Humberto,
I tried making your suggested config changes, but still no luck.
FYI, I've changed the 'DEFAULT Auth-Type' in the users file to 'perl_1' and copied the syntax for your authenticate section - but still no luck.
When I add another module, to the 'common' (or is it System ?) list of authe
Hi All,
I'm trying to authorize a user by using the rlm_perl module only. I.e., I
only want the perl script to control the authorization.
In radiusd.conf I have set:
proxy_requests = no
and in the authorize part the "files" statement is commented (otherwise
freeradius will look at the file 'u
hi,
i'm using peter nixon's cisco h323 billing scripts with postgresql. i've
installed postgresql 7.4, but there seems to be a problem with data
types specially with "timestamp with time zone".
anybody made a work-around with this?
here's a snip from my debug:
<>
Tue Feb 17 14:48:20 2004 : Erro
remove
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Title: 郵件
>Hello,
freeradius-users,
>
> Following the
doc in radius,I have change the file radiusd.conf in
/usr/local/etc/raddb/
>
>In
Radiusd.conf:> $INCLUDE
${confdir}/mssql.conf
>
> I also change
mssql.conf.
If you want to use mysql
database, you should modify your Radiusd.conf li
Hi,
I use freeradius 0.9.3 with Nomadix.
It's all OK for authentication but I would configure an Accounting for my
user.
Where I can put this ATTRIBUTE for example Nomadix-Expiration o other (see
dictionary)?
Please help me.
P.S.: Where I can find a tutorial or HowTo or this configuration?
Tha
hello im just trying to install rlm_python module
using CVS last Feb 16, 2004 in Freebsd 4.8. As the
docs stated ive compile it this way.
diameter# ./configure --with-static-modules=python
And i got this error:
diameter# ./configure --with-static-modules=python
loading cache ./config.cache
check
Hi all,
How can I use and declare suffix of username: ex: [EMAIL PROTECTED] and [EMAIL PROTECTED]. I
want to use both 2 service in the same radius server. I don’t know where
to declare in config file.
Please help me.
Thanks,
Manh Cuong.
Hello, freeradius-users,
Following the doc in radius,I have change the file radiusd.conf in
/usr/local/etc/raddb/
In Radiusd.conf:
$INCLUDE ${confdir}/mssql.conf
I also change mssql.conf.
In mssql.conf:
sql {
# Database type
# Current supported are: rlm_sql_mysql, rlm_sq
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "Mon Feb 16 19:56:52 2004 : Error: ERROR: Realm myrealm.com cannot be load
> balanced to LOCAL"
Read the comments in raddb/proxy.conf
Kevin Bonner
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAMXqt/9i/ml3OBYMRAkGrAJ9v73z4
Hello
everyone,
I received this
message in the radius.log file today. I am wondering if anyone else has
seen this before and what the cure may be for it. Any more information on
this would be greatly appreciated. It also killed the radiusd process
right about the time I got this messag
Hello,
I recently downloaded and installed the FreeRADIUS server, and I am
currently in the process of having a look at the documentation for the
configuration.
There are a few questions I would like to ask those more experienced
with the use of the huntgroups file.
1) First of all I cannot q
Hi folks. Freeradius is an incredible piece of software and it has
performed very well for us. I am trying to implement wildcard realms
and think I may have a config problem but maybe I've been staring at the
same stuff for too long. If anyone can offer any advice please give me
a yell.
rad
I am very interested in htis topic too but have no idea how to help you :)
Actualyl I am interested if this work with utherntication type EAP
Rick
Quoting Mike Lampson <[EMAIL PROTECTED]>:
> Hello all,
>
> I tried to ask this question on Friday and didn't receive an answer, so let
> me try to
Sorry about that!!!
Find what you are looking for with the Lycos Yellow Pages
http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.com/default.asp?SRC=lycos10
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/li
Hello all,
I tried to ask this question on Friday and didn't receive an answer, so let
me try to explain it better.
I am presently running FreeRADIUS using Unix crypt passwords. This works
fine. However I need to add support for better (i.e. longer) passwords and
would like to use MD5 encoded p
Has anybody managed to get hostAP to work with freeRadius? I have a network that
consists of 2 APs(Linux boxes running hostAP) For freeRadius, I followed Raymond
McKay's HowTO and so far I got the certificates as well as the simple authentication
test(given in the howto) working.
I am currentl
Has anybody managed to get hostAP to work with freeRadius? I have a network that
consists of 2 APs(Linux boxes running hostAP) For freeRadius, I followed Raymond
McKay's HowTO and so far I got the certificates as well as the simple authentication
test(given in the howto) working.
I am currentl
Has anybody managed to get hostAP to work with freeRadius? I have a network that
consists of 2 APs(Linux boxes running hostAP) For freeRadius, I followed Raymond
McKay's HowTO and so far I got the certificates as well as the simple authentication
test(given in the howto) working.
I am currentl
Has anybody managed to get hostAP to work with freeRadius? I have a network that
consists of 2 APs(Linux boxes running hostAP) For freeRadius, I followed Raymond
McKay's HowTO and so far I got the certificates as well as the simple authentication
test(given in the howto) working.
