All,
I am running FreeRadius on RedHat Linux 9.0 to
authenticate wireless users from Cisco Access
Point AP340 via FreeRadius LEAP. Everything is
working
great.
Now instead of authenticating users via LEAP from
FreeRadius local database, I would like to off load
the authentication to another R
I saw a couple of messages dated earlier this month referring to the use
of the SecurID PAM module and Freeradius. Does anyone have this working?
If so, can you please tell me how it is configured?
Best Regards,
Roger McClurg
[EMAIL PROTECTED
Chris Jackson <[EMAIL PROTECTED]> wrote:
> I have the PAM module talking to the server so I know it works. Just
> confused as to why the Radius Daemon is not chatting to it.
Because you told it not to.
> DEFAULT Auth-Type:=PAM
> Fall-Through=Yes
OK...
> I get this...
> Ready to pro
On Mon, Jul 07, 2003 at 04:29:41PM -0700, Chris Jackson wrote:
> Do you have any pointers on where to look next or if this is even
> possible?
Configure your NAS to do PAP. You are doing CHAP auth, which isn't
compatible with PAM.
/fc
-
List info/subscribe/unsubscribe? See http://www.freeradiu
Pardon the intrusion,
I wanted to see if anyone else had been in this situation so I didn't have
to reinvent the wheel if I didn't have to.
Basically I want to pass along all Radius authentication to
a RSA SecurID server. I don't want it to do anything else other than
th
Hi to all
Does FreeRadius server support SecurID Rsa ace server authentication?
Thanks in advance
Carlo
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi to all
Does Gnu radius server support SecurID Rsa ace server authentication?
Thanks in advance
Carlo
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
"Frank Sackewitz" <[EMAIL PROTECTED]> wrote:
> Is there a plugin for an ACE-Server, so the Radius-Server asks the ACE to
> authenticate the user?
You can proxy requests from FreeRADIUS to the ACE server.
Or, you can use the Exec-Program-Wait feature to run their
command-line client, to do the
lug in. RSA's reply was that if I wrote a plug
in, that I'd be in violation of the RSA licensing agreement if I were to
give the code back to the freeradius project for distribution.
So the long and the short of it is this: IF YOU WANT FREERADIUS TO
SUPPORT SECURID -->EVER<--,
Hello Folks!
I´m planning to use a Radius-Server for the Authentication/Accounting of my VPN-Users.
Is there a plugin for an ACE-Server, so the Radius-Server asks the ACE to authenticate the user?
--
Bye
Frank Sackewitz
Thanks for all the input (and kick in the head, PROXY!! duh).
~jamie
On Thu, 2002-11-14 at 10:17, Alan DeKok wrote:
> "Gene Parks" <[EMAIL PROTECTED]> wrote:
> > What about using the radius server built into the SecurID product and
> > let Freeradius proxy to it
"Gene Parks" <[EMAIL PROTECTED]> wrote:
> What about using the radius server built into the SecurID product and
> let Freeradius proxy to it for that function?
Sure, that would work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
What about using the radius server built into the SecurID product and
let Freeradius proxy to it for that function?
Just a thought.
Gene Parks
VIP Direct
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Does anyone on the list have freeradius woking with SecurID/ACE
that can provide some input? Any support in future releases thought of?
~jamie
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
<[EMAIL PROTECTED]>
cc:
Subject:RE: Anyone running freeradius with SecurID?
SecurID has it's own radius server built in. You can proxy to it or
just point your clients straight at it.
Gene Parks
VIP Direct
-
List info/subscribe/unsubscribe? See htt
SecurID has it's own radius server built in. You can proxy to it or
just point your clients straight at it.
Gene Parks
VIP Direct
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I know it's been mentioned before that SecurIDs could be used as an
external (to freeradius) authenticator. Is anyone out there currently
running this kind of config? (I'd rather not reinvent the wheel if
someone has gone through the pain.)
Thanks!
Vincent Giovannone
Network Infrastructure G
each box for all of the administrators, and their passwords have to
> be maintained. Obviously, this doesn't scale well as we add boxes.
Why not? You should be automating this.
> We have tried to leverage our existing SecurID authentication system as
> a way of strengthening the a
"Utsav Ratti" <[EMAIL PROTECTED]> wrote:
> The problem is that pam_radius, from what I have been able to gather,
> does not support New PIN Mode, Next Tokencode Mode and other
> ACE-specific messages, which would be needed to properly support ACE
> authentication on an ongoing basis. Is anybody wo
maintained. Obviously, this doesn't scale well as we add boxes.
