Re: Problems with MySQL authentication was Re: Problems with MySQL Auth-Type

quest packets properly. Livingston Portmasters were one. I'd highly recommend looking at upgrading the NAS code as the suspect here. Also, if this is an older Ascend box, Ascend didn't quite follow the RFC method of encrypting PAP passwords when sending to the NAS ( they added addition

Re: Removal of Proxy-State

Damn, I was minutes away from posting about the exact same problem. :) I await the fix eagerly. Chris Kalin - Original Message - From: "Chris Parker" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, May 31, 2002 09:06 AM Subject: Re: Removal of Proxy-S

Re: Removal of Proxy-State

roxy. Is there a >way to make freeradius only return the specific Proxy-State attribute from >the request and not include those which it creates. Yes, it should do this. It's a bug. This will get fixed shortly. -Chris -- \\\|||/// \ StarNet Inc. \ C

Re: Realm's not being removed.

search failed >ldap_release_conn: Release Id: 0 > modcall[authorize]: module "ldap" returns notfound If this is the problem you are talking about, you can configure LDAP to use a different attribute ( Stripped-User-Name I believe ) rather than the full User-Name. If that

RE: Problems with MySQL Auth-Type

t doesn't seem to be included in the mySQL schema. It's something I'll have to take a look at, I'm sure there's documentation out there. Thanks again Simon, I'll be sure to leave ya alone for a few days, hehe. Chris DeRamus HQ VPN Administrator Verizon 301-903-2093

Re: radius load test program

>pointing live customers at the server. Please see the methods documented in 'doc/performance-testing' -Chris >Thanks in advance for any help you can give me. > >Cheers, >John > > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/

Re: accounting update packets don't write into mysql database

exec. > >Could one of the developers please take a look at the patch sent to >-devel so this could perhaps be integrated? This patch was integrated yesterday, so it exists in the snapshot for last night, and all current CVS builds. Thank you very much for submitting the patch! :) -Chris

RE: Problems with MySQL Auth-Type

up name and group password. Next I want the user TestRad to authenticate himself. After these two authentication requests pass through, everything *should* be okay. Chris DeRamus HQ VPN Administrator Verizon 301-903-2093 -Original Message- From: Simon [mailto:[EMAIL PROTECTED]] Sent:

RE: Problems with MySQL Auth-Type

omehow *trick* FreeRadius into realizing that the first authorization/authentication request is the Group Name and Pass, and then it will still listen for another request (Username/Pass)? Thanks again for your patience, Chris DeRamus -Original Message- From: Simon [mailto:[EMAIL PROTECTED]]

RE: Problems with MySQL Auth-Type

modcall: group authorize returns ok   rad_check_password:  Found Auth-Type pap auth: type "PAP" modcall: entering group authenticate rlm_pap: login attempt by "TestRad" with password TestRad rlm_pap: Could not find password for user TestRad   modcall[authenticate]: module &q

RE: Problems with MySQL Auth-Type

alue pair   modcall[authorize]: module "counter" returns noop     users: Matched DEFAULT at 148   modcall[authorize]: module "files" returns ok modcall: group authorize returns ok   rad_check_password:  Found Auth-Type Local auth: type Local auth: No password configured for the

RE: Problems with MySQL Auth-Type

cally done, but tying it into FreeRadius would be nearly impossible from what I'm understanding. That means the password needs to also be stored in one of the configuration files correct? Such as clients.conf? Or is PAP just used to verify the password stored in the SQL database? Thanks again,

RE: Problems with MySQL Auth-Type

t I'm missing my sql.conf or does it look like something is screwy in the radiusd.conf itself possibly? I can copy paste the entire conf files but I figured I wouldn't start out with that for now to make this thread a bit smaller in case other people experience this. Thanks, Chris

Problems with MySQL Auth-Type

ailed to validate the user. Login incorrect: [TestRad]   I apologize for seeming like an idiot or any confusion I may be causing but I am totally out of ideas, I appreciate your time.   Cordially,   Chris DeRamus HQ VPN Administrator Verizon 301-903-2093  

