Chris van Meerendonk <[EMAIL PROTECTED]> wrote:
> As far as I can see now the problem is that in the acct_users I've got
> the following:
>
> DEFAULT Huntgroup-Name == "huntgroup", Replicate-To-Realm := "realmname"
Replicate-To-Realm doesn't wor
At 03:58 AM 8/12/2003, you wrote:
On Mon, 2003-08-11 at 16:45, Chris Brotsos wrote:
> >Another strange thing, if I dialin without a realm, that realm is added
> >after the files section (Proxy-To-Realm =+ realmname). This works for
> >authentication, but not for accounting.
On Mon, 2003-08-11 at 16:45, Chris Brotsos wrote:
> >Another strange thing, if I dialin without a realm, that realm is added
> >after the files section (Proxy-To-Realm =+ realmname). This works for
> >authentication, but not for accounting. With pre-proxy an accounting
> &g
At 09:34 AM 8/11/2003, you wrote:
> I sent the post-proxy patch...you probably hadn't received it by the time
> you sent this.
Yes, I guess I was a little impatient, a bad attitude of me...
> I included a patch this time with the post-proxy() and accounting()
> functions. Pay
fail;
+#ifdef HAVE_REGEX_H
+ regex_t reg;
+#endif
+ VALUE_PAIR *realmpair;
+REALM *realm;
+char *realmname;
+
+ /*
+* It's not a proxy reply, so return NOOP
+*/
+
+ if( request->proxy == NULL ) {
+
changed any code
> regarding said check item, but maybe you need to use Proxy-To-Realm :=
> "realmname". I don't remember how the two VPs are handled differently, nor
> am I sure if you want the functionality of Proxy-To-Realm, but give that a
> try and see if you d
At 09:15 AM 8/8/2003, you wrote:
On Fri, 2003-08-08 at 15:48, Alan DeKok wrote:
> Chris van Meerendonk <[EMAIL PROTECTED]> wrote:
> > Is it possible to filter attributes that are sent by using radius proxy
> > to the home-server? Something like attr_filter in the pre-
untgroup", Replicate-To-Realm := "realmname"
>
> Replicate-To-Realm doesn't work. Don't use it.
>
> Use Proxy-To-Realm.
Ok. I followed the example in raddb/acct_users. The problem is equal. I
found out that I only need attr-filter during preproxy authorize, not
for acco
on Redhat with proxy
Hi All,
I'm frist time try the radius server. May I ask who can post the freeradius
on redhat here? Or where can I find the details study manuel?
Thanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ply_items;
> + VALUE_PAIR *reply_item;
> + VALUE_PAIR *reply_tmp = NULL;
> + VALUE_PAIR *check_item;
> + PAIR_LIST *pl;
> + int found = 0;
> + int compare;
> + int pass, fail;
> +#ifdef HAV
On Fri, 2003-08-08 at 15:48, Alan DeKok wrote:
> Chris van Meerendonk <[EMAIL PROTECTED]> wrote:
> > Is it possible to filter attributes that are sent by using radius proxy
> > to the home-server? Something like attr_filter in the pre-proxy stage?
>
> If attr_filter
> I sent the post-proxy patch...you probably hadn't received it by the time
> you sent this.
Yes, I guess I was a little impatient, a bad attitude of me...
> I included a patch this time with the post-proxy() and accounting()
> functions. Pay attention to the accounting fu
On Wed August 6 2003 07:54, Michael Kearey wrote:
> Dick Lau wrote:
> > Hi All,
> >
> > I'm frist time try the radius server. May I ask who can post the
> > freeradius on redhat here? Or where can I find the details study manuel?
> >
> > Thanks
>
> I found this
> http://people.redhat.com/twoerner/S
Hello,
Is it possible to filter attributes that are sent by using radius proxy
to the home-server? Something like attr_filter in the pre-proxy stage?