I am currentl
Yees!!!
(I'm going to name you Sir. Lionel !
;)))
José Luis SolanoSGI - Soluciones Globales
Internet S.A.Delegación Regional Sur[EMAIL PROTECTED](+34)
954.088.060
Alan DeKok wrote:
>
Why the heck are you doing packet sniffing when you could run the
server in debugging mode to see what it's doing?
I was running debug mode - but the setting use_tunneled_reply didn't
change anything. After a day of debugging I realized that this was the
most idiotic configu
does
it work ?
LG.
-Message d'origine-De :
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]De la part de José
Luis SolanoEnvoyé : lundi 16 février 2004
19:55À :
[EMAIL PROTECTED]Objet : Re: Problem with
remote LDAP
Thanks again Lionel ;) !!!
Thanks again Lionel ;) !!!
José Luis SolanoSGI - Soluciones Globales Internet S.A.Delegación
Regional Sur[EMAIL PROTECTED](+34)
954.088.060
- Original Message -
From:
Lionel Gavage
To: [EMAIL PROTECTED]
Sent: Monday, February 16, 2004 7:38
PM
Thanks again Lionel ;) !!!
José Luis SolanoSGI - Soluciones Globales Internet S.A.Delegación
Regional Sur[EMAIL PROTECTED](+34)
954.088.060
- Original Message -
From:
Lionel Gavage
To: [EMAIL PROTECTED]
Sent: Monday, February 16, 2004 7:38
PM
S
Hi,
Remove the
"access_attr = "dialupAccess"" parameter in LDAP config (put in comment). And
retest.
Lionel
Gavage.
-Message d'origine-De :
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]De la part de José
Luis SolanoEnvoyé : lundi 16 février 2004
19:32À :
[EMAI
Dear all !!
My old configuration was (2 different
PC's):
IP Client: XXX.XXX.XXX.205
IP Freeradius and LDAP:
XXX.XXX.XXX.222
With this configuration, my system runs ok!!
My currently configuration is (3 different PC's):
IP Client: XXX.XXX.XXX.205
IP Freeradius: XXX.XXX.XXX
Dear all !!
My old configuration was (2 different
PC's):
IP Client: XXX.XXX.XXX.205
IP Freeradius and LDAP:
XXX.XXX.XXX.222
With this configuration, my system runs ok!!
My currently configuration is (3 different PC's):
IP Client: XXX.XXX.XXX.205
IP Freeradius: XXX.XXX.XXX.206
IP
"sting sting" <[EMAIL PROTECTED]> wrote:
> But this is not the point.
> - the CallTimeAttr = 111
> was just an example.
> It also fails in
> CallTimeAttr = 3500
This is fixed in the CVS head.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/use
Paulo Fragoso <[EMAIL PROTECTED]> wrote:
> Are there any attribute for stroe crypted password in database and works
> with mschap?
It's impossible. It's designed to be impossible.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
thnxs to Paul "TBBle" Hampson.
According to my understanding and the
docs, the date represtents times in
milliseconds from 1.1.1970.
So 111 should also be OK.
But this is not the point.
- the CallTimeAttr = 111
was just an example.
It also fails in
CallTimeAttr = 3500
and
CallTi
Hi José,
Note that WinXP PEAP client store the user/password in register.
(See : http://support.microsoft.com/default.aspx?scid=kb;en-us;823731)
Is why i use TTLS Client of Alfa/Arris.
Regards,
Jean-Paul.
José Luis Solano wrote:
Do you know if Windows XP client has authentication TTLS? Where is t
No problem ;)
Lionel Gavage
-Message d'origine-
De : [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] la part de José
Luis Solano
Envoyé : lundi 16 février 2004 16:13
À : [EMAIL PROTECTED]
Objet : Re: TTLS and TLS (EAP-TYPES)
Thanks a lot Lionel!
José Luis Solano
SGI - Soluciones Globa
On Mon, 2004-02-16 at 14:45, Paulo Fragoso wrote:
> Are there any attribute for stroe crypted password in database and works
> with mschap? Now, only clear text password stored in radcheck table
> works with mschap:
No.
CHAP passes a hash of the password and a random challenge across the
wire.
Thanks a lot Lionel!
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
- Original Message -
From: "Lionel Gavage" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, February 16, 2004 2:04 PM
Subject: RE: TTLS an
Norguhtar wrote:
Are there any attribute for crypted password to work with mschap? We
have ever tried "Crypt-Password" which work fine for dial-in user from
other system (lucent max6000) using pap auth, but don't work with mschap.
You can't used crypted password for this password is already crypt
ok I made some experiment about limiting session time...
now I need to understand how to use this:
>So you must create an
> UPDATE command which will be fired when stop acct record is received
> that will update value in radreply for that user.
> Something like
> UPDATE radreply SET
value=to_char((
Hi,
I've been doing some hacking with the perl module. The Auth-Type can be set
by the authorization module or in the users file ( The latter works for me)
-My users file only has the line:
DEFAULT Auth-Type := perl_1
-My radiusd.conf 's relevant sections
modules {
...