Re: run multiple query in sql.conf

but that would take more overhead. Another way could be to call an external program to do the logging. Also, I believe you may also be able to include multiple SQL queries, but I'm not sure if that will work. -Chris >Hooman > > >_

Re: prepaid timeouts

#x27; module. This is exactly what they were created for. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \

Re: SQL reading as user DEFAULT

= >sql_escape in: 'DEFAULT' >sql_escape out: 'DEFAULT' >sql_set_user: escaped user --> 'DEFAULT' > >I'm running Freeradius v0.5 on a FreeBSD machine. > >Where is it getting DEFAULT from? Do you have a DEFA

Re: Release Schedule

mary jobs ( though some are fortunate to have employers that allow work on FreeRADIUS as part of normal work ). Sorry this doesn't answer your question, but there really isn't a defined schedule. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~

Re: Ascend-Data-Filter issue

Ascend Max I'm using didn't like the data it got >as part of the radius reply. Is there some flaw in the abinary data type >that's mis-interpreting the data filter as syntax errors?? dstpost is a typo in the examples listed in the 'dictionary.ascend'. It should b

RE: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4

r := "ip in forward dstip ip.of.mailbox/32", > Ascend-Data-Filter := "ip in drop tcp dstport = 25", > Ascend-Data-Filter := "ip in forward", > Fall-Through = yes > >what gives? Run a recent version. Earlier versions have known problems t

Re: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4

scription of what >'==' does. This is not 'users'. This is 'attrs'. The operators specified were correct for that usage, apart from the Data-Filter ones, which should have been := ( Set Operator ). :) -Chris -- \\\|||/// \ StarNet In

Re: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4

t;ip in forward" > > >but alas, the filters do not get send. What am I missing? := is the operator you want. And you really want to upgrade to the latest release, as there have been changes to the way attrs is parsed and the operators you can use ( two new ones are now available =* and

Re: Check that Calling-Station-Id is present

t >present the correct username and password and their Calling Station Id. The >information is required in case of abuse of the service. I use local >authentication as below. Add to your check-items: Calling-Station-ID =* ANY -Chris -- \\\|||/// \ StarNet Inc.

Re: Compiling errors on Solaris 8 Please help

I run make I >get the following errors Try to use the CVS snapshots. We are nearing the 0.6 release, so there have been many fixes since 0.5 came out. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Direct

Re: Two problems with FreeRadius 0.5 (Chris Parker)

nk we should break the RFC becuase Lucent killed the PM3 without completing ComOS. ( Yes it does suck, as I was a big fan of the PM3, but have moved on to cisco and Ascend gear because I need something that is supported. ) -Chris -- \\\|||/// \ StarNet Inc. \ Chris P

Re: Two problems with FreeRadius 0.5 (Chris Parker)

to understand "core" >files... gdb is a bit mysterious for me... See the 'docs/bugs'. You may not be able to understand it, but if you can capture it and send it to the list, then we can analyze it. -Chris -- \\\|||/// \ S

Re: FreeRadius makes MySQL 100% CPU loading

should look at your mysql tables, and investigate creating additional indexes. Use the 'explain' function of mysql. More docs on tuning mysql available at: www.mysql.com. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \

Re: Two problems with FreeRadius 0.5

an accounting-stop packet there > is a "segmentation fault". This should create a 'core' file that you can back-trace with gdb. Or, you could run radiusd from inside gdb and issue the 'bt' ( backtrace ) command when/if it crashes. -Chris -- \\\|||/// \

Re: downloadable ACLs

ilter rules from the NAS ( PIX ) documentation. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \

Re: possible to add realm in huntgroup

ill be >able to proxy them to radius2. Setup the realm 'sybase.com' as you have now. Add entries to the users file that contain the 'Proxy-To-Realm' attribute. Usage is the same as the 'Replicate-To-Realm' attribute discussed on this list a short