Regards,
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Fri, 2003-08-08 at 15:48, Alan DeKok wrote:
> Chris van Meerendonk <[EMAIL PROTECTED]> wrote:
> > Is it possible to filter attributes that are sent by using radius proxy
> > to the home-server? Something like attr_filter in the pre-proxy stage?
>
> If attr_filter
Hi,
I've got a strange problem. For several customers we're proxying
requests to their radiusserver. With our non-freeradiusserver
everythings works, but using freeradius there's one server that dies
after receiving requests. Sometimes it's able to give a few answers to
accounting requests, but a
Anyone know the link of mandrake should I look to try radius server
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jeremy
Davis
Sent: Wednesday, August 06, 2003 11:44 AM
To: [EMAIL PROTECTED]
Subject: RE: Sample config on Redhat with proxy
Download the
Dave Mason <[EMAIL PROTECTED]> wrote:
> It looks like the proxy works OK but I dont want cdr to run on the proxy
> server. I dont have any DEFAULT or other entries in the acct_users
> file. I suspect I need something there, or maybe rlm_cdr needs some
> extra smarts to
On 31.07.2003 15:18, Dustin Doris wrote:
In the users file, you can add
bob Proxy-To-Realm := "bobrealm"
That's it. Thanks. I knew there was some hidden attribute. :)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> Hi,
>
> On 30.07.2003 15:37, Dustin Doris wrote:
> >
> > Check out NULL in proxy.conf
> >
>
> I know about NULL.
>
> "This realm is for requests which don't have an explicit realm
> prefix or suffix. User names like "bob" wi
Hi,
On 30.07.2003 15:37, Dustin Doris wrote:
Check out NULL in proxy.conf
I know about NULL.
"This realm is for requests which don't have an explicit realm
prefix or suffix. User names like "bob" will match this one."
NULL means default proxy for every userna
Hi,
I have Freeradius v0.8.1 running as a proxy server that forwards packets
from a certain realm to another Freeradius v0.8.1 server. Both are
configured as follows in radiusd.conf to process local accounting
requests with a "cdr" module I added:
radiusd.conf:
modules {
Michael Baird <[EMAIL PROTECTED]> wrote:
> Is there any way to do a wildcard for Called-Station-ID, like
> DEFAULT Called-Station-Id= "xx5522", Proxy-To-Realm := "domain1.com"
> DEFAULT Called-Station-Id= "xx5533", Proxy-To-Realm := "dom
I've been testing freeradius the last few days, I've found the
functionality I'm looking for, but wonder if I can do it in a better
way.
If I specify
DEFAULT Called-Station-ID ="22", Proxy-To-Realm:="domain.com" in
the users file, then the real domain.c
>
> Hi,
> is it possible and what should I do to forward (proxy) a specified username (without
> realm) to the specified radius server?
>
Check out NULL in proxy.conf
> I tried adding "" as the realm delimiter which didn't work. It would be simple
> solutio
Hi,
is it possible and what should I do to forward (proxy) a specified username (without
realm) to the specified radius server?
I tried adding "" as the realm delimiter which didn't work. It would be simple solution to
my problem.
Can I somehow specifiy proxy as user auth-typ
Josh Howlett <[EMAIL PROTECTED]> wrote:
> I'm trying to access the Proxy-to-Realm attribute in a script called via
> rlm_exec (the script needs to know where proxied requests have been
> sent).
See src/main/proxy.c. That attribue is in the configuration items.
rlm_exec
I'm trying to access the Proxy-to-Realm attribute in a script called via
rlm_exec (the script needs to know where proxied requests have been
sent).
However, I've tried instantiating the script from within the authorize
(after the rlm_realm instantiation) and pre-proxy sections, withou
Matthew Krenzer <[EMAIL PROTECTED]> wrote:
> We are running freeradius here to proxy radius requests to several
> different people. Unfortunately, some of the realms have very
> different requirements pertaining to retry_delay retry_count and
> dead_time.