...
perl voip {
On Mon, Feb 16, 2004 at 04:18:58PM +0200, sting sting wrote:
> Hello,
> I have a problem with using a (Vendor Spcific) date attribute in
> freeradius.
> I had added other Vendor Spcific) attributes (string,integer,date ) with
> not problem
> I had added a dictionary with a date format type.
> wh
Hello,
I have a problem with using a (Vendor Spcific) date attribute in
freeradius.
I had added other Vendor Spcific) attributes (string,integer,date ) with not
problem
I had added a dictionary with a date format type.
what I had added is:
ATTRIBUTE CallTimeAttr 122 date VSCompany
(there
On Mon, 16 Feb 2004 10:27:11 -0300
Paulo Fragoso <[EMAIL PROTECTED]> wrote:
> Hi,
>
> We have a FreeRadius 0.9.3 + Mysql to authenticate a FreeBSD 5.1 + MPD
> implementing PPTP vpn. All is working fine, but we have to put clear
> text password in users database:
>
> mysql> select * from radche
Hi,
We have a FreeRadius 0.9.3 + Mysql to authenticate a FreeBSD 5.1 + MPD
implementing PPTP vpn. All is working fine, but we have to put clear
text password in users database:
mysql> select * from radcheck where username='testevpn';
+--+--+---++--+
| id |
Hi José,
No Windows XP client hasn't TTLS option. Windows XP client supports PEAP on
the other hand. You can use SecureW2 (http://www.alfa-ariss.com/)
Lionel Gavage
-Message d'origine-
De : [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] la part de José
Luis Solano
Envoyé : lundi 16 février
Do you know if Windows XP client has authentication TTLS? Where is the
option?
If Windows XP client has not TTLS, then do you know other client?
Thankss a lot!!
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
- Original M
Hi,
It doesn't find the clear text password for rlm_chap but the user is well
validated by LDAP.
Extract of log:
rlm_ldap: - authorize
rlm_ldap: performing user authorization for u190336
radius_xlat: '(uid=u190336)'
radius_xlat: 'dc=ulg,dc=ac,dc=be'
ldap_get_conn: Got Id: 0
rlm_ldap: performi
Alan DeKok wrote:
Paulo Fragoso <[EMAIL PROTECTED]> wrote:
All is working fine, but we would like to restric PPTP users to only
connect to vpn server. So we have created our radgroupcheck this way:
...
| 8 | virtual | NAS-Port-Type| := | Virtual |
That won't do what you want. Use '==
Yes, on the level of the configuration client.
Lionel Gavage
-Message d'origine-
De : [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] la part de José
Luis Solano
Envoyé : lundi 16 février 2004 13:14
À : [EMAIL PROTECTED]
Objet : TTLS and TLS (EAP-TYPES)
Hi Lionel,
I have your radiusd
On Mon, Feb 16, 2004 at 12:54:13PM +0100, [EMAIL PROTECTED] wrote:
>
> I would like to learn how to set IP restrictions for each radius account :
>
> By restrictions, I mean that account n° 1 can only reach IP subset n° 1,
> account n° 2 can only reach IP subset n° 2,
>
> An IP subset can b
Hi Lionel,
I have your radiusd.conf file, (thanks!!).
But I have a simple question: if I have TL and TTL in my radius.conf, what
eap-type will use freeradius TLS or TTLS?
it's the client who decide the eap-type?
Thanks in advance!!!
José Luis Solano
SGI - Soluciones Globales Internet
Hi Lionel,
I have your radiusd.conf file, (thanks!!).
But I have a simple question: if I have TL and TTL in my radius.conf, what
eap-type will use freeradius TLS or TTLS?
it's the client who decide the eap-type?
Thanks in advan!!!
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delega
Hi,
I would like to learn how to set IP restrictions for each radius account :
By restrictions, I mean that account n° 1 can only reach IP subset n° 1,
account n° 2 can only reach IP subset n° 2,
An IP subset can be the whole WWW, a single IP or a specified family of IPs.
And I would like
Hi Lionel,
I succeeded in do to run a configuration only for EAP/TTLS with a LDAP
backend.
I use freeradius-snapshot of 04/feb/2004 and TTLS client of Alfa & Arris
(SecureW2) on WinXP.
See below 'users' file :
# a0153 : Define the user for 802.1x Authentication
#--
It would be nice to compile set of modifications needed
for dialup_admin to work with postgresql.
(Of course it would be even better that code is db independent :-) )
e.g. user_finger.php3 won't work because
"SELECT DISTINCT UserName,AcctStartTime,FramedIPAddress,CallingStationId
FROM $config
Hi,
I have some problems with PEAP/LDAP (and TTLS/LDAP).
When I use LDAP only with a local authentification I don't have problem.
Reciprocally with PEAP module without LDAP.
But with these two modules the user is validated on the level of LDAP server
but the 802.1x authentificaton failed!
I don't
54 matches
Mail list logo