Re: Force Gateway profile

directed to a support list for the NAS you are using, as FreeRADIUS is certainly capable of returning any attribute to the NAS. What attributes are required are up the the NAS vendor. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX

Re: proxy and replicate

r. That is not something the server does currently, so you'd have to patch it to do that if that's really what you want. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* W

Re: Proxy/realm detail logging to different logfile?

ll expand variables, yes. See the info in './docs/variables.txt' for what and how this will expand variables to values. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @

Re: Session Auto-Kick

At 05:06 PM 5/21/2002 +0300, Kostas Kalevras wrote: >On Tue, 21 May 2002, Chris Parker wrote: > > > You could implement this via a modified 'rlm_counter' module that returns > > a 'Session-Timeout' value for the remaining time allocated to the user, if > &

Re: IP Addresses

NAS. It is possible to have radius attempt to handle ip pools, but there are many pitfalls to this type of implementation. See the 'rlm_ippool' experimental module for one way to try ip pools managed by the FreeRADIUS server. -Chris -- \\\|||/// \ StarNet Inc. \

Re: Wireless LAN and RADIUS

is not guaranteed or required, caveat emptor. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starne

Re: Session Auto-Kick

use >Ascend-Terminate-Cause, but it still doesn't save it. I turned on detail >logging and I see the attribute being returned by the terminal server, but >it's getting lost somewhere after that. Has anybody else had this problem? Not sure there, what are the column definitions

Re: FreeRadius and Ascend-Data-Filter's

the filter syntax at the top of the dictionary file. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-011

Re: Proxy Radius

s this possible?? > >Thanks for your help, and sorry for the repeated question See the ./raddb/acct_users for an example on usage of 'Replicate-To-Realm'. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireles

Re: Accounting updates losing username in sqltrace

ay need to modify/update your 'sql.conf', so that the username is pulled correctly from the packet. See the part where it discusess the options you can use to set what values ( and what order it tries ) to find the username to use. -Chris -- \\\|||/// \ StarNet Inc.

Re: Accounting updates losing username in sqltrace

oesn't >send the Framed-IP-Address returned to the user in the first accounting Read the docs. This is covered in the 'cisco' readme in the 'docs' directory. You need to add a config command to your cisco NAS that tells them not to send the acco

RE: Using ippool with two radius servers?

he heck do I know about building a big network... I've spoken my bit here, so I'll stop flogging the deceased equine. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Enginee

Re: problem encounter when configure auto-failover for mysql

iour was not what you'd expect. -Chris >thx. > >-- >Cheers, >CM. > > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wi

RE: Using ippool with two radius servers?

that is not clear, you need to study routing, route summarization, and ip subnetting some more. >Back to the original question; can I have two Radius server > managing the same IP address pool? No. ( And you really really really don't want to for 30,000 ips ). -Ch

Re: Using ippool with two radius servers?

radius does not share infop about the ips already in use? > > Yes, I kown I can have 'N' different ip pools configured, one for > each NAS , but I'm talking about 30.000 dial ports, so I can't allocate > 30.000 * N ips available. Why would you not want t

Re: Security

At 11:28 AM 5/15/2002 -0700, Raghu wrote: >Chris Parker wrote: > > > > Yes, but that has far less support ( at the moment ) than IPSec and is > > still draft. :\ > > > >I think, for now EAP-TTLS does not have any added advantage over IPSec. > >Just cur

Re: Security

hone number calling from, one could imagine some social engineering attacks... Yes it is pretty paranoid to think that someone would be interested in that, but it also appears that it might not be overly hard to add IPSec hooks, either. -Chris -- \\\|||/// \ StarNet Inc.