>
> From wh
We are running freeradius here to proxy radius requests to several
different people. Unfortunately, some of the realms have very
different requirements pertaining to retry_delay retry_count and
dead_time.
>From what I can see, freeradius does not support setting these
attributes on a
Hello everybody,
I would like to that :
Access POINT --> CISCO ACS RADIUS --> FreeRADIUS LEAP Proxy --> LDAP
How I configure the FreeRADIUS ? Do i need to configure it as a proxy or simply
declare the CISCO ACS RADIUS server as a client ?
Thank you in advance, for your answer.
Bes
] ) autz,auth,acctg
|
proxy ( NULL realm )
|
xtradius/mysql ( username ) autz,auth,acctg
the freeradius server still logs the accounting packets for NULL realm
inside the postgres sql database. i would like to disable this but
it will still log the [EMAIL PROTECTED] as it is the radius server for
list,
good day to all of you.
how do i disable accounting for proxied users
radius-packets
|
|
|
freeradius/postgres ( [EMAIL PROTECTED] ) autz,auth,acctg
|
proxy ( NULL realm )
|
xtradius/mysql ( username ) autz,auth,acctg
the freeradius server still logs the accounting packets
At 12:49 PM 7/9/2003, you wrote:
Hello.
Is The servers_per_realm a maximum setting, or has it to be exact?
If i have to proxy a realm to say 2 servers, an another to 3 - is it
possible?
I'm pretty sure that the limit was removed when the round-robin code was
re-implemented. Either way, whe
Hello.
Is The servers_per_realm a maximum setting, or has it to be exact?
If i have to proxy a realm to say 2 servers, an another to 3 - is it
possible?
Pozdrawiam
Marcin Mańk
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
stambazzi andrea <[EMAIL PROTECTED]> wrote:
> The cause may be because i use radclient and not radiusd?
No. You have a loop, as Frank said.
> > What are you confused about?
> Because i have disabled snmp ... i don't understand why it try otherwise to
> connect in snmp!!!
Then you didn't
> > marking authentication server 192.168.1.25:1812 for realm pbc dead
>
> The home server is dead.
The cause may be because i use radclient and not radiusd?
> > Now .. anyone know why radiusd try to connect with SNMP with SMUX
>
> Because it supportssome SNMP management. Don't worry a
On Tue, 8 Jul 2003, stambazzi andrea wrote:
> this is my network configuration:
>
> NAS ---> PROXY ---> MY RADIUS
>
> PROXY: 192.168.1.25
> MY RADIUS : 192.168.1.5
(snip)
> rad_recv: Access-Request packet from host 192.168.1.25:49404, id=224, length=
stambazzi andrea <[EMAIL PROTECTED]> wrote:
> I'm trying to authenticate user from a proxy radius to my radius but
> i have some problem.
...
> marking authentication server 192.168.1.25:1812 for realm pbc dead
The home server is dead.
> Now .. anyone know why radiusd tr
PLEASE ANYONE HELP ME
I'm trying to authenticate user from a proxy radius to my radius but
i have some problem.
this is my network configuration:
NAS ---> PROXY ---> MY RADIUS
PROXY: 192.168.1.25
MY RADIUS : 192.168.1.5
now ... to try the authentication proc
Hi
I must configurate my free radius to authenticate dial from another proxy radius
NAS ---> proxy radius ---> my radius
now .. i must tell to my radius to authenticate login with [EMAIL PROTECTED]
i had configurate my radius like this :
realms:
realmfrom ip-of-rea
hello,Drew Flickema!
It seemed right.
=== 2003-07-02 18:34:00 ===
>Great.
>Then do I set this in usergroup as follows?
>
>INSERT into `usergroup` (`id`, `UserName`, `GroupName`) VALUES
>(X,'[EMAIL PROTECTED]','group1');
>
>the UserName value is "dot star at realm dot com dollar"
>
>Thank
Great.
Then do I set this in usergroup as follows?