We have tried to leverage our existing SecurID authentication system as
a way of strengthening the authentication model on the firewalls and
eliminating the need to use host-specific user accounts. However, with
the current RS
functionality of FreeRadius to support this!
You can add a SecurID module, but it will have to link to the
proprietary SecurID libraries.
I'm not sure that's allowed under the GPL.
> This is an interesting feature and will like to know what all is
> required to be develope
Greetings!
With regards to an earlier question from Cleo and
then its response from Alan:-
Cleo <[EMAIL PROTECTED]> wrote:> Can I configure Free radius
to us securID? Nope. But you can use
'exec-program' to fork an external script to do
theauthenti
[EMAIL PROTECTED] (Rainer Clasen) wrote:
> And BTW, this list is far better than most commercial support I had to
> struggle with.
There's a reason for that. The biggest one is that commercial
"support" usually doesn't include a "users" list, where everyone helps
everyone else. Even if there
"Tim Monaghan" <[EMAIL PROTECTED]> wrote:
> And another thing, I wouldnt mind helping in a documentation effort,
> if one is underway, Im kinda dumb about radius at the moment, but Im
> getting a crash course, and I think a good set of docs would not
> exactly require experts on the case. Is there
You guys are very responsive. This is one of the most
instructive mailing list.
Best.
Cleo
--- Alan DeKok <[EMAIL PROTECTED]> wrote:
> Cleo <[EMAIL PROTECTED]> wrote:
> > Can I configure Free radius to us securID?
>
> Nope.
>
> But you can use 'exec
Alan DeKok wrote:
> Cleo <[EMAIL PROTECTED]> wrote:
> > You guys are very responsive. This is one of the most
> > instructive mailing list.
>
> That's nice to hear.
jepp, I have to agree.
And BTW, this list is far better than most commercial support I had to
struggle with.
Rainer
--
KeyI
>
> There's a lot I don't answer, too. If the response is only
> one-line, I don't mind firing off a quick note.
>
> If the response is longer, or there are many, many repeated 1-line
> questions, I generally hit 'd'.
>
Im also impressed by your patience. I know its hard to be patient in
Cleo <[EMAIL PROTECTED]> wrote:
> Can I configure Free radius to us securID?
Nope.
But you can use 'exec-program' to fork an external script to do the
authentication.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
Cleo <[EMAIL PROTECTED]> wrote:
> You guys are very responsive. This is one of the most
> instructive mailing list.
That's nice to hear.
Many of my posts are responsive because I'm waiting for a 5-minute
job to finish in another window, and I can fire off a quick reply.
Alan DeKok.
-
L
On Mon, 11 Feb 2002, Alan DeKok wrote:
> Many of my posts are responsive because I'm waiting for a 5-minute
> job to finish in another window, and I can fire off a quick reply.
I'm just astonished you still answer the once-a-week FAQs.
You're a saint!
--
Charlie Watts
[EMAIL PROTECTED]
Fronti
Good day,
Can I configure Free radius to us securID?
If yes, can somebody please give me some configuration
steps.
Thank you
=
=
Cleophas Toe, CISSP | Phone:650-980-3686
Sr. Info. Security Officer | Cell: 510
Charlie Watts <[EMAIL PROTECTED]> wrote:
> I'm just astonished you still answer the once-a-week FAQs.
There's a lot I don't answer, too. If the response is only
one-line, I don't mind firing off a quick note.
If the response is longer, or there are many, many repeated 1-line
questions, I ge
Thanks for all the help. You rock.
Cleo
--- Alan DeKok <[EMAIL PROTECTED]> wrote:
> Cleo <[EMAIL PROTECTED]> wrote:
> > You guys are very responsive. This is one of the
> most
> > instructive mailing list.
>
> That's nice to hear.
>
> Many of my posts are responsive because I'm
> waiting f
Xj Wang <[EMAIL PROTECTED]> wrote:
> Does the FreeRADIUS support security token products from RSA Inc.
> (SecurID/ACE server) ?
No, sorry.
As always, patches are welcome.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Does the FreeRADIUS support security token products from RSA Inc.
(SecurID/ACE server) ?
XJ
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
35 matches
Mail list logo