Re: Security

Solaris: Supported in Solaris8 Linux: http://www.freeswan.org/intro.html Others: ? -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering

Re: Security

At 11:54 AM 5/15/2002 -0400, Alan DeKok wrote: >Chris Parker <[EMAIL PROTECTED]> wrote: > > That could be solved by establishing an IPSec tunnel between our radius > > and your servers, setting up a direct network connection ( peering point ) > > for exchange of radius

Re: Security

At 08:39 AM 5/15/2002 -0700, Bill Campbell wrote: >On Wed, May 15, 2002 at 08:58:17AM -0500, Chris Parker wrote: > >At 03:18 PM 5/15/2002 +1000, Andrew Tait wrote: > >>http://www.untruth.org/~josh/security/radius/radius-auth.html > >> > >>For those interested

Re: ID hang in Hiper

t; >Psl help in solving this.. Fix the 3com hiper so it sends accounting. Not much the server can do there. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.ne

Re: about the debug

ounter: (Check item - counter) is greater than zero"); -x sets debug level to one, prints all DEBUG() statements. -x -x sets debug level to two, prints all DEBUG() and DEBUG2() statements. -x -x -x sets debug level to three, prints all DEBUG() and DEBUG2() statements w

Re: FreeRADIUS redundant sql

values are known only locally to each server. You could use the 'sqlcounter' which would allow you to centralize the counter data to an sql server that both radius servers would query/update. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~

Re: Security

yet widely supported on dialup NAS, though it does seem to be used on quite a few Wireless/Ethernet access products. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starne

Re: Security

us server. Like I said before, if an attacker has access to your network in such a manner there are *lot* of interesting things they can do, cracking radius is just one of them. :) -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is*

Re: CHAP FreeBSD 4.5 and Freeradius-0.5

it >is. Examples are always welcome. Sorry, it's just not possible with *any* radius server. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://ww

Re: FreeRadius 0.5 with MySQL

or not, but they all depend on what you are trying to do. Try rephrasing your question with more details, instead of a demanding "tell me how to do this" statement, you'll get better responses that way. -Chris -- \\\|||/// \ StarNet Inc. \ Ch

Re: Load Balancing modules

"Patches are welcome!" :) -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 96

Re: How to: Administratively drop dial-in user via SNMP

up ). More information is available from here: http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t3/dt_asmib.htm -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering

NAS-Port vs. NAS-Port-Id?

course, changing the variable in the sql.conf file made everything work, but I'm curious why this change was made in the first place. Am I doing something wrong? Thanks, Chris Kalin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Proxy issue, possible to rewrite?

icitly permitted, 'rlm_attr_filter' will not permit an attribute through. attrs: realm.com Class =* ANY, Proxy-State =* ANY users: DEFAULT Framed-Protocol = PPP, Framed-IP-Address = 255.255.255.254, Framed-IP-Netmask = 255

Checkrad script not being properly run...

hive shows that others were having a similar problem with the "classic" radutmp-based simultaneous use code. Does anyone have any suggestions? Thanks, Chris Kalin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: problems with users after upgrading...

At 05:56 PM 5/10/2002 -0400, Aamer Akhter wrote: >Chris, > >still problems. can you also CC me on the reply directly? I have to cut >and past from the >archive currently.. > > > >At 11:27 AM 5/10/2002 -0400, Aamer Akhter wrote: > >Hello, > > > >I jus

Re: problems with users after upgrading...

ng the user That's the problem. Module 'files' returned 'notfound', so it didn't match the username for some reason. >smartbits Auth-Type := Local > Password == "xxx", These should all be on one line. >any ideas on what my ne

Re: limit the access according to the call identifier

At 12:58 PM 5/10/2002 +0300, Aleksandr Kuzminsky wrote: >On Thu, 9 May 2002, Chris Parker wrote: > > > DEFAULT Auth-Type := Reject, Calling-Station-Id = "5551212" > > Reply-Message = "Your Phone Number Is Banned" > >Well, but some auth-requ

Re: proxy bug

s still a development release ( albeit one that is more likely not to have show-stopping bugs than nightly builds ). -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\

Re: rlm_sqlcounter monthly time limits for groups

on := 216000 Fall-Through = 1 Which is more than a little different from the docs included with the sqlcounter module. Although this works exactly the way I'd expect it to, am _I_ the one doing this wrong? Chris Kalin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: proxy bug