INSERT into `usergroup` (`id`, `UserName`, `GroupName`) VALUES
(X,'[EMAIL PROTECTED]','group1');
the UserName value is "dot star at realm dot com dollar"
Thanks,
Drew
At 09:22 AM 7/3/2003 +0800, you wrote:
hello,Drew Flickema
In the radgroup
hello,Drew Flickema
In the radgroupcheck table modify the data like this:
INSERT INTO `radgroupcheck` (`id`, `GroupName`, `Attribute`, `op`, `Value`) VALUES
(1,'group1','Auth-Type',':=','Accept');
=== 2003-07-02 17:56:00 :===
>We have a customer that needs temp assistance with their
"Nathan Littlepage" <[EMAIL PROTECTED]> wrote:
> That's pretty simplistic. Thanks for the 'point in the right direction'.
Like most free software, FreeRADIUS gives you enough information to
solve problems. so long as you're willing to put some effort into it
yourself.
This isn't a $100/email
We have a customer that needs temp assistance with their auth.
We would like to temporarily accept all users from their realm until we
clear this issue up.
We are proxying the realm through us to them. We also have a MySQL
database backend, so I assume we should add something like
[EMAIL PROT
To add to Alans reply:
> I am write to say that the proxy for Access-Request
> 1) Must add the Proxy-State
the RFC says MAY rather than MUST, but the proxies I have seen
do add the Proxy-State.
> 2) Recomputed Message-Authenticator by using the HMAC-MD5 calculations with
> the serve
That's pretty simplistic. Thanks for the 'point in the right direction'.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chris
Brotsos
Sent: Wednesday, July 02, 2003 3:51 PM
To: [EMAIL PROTECTED]
Subject: RE: Numbered-realm proxy
At 03
"Julien Maerfeld" <[EMAIL PROTECTED]> wrote:
> I am write to say that the proxy for Access-Request
> 1) Must add the Proxy-State
> 2) Recomputed Message-Authenticator by using the HMAC-MD5 calculations with
> the server secret
Yes.
> 3) The Authenticator is not
I am write to say that the proxy for Access-Request
1) Must add the Proxy-State
2) Recomputed Message-Authenticator by using the HMAC-MD5 calculations with
the server secret
3) The Authenticator is not changed
4) The proxy might us a different Id and forwards the request
For Access-Response
1
At 03:41 PM 7/2/2003, you wrote:
It deals with the radius server authenticating, or sending to another
radius server based on the originating DNIS.
Archive Search: "Proxy DNIS"
http://www.mail-archive.com/[EMAIL PROTECTED]/msg16250.html
http://www.mail-archive.com/[EMAIL PROTECTED]/msg
"Nathan Littlepage" <[EMAIL PROTECTED]> wrote:
> It deals with the radius server authenticating, or sending to another
> radius server based on the originating DNIS.
"It deals with", or "it IS" ?
Proxying can be done based on the contents of ANY attribute. See
the sample configuration files
: Numbered-realm proxy
"Nathan Littlepage" <[EMAIL PROTECTED]> wrote:
> Does Freeradius currently support numbered-realm proxy?
Can you explain this in other terms?
I've never heard of "numbered-realm proxy" before.
Alan DeKok.
-
List info/subscribe/unsubscr
"Nathan Littlepage" <[EMAIL PROTECTED]> wrote:
> Does Freeradius currently support numbered-realm proxy?
Can you explain this in other terms?
I've never heard of "numbered-realm proxy" before.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Does Freeradius currently support numbered-realm proxy? If not, is it on
the development schedule?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> What are the operations that must be performed by a proxy on the Message-
> Authenticator?
>
>The proxy is added its proxy state (33) and after sends back the request to
> the server destinations.
>
> The HMAC-MD5 is using the packet length so when you change the
What are the operations that must be
performed by a proxy on the Message-Authenticator?
The proxy is added its proxy state (33) and after sends back
the request to the server destinations.
