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
thentication. I don't
> even know *how* you would get the PAM module to do group access, as
> PAM Just Doesn't Do That.
That's what I thought. :) I was just throwing it out as a suggestion -
I've seen nothing of the sort from PAM either.
Thanks in advance for any help anyone can provide.
Chris Kalin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
CVS on this particular server, and now
it's cheerfully ignoring these lines, eventually matching the DEFAULT entry
that lets everyone in.
I'm using the "unix" module for auth, not PAM. I can switch to PAM if need
be, but I remember having _no_ luck with groups under PAM.
Anyon
Yup, that's what I've done for now, and it works perfectly. Thanks
everyone!
Chris Kalin
- Original Message -
From: "Franklin Trumpy" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, May 05, 2002 11:49 AM
Subject: Re: Returning Proxy-State (or
g on
with the list server?
Thanks in advance.
Chris Kalin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
read the username from NAS, but why the username changes to DEFAULT
> when talking to mySQL?
Sounds to me as if the user ('peterl' in your case) just doesn't exist in
your mysql db?
Correct me if I'm wrong, but afaik DEFAULT is used for all users that are
not explicitly liste
Is the list down?
Sorry for the noise.
Chris Kalin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
CVS on this particular server, and now
it's cheerfully ignoring these lines, eventually matchine the DEFAULT entry
that lets everyone in.
I'm using the "unix" module for auth, not PAM. I can switch to PAM if need
be, but I remember having _no_ luck with groups under PAM.
Anyon
gure rlm_ippool according to the examples and documentation provided.
You'll probably have to play with it a while.
And for the record, I'm against the radius server attempting to assign
ip's. It may work in very small environments, but it does not scale.
-Chris
--
\\\
restart the daemon
What OS? Also, what modules are you using ( LDAP, SQL, ??? ). What does
'top' show. Is FreeRADIUS the cpu hog? Does it happen in debug mode? If
so, what is FreeRADIUS doing when it spikes CPU ( based on debug message
output ).
-Chris
--
\\\|||///
try yourself. Please post your results here, and we can attempt
to help make any changes that might be needed to enable it to compile.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ h
At 11:56 AM 5/2/2002 +0100, Dan Bell wrote:
>Is it possible to run two RADIUS servers on the same box (i.e. one RADIUS
>server serving port 1645 and another daemon serving port 1812)?
Yes, simply install the config files into different directories and edit
appropriately.
Yeah, I figured that out in the day and a half between when I posted that
message and when it went to the list the first time - and then it went out
again the following day. Sorry about the noise. :)
Chris Kalin
- Original Message -
From: "Chris Parker" <[EMAIL PROTECTED]
ts a different layout...
Kind regards,
Chris
--
Christoph R. Hartel
Linux System Administrator
eMind GmbH | phone: +49 671 794613 - 0
Rosenheimer Strasse 2-4 | fax:+49 671 794613 - 50
D-55543 Bad Kreuznach| mobile: +49 163 723
www.emindgroup.com | email: [E
driver rlm_sql_freetds: file not found
rlm_sql: Make sure it (and all its dependent libraries!) are in the search
path of your system's ld.
radiusd.conf[4]: sql: Module instantiation failed.
The file rlm_sql_freetds.so is located in /lib/ (exactly as
rlm_sql_mysql.so). So why doesn't radiusd fi
does the stop record/nas logging show for the disconnect cause?
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \ (847)
At 12:11 PM 4/29/2002 -0500, Chris A. Kalin wrote:
>I was just curious if there's a way I can tell configure to build all
>available modules dynamically and place them into the $blah/lib directory.
>
>With 0.5 and previous, I could type ./configure --with-pam --with-mysql and
etail
and rlm_files, etc. Now, I have to explicitly tell configure EVERY module I
want, which is a bit of a pain.
Am I missing a new configuration directive?
Thanks...
Chris Kalin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ame == "border-routers"
Check-items ( the huntgroup comparisons ) *must* all be placed on the first
line. Reply-items belong on the lines below.
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, E
er', which
is still experimental and has config examples in 'experimental.conf'.
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @
uthorize {
one
two
}
accounting {
one
two
}
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://ww
ore I did too much damage, so I didn't have time to
packet sniff or anything.
This was a right around 0.4 CVS version, but the exact date escapes me right
now.
I can provide complete config files if anyone is interested, but I'm going
to try this with the current CVSs first.
Oh, and Linu
7;t
really troubleshoot past isolating Simultaneous-Use as the cause. I've
actually been meaning to revisit this now that .5 is out and see if life is
better.
Although it is reassuring to see that it didn't only bite me. :)
Chris Kalin
- Original Message -
From: "Alan DeKo
e
>DEFAULT entries for all your realms, including the various combinations of
>Prefixes/suffixes etc. Seems that the rlm_realm was designed to deal with
>realms and therefore checks should be done there. Not a big deal, just a
>little tidier IMO.
Perhaps, though I'd rathe
e proxied as usual.
>
>Any Comments?
Why is not possible to simply do this in the 'users' file with:
DEFAULT Called-Station-Id == 1234, Proxy-To-Realm := "company.com"
Fall-Through = No
-Chris
--
\\\|||/// \ StarNet Inc. \Chris Pa
of
general "how to use a database".
See some examples at:
http://www.mysql.com/documentation/mysql/bychapter/manual_MySQL_Database_Administration.html
You really need to learn how to admin a relational database. That requires
a knowledge of how they work, and cannot be acc
501 - 600 of 908 matches
Mail list logo