At 06:24 PM 5/7/2002 +0300, Andrey Lakhno wrote: >Hi ! > >It seems there is a bug in proxy implementation in freeradius-0.5. Which has been fixed in the latest CVS. -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is*

Re: Modules

ess in my opinion anyway. It is always best to let the NAS handle ip assignment, IMHO. -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847)

Re: group with realms not working

NAS-Port-Id = "0" >rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=111, length=66 > Reply-Message = "Your account cannot be used to dial in with." > > >but test with realm doesn't. What does your 'proxy.conf' file look like

Re: Ascend-Data-Filter+mysql

operator. -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---

Re: IPPOOL

t? I don't want to use RIP or anything like that to propagate > tousands of host routes. Then let your NAS assign the addresses. You can run NAS assigned dynamic addresses with a dynamic protocol just fine. If you don't want to announce ( and withdraw ) thousands of host routes into

Re: GID (group) not working in post-0.5 CVS?

Alan, you da man. :) The rlm_unix fix you commited to CVS this morning worked like a charm. Thanks so much for jumping on this. Chris Kalin > - Original Message - > From: "Alan DeKok" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, M

Re: GID (group) not working in post-0.5 CVS?

Yeah, for some reason, I can't make it work by replacing the rlm_unix module in the CVS with the ones from 0.4 or even 0.3. I'll wait for the fix tonight and give it a shot. Thanks again, Chris Kalin - Original Message - From: "Alan DeKok" <[EMAIL PROTECTED]

Re: GID (group) not working in post-0.5 CVS?

o what you want. These both sound like good ideas, thanks for all the help! Chris Kalin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: GID (group) not working in post-0.5 CVS?

thentication. I don't > even know *how* you would get the PAM module to do group access, as > PAM Just Doesn't Do That. That's what I thought. :) I was just throwing it out as a suggestion - I've seen nothing of the sort from PAM either. Thanks in advance for any help anyone can provide. Chris Kalin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

GID (group) not working in post-0.5 CVS?

CVS on this particular server, and now it's cheerfully ignoring these lines, eventually matching the DEFAULT entry that lets everyone in. I'm using the "unix" module for auth, not PAM. I can switch to PAM if need be, but I remember having _no_ luck with groups under PAM. Anyon

Re: Returning Proxy-State (or anything else) in Access-Reject situations.

Yup, that's what I've done for now, and it works perfectly. Thanks everyone! Chris Kalin - Original Message - From: "Franklin Trumpy" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, May 05, 2002 11:49 AM Subject: Re: Returning Proxy-State (or

Returning Proxy-State (or anything else) in Access-Reject situations.

g on with the list server? Thanks in advance. Chris Kalin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: MySQL problem

read the username from NAS, but why the username changes to DEFAULT > when talking to mySQL? Sounds to me as if the user ('peterl' in your case) just doesn't exist in your mysql db? Correct me if I'm wrong, but afaik DEFAULT is used for all users that are not explicitly liste

Testing list.

Is the list down? Sorry for the noise. Chris Kalin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

GID (group) not working in post-0.5 CVS?

CVS on this particular server, and now it's cheerfully ignoring these lines, eventually matchine the DEFAULT entry that lets everyone in. I'm using the "unix" module for auth, not PAM. I can switch to PAM if need be, but I remember having _no_ luck with groups under PAM. Anyon

Re: IPPOOL

gure rlm_ippool according to the examples and documentation provided. You'll probably have to play with it a while. And for the record, I'm against the radius server attempting to assign ip's. It may work in very small environments, but it does not scale. -Chris -- \\\

Re: CPU

restart the daemon What OS? Also, what modules are you using ( LDAP, SQL, ??? ). What does 'top' show. Is FreeRADIUS the cpu hog? Does it happen in debug mode? If so, what is FreeRADIUS doing when it spikes CPU ( based on debug message output ). -Chris -- \\\|||///

Re: HP-UX

try yourself. Please post your results here, and we can attempt to help make any changes that might be needed to enable it to compile. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ h

Re: Two RADIUS servers on the same box

At 11:56 AM 5/2/2002 +0100, Dan Bell wrote: >Is it possible to run two RADIUS servers on the same box (i.e. one RADIUS >server serving port 1645 and another daemon serving port 1812)? Yes, simply install the config files into different directories and edit appropriately.