The HMAC-MD5 is using the packet length
so when you change the packet you need to recompute the
At 06:56 PM 6/30/2003, you wrote:
Hi,
Is it possible to make Proxy Authentication decisions (i.e whether to
forward Auth-Request to another RADIUS or Not) based on
Username\Part_of_username instead of Realms ?
Yes. Use the Proxy-To-Realm attribute. Here are some posts that explain:
http
HI to all guys, i have just a question for you.
There is any way to store all the proxy traffic logged in ...
a Mysql Database?
I hafe found all the data that i want to store in a db on
/var/log/radius/radacct/[sourceip]/detail-[date]
Too many errors encountered; the rest of the message is
Hi,
Is it possible to make Proxy Authentication decisions (i.e whether to
forward Auth-Request to another RADIUS or Not) based on
Username\Part_of_username instead of Realms ?
Regards \\ Naman
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Drew Flickema <[EMAIL PROTECTED]> wrote:
> For the most part, I run my FR install in proxy mode. It has been seen
> that session stop packets are received by my FR, but on occasion, these
> stop packets are not received by the FR authentication endpoint due to
> network issu
For the most part, I run my FR install in proxy mode. It has been seen
that session stop packets are received by my FR, but on occasion, these
stop packets are not received by the FR authentication endpoint due to
network issues or possibly the FR endpoint experienced a "hiccup"
add your entry not to the users file but to acct_users file:
> >
> > DEFAULTCalled-Station-Id = "8145550010", Proxy-To-Realm :=
> > "realm.net"
> >
> > hope that helps
> > regards,
> > ossama
> >
>
>
> Thanks
Ossama Suleiman wrote:
you should add your entry not to the users file but to acct_users file:
DEFAULTCalled-Station-Id = "8145550010", Proxy-To-Realm :=
"realm.net"
hope that helps
regards,
ossama
Thanks a million Ossama.that got it! The only other question
you should add your entry not to the users file but to acct_users file:
DEFAULTCalled-Station-Id = "8145550010", Proxy-To-Realm :=
"realm.net"
hope that helps
regards,
ossama
Scotty B. Lowe wrote:
I have read all of the archived posts about this subject and I can&#x
I have read all of the archived posts about this subject and I can't
seem to get this to work. Any advice would be greatly appreciated.
What I need to have happen is for radius to proxy to another radius
server (one of our customers) based on the DNIS regardless of realm.
Some o
Jim Underwood <[EMAIL PROTECTED]> wrote:
> Perhaps someone has seen this same thing before. When FR 0.8.1 is
> proxying auths in synchronous mode and there is no response to an
> Access-Request, nothing is returned to the NAS (as expected) but on the next
> Access-Request after some magic interval
Perhaps someone has seen this same thing before. When FR 0.8.1 is
proxying auths in synchronous mode and there is no response to an
Access-Request, nothing is returned to the NAS (as expected) but on the next
Access-Request after some magic interval and before returning an
Access-Accept, FR return
On Thu, 8 May 2003, Alan DeKok wrote:
> [EMAIL PROTECTED] wrote:
> > support multiple Replicate-To-Realm attributes in the acct_users file? Can
> > I do something like this in acct_users and is it supported?:
>
> The server no longer supports Replicate-To-Realm. Similar
> functionality can be a
On Tue, 1 Apr 2003, Wisam Najim wrote:
> I have configured the freeRADIUS to proxy requests to another remote
> RADIUS (...) The problem is for every request the freeRADIUS that
> proxies the request tries to authenticate the customer locally even if that
> customer rquest is proxied
Hi All,
I have configured the freeRADIUS to proxy requests to another remote RADIUS.
It works fine and I get all required users proxied to remote RADIUS. The
problem is for every request the freeRADIUS that proxies the request tries
to authenticate the customer locally even if that customer
still possible),
> but I was hopping to use a Linux specific feature to replace the proxy
> address that see the "real" radius server by the client one when sending
> the authentication and accounting data.
Huh? Then why are you proxying?
Doing that will COMPLETELY break
Hi all,
I'm trying to use Freeradius to proxify some requests to our corporates
Radius Servers (EAP, ...).
I don't remember where it's configurable (and if it's still possible),
but I was hopping to use a Linux specific feature to replace the proxy
address that see the &qu
Chris Brotsos <[EMAIL PROTECTED]> wrote:
> Alan and I submitted *many* changes to the original round_robin code, and
> although I'm not positive...I think it ended up *not* being supported in
> the 0.8.1 release. I don't have the base 0.8.1 release running, though, so
> I'm not 100% sure on that
At 11:28 AM 3/11/2003, you wrote:
We have several realms configured to do round robin between two downstream
radius servers. We have observed that our freeradius (0.8.1) servers are
sending all traffic for a realm to the first server listed for that realm.
I have seen in the logs where it does do
We have several realms configured to do round robin between two downstream
radius servers. We have observed that our freeradius (0.8.1) servers are
sending all traffic for a realm to the first server listed for that realm.
I have seen in the logs where it does do failover however. Here's an
examp
Hello,
I looked around in many docs but I cannot find anything to help me at
this point: I want to add a realm to users in function of a request
attribute (like Called-Station-ID).
I managed to route my requests to the proxy with something like that in
the users file:
DEFAULTCalled
=?iso-8859-1?q?Mike=20Smith?= <[EMAIL PROTECTED]> wrote:
> Could someone please confirm if the following (from doc/proxy) is
> true though, because my experience showed that the username was
> stripped by the realms module and that after proxy/realm auth the
> full username was
y hints file -
DEFAULT Suffix = ".client1", Strip-User-Name = Yes
Hint = "client1"
DEFAULT Suffix = ".cust2", Strip-User-Name = Yes
Hint = "client2"
and in my users file -
test Auth-Type := Local, Hint == "client1", Pr
Title: Get RADIUS proxy to add Acct-Session-Id to Access-Request
Hi,
My company has a customer who insists on using a RADIUS server that expects to find the Acct-Session-Id attribute in an Access-Request authentication packet. Unfortunately the NAS that we must use does not put this attribute
"Kern Elvish" <[EMAIL PROTECTED]> wrote:
> When I try to login with easy user name (eg "kern") freeradius on
> 11.11.11.11 work as it should be. It process all cisco packets.
> And when i try to login with user name "[EMAIL PROTECTED]" freeradius 11.11.11.11
> send Access-Request to freeradius 22.2
Hello all!
I'm newbie in freeradius and have a question.
I have one freeradius on ip=11.11.11.11
And a second freeradius on ip=22.22.22.22
My cisco is configured to send packets on ip 11.11.11.11 only.
The question is how to configure freeradius on 11.11.11.11, it proxy all
packets (auth
2 has access to client2 and client3, but is not allowed to connect to
client1.
All of our users will have SecurID tokens, so the FreeRADIUS server is being
used as a proxy in front of the ACE server. I had orginally thought about
using realms as follows -
[EMAIL PROTECTED] Auth-Type :=
Dear Amiri
Thanks for your responsibleness.
AFShin
--- Amiri <[EMAIL PROTECTED]> wrote:
> Dear Afshine
>
> Welcome to freeradius mailing list.
>
> Read /doc/proxy file for more details of this.
>
> With Regards
> Amiri
> IranData
Dear Afshine
Welcome to freeradius mailing list.
Read /doc/proxy file for more details of this.
With Regards
Amiri
IranData
--- AFShin Abdollahi <[EMAIL PROTECTED]> wrote:
> Dear Friends,
> Is there a way that instead of using '@realm' I can
> Check the first 3 let
Dear Friends,
Is there a way that instead of using '@realm' I can
Check the first 3 letters of the user-name and decide
which proxy to use ?
AFShin Abdollahi
Network Administrator
__
Do you Yahoo!?