Re: Latest batch of CVS snapshots not building many modules?

Yeah, I figured that out in the day and a half between when I posted that message and when it went to the list the first time - and then it went out again the following day. Sorry about the noise. :) Chris Kalin - Original Message - From: "Chris Parker" <[EMAIL PROTECTED]

Individual Database Layout?

ts a different layout... Kind regards, Chris -- Christoph R. Hartel Linux System Administrator eMind GmbH | phone: +49 671 794613 - 0 Rosenheimer Strasse 2-4 | fax:+49 671 794613 - 50 D-55543 Bad Kreuznach| mobile: +49 163 723 www.emindgroup.com | email: [E

Re: Compiling for MS SQL Server

driver rlm_sql_freetds: file not found rlm_sql: Make sure it (and all its dependent libraries!) are in the search path of your system's ld. radiusd.conf[4]: sql: Module instantiation failed. The file rlm_sql_freetds.so is located in /lib/ (exactly as rlm_sql_mysql.so). So why doesn't radiusd fi

Re: disconnect after 1 second

does the stop record/nas logging show for the disconnect cause? -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847)

Re: Latest batch of CVS snapshots not building many modules?

At 12:11 PM 4/29/2002 -0500, Chris A. Kalin wrote: >I was just curious if there's a way I can tell configure to build all >available modules dynamically and place them into the $blah/lib directory. > >With 0.5 and previous, I could type ./configure --with-pam --with-mysql and

Latest batch of CVS snapshots not building many modules?

etail and rlm_files, etc. Now, I have to explicitly tell configure EVERY module I want, which is a bit of a pain. Am I missing a new configuration directive? Thanks... Chris Kalin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Limit users access to certain device groups

ame == "border-routers" Check-items ( the huntgroup comparisons ) *must* all be placed on the first line. Reply-items belong on the lines below. -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, E

Re: Limiting the user's time online

er', which is still experimental and has config examples in 'experimental.conf'. -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @

Re: Client-IP-Address occasionally incorrect

uthorize { one two } accounting { one two } -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://ww

Re: Client-IP-Address occasionally incorrect

ore I did too much damage, so I didn't have time to packet sniff or anything. This was a right around 0.4 CVS version, but the exact date escapes me right now. I can provide complete config files if anyone is interested, but I'm going to try this with the current CVSs first. Oh, and Linu

Re: Client-IP-Address occasionally incorrect

7;t really troubleshoot past isolating Simultaneous-Use as the cause. I've actually been meaning to revisit this now that .5 is out and see if life is better. Although it is reassuring to see that it didn't only bite me. :) Chris Kalin - Original Message - From: "Alan DeKo

Re: Conditional Proxy

e >DEFAULT entries for all your realms, including the various combinations of >Prefixes/suffixes etc. Seems that the rlm_realm was designed to deal with >realms and therefore checks should be done there. Not a big deal, just a >little tidier IMO. Perhaps, though I'd rathe

Re: Conditional Proxy

e proxied as usual. > >Any Comments? Why is not possible to simply do this in the 'users' file with: DEFAULT Called-Station-Id == 1234, Proxy-To-Realm := "company.com" Fall-Through = No -Chris -- \\\|||/// \ StarNet Inc. \Chris Pa

Re: Radius error

of general "how to use a database". See some examples at: http://www.mysql.com/documentation/mysql/bychapter/manual_MySQL_Database_Administration.html You really need to learn how to admin a relational database. That requires a knowledge of how they work, and cannot be acc

<    1   2   3   4   5   6   7   8   9   10   >