Yahoo! Tax Center - forms, calcula
"Kalle Kul" <[EMAIL PROTECTED]> wrote:
> 1) Will FreeRadius (when acting as a proxy) detect re-transmissions from a
> client. If so, will it re-transmit the message from the same port and with
> the same identifier?
Yes. It's configurable. See 'radiu
Hi
I am thinking about setting up FreeRadius as proxy. I tried to look up the
correct proxy behaviour in the RADIUS RFCs but found the description to be
rather incomplete. Does anyone know how FreeRadius is implemented:
1) Will FreeRadius (when acting as a proxy) detect re-transmissions from a
Yup.. I actually just got off the phone with them. They are using a
Cisco Content switch. They are sending from port 1645 which they
proved with a tcpdump log, then the cisco content switch gets ahold of it
and randomizes the outgoing port prior to sending it to my proxy
server.
We migrated
RADIUS.
Tim
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of Nathan
MillerSent: Tuesday, February 25, 2003 2:06 PMTo:
[EMAIL PROTECTED]Subject: Re: Proxy Server sending
from random ports Alan, I truly appreciate the speedy
reply. I confirmed t
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of Nathan
MillerSent: Tuesday, February 25, 2003 2:06 PMTo:
[EMAIL PROTECTED]Subject: Re: Proxy Server sending
from random ports
Alan,
I truly appreciate the speedy reply. I confirmed the requests are
will notify them that their radius server is definitely
violating the RFC. Thanks.
At 09:54 AM 2/25/2003 -0500, you wrote:
Nathan Miller
<[EMAIL PROTECTED]> wrote:
> I am having a problem with a new client. Their radius server
is sending
> back the requests I proxy to them using random
Nathan Miller <[EMAIL PROTECTED]> wrote:
> I am having a problem with a new client. Their radius server is sending
> back the requests I proxy to them using random ports. It always arrives on
> my port 1647, but is sent using a random port on their side.
That's a
I am having a problem with a new client. Their radius server is
sending back the requests I proxy to them using random ports. It
always arrives on my port 1647, but is sent using a random port on their
side.
Initially I was getting these errors (stripped from -xxx debug log)
Tue Feb 25 11:04
e this.
I will
> Or, there's a file suspicially named 'proxy' in the 'doc'
> directory. It might have something useful.
Thanks but, that's not what I'm looking for, see:
http://www.cisco.com/warp/public/793/ios_fw/auth_intro.html
Didi
Didi Rieder <[EMAIL PROTECTED]> wrote:
> Thanks for the answer, but could you give me a hint how to configure radius
> to do this (I'm really a newbie)
Buy the RADIUS book. It describes common setups like this.
Or, there's a file suspicially named 'proxy' i
Quoting Chris Parker <[EMAIL PROTECTED]>:
> At 02:09 PM 2/25/2003 +0100, Didi Rieder wrote:
> >Hi,
> >
> >I would like to use cisco auth-proxy with freeradius-0.8.1. How can I
> >configure
> >this? (We used to use tacacs+)
>
> FreeRADIUS work
At 02:09 PM 2/25/2003 +0100, Didi Rieder wrote:
Hi,
I would like to use cisco auth-proxy with freeradius-0.8.1. How can I
configure
this? (We used to use tacacs+)
FreeRADIUS works very well with Cisco NAS ( 5x00 ) and other platforms.
Is there something different about your situation that is
Hi,
I would like to use cisco auth-proxy with freeradius-0.8.1. How can I configure
this? (We used to use tacacs+)
Didi
--
-
Didi Rieder
[EMAIL PROTECTED]
PGPKey ID: 3431D0B0
-
pgp0.pgp
Description: PGP Digital Signature
y one thread is executing the module at a
time.
> I assume I control the proxy forwarding behavior by returning
> different codes from pre_proxy? Do you know where I can find them?
The pre_proxy module has the same return codes as all of the other
modules.
The pre_proxy section is *no
101 - 200 of 504 matches
Mail list logo
