--
Hi all
I did read the faq to test my freeradius.
radtest bob bob localhost 0 testing123
but I got an error, access deny
I don't know what is the problem
CAn you tell me how to check it?
I installed it by freebsd port
and run and doesn't get any error
Thank you
-
List info/subscribe/u
I think I've ran into this too..
The problem was with text timezone not being recognized by Postgres.
Here's what I've done:
CREATE OR REPLACE FUNCTION mychg_tz (VARCHAR) RETURNS TEXT AS '
DECLARE
date_tz ALIAS FOR $1;
BEGIN
return translate(date_tz,,);
END;
' LANGUAGE
Laurent RAYSSIGUIER wrote:
Hello,
I would like to setup a SQUID proxy with radius auth.
Is there someone who do that ?
second question, if it's possible...
how to setup a failover if the first freeradius autentication server fails ?
Thank you for every help
Laurent
-
List info/subscribe/unsu
actually, according to the 802.1X document, Session-Timeout MUST be sent
along with the Termination-Action attribute, so you should add both of
these to your reply attributes.
just a remark, because it's too often forgotten.
ciao
artur
Alan DeKok wrote:
>
> "Zhang, Defu" <[EMAIL PROTECTED]>
jjlopez,
This won't help much now that you've already installed it, but I
install Freeradius using Stow, so that I can easily uninstall/upgrade
it.
Stow homepage: http://savannah.gnu.org/projects/stow
Download: ftp://ftp.gnu.org/pub/gnu/stow/stow-1.3.3.tar.gz
Thursday, March 11, 2004,
Hi All,
I have been reading through the documentation, and I am having a little
problem connecting some of the how-to's about FreeRadius 0.93. We have a
FreeRadius 0.4 that I inherited and I am reading the Radius O'Reilly
book, but still missing something.
Problem. I don't understand how 'authent
How can uninstall freeradius ?
I need uninstall, for install other version
or
How Update freeradius
Thanks
-
This mail sent through IMP: http://horde.org/imp/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Mike Sturdee <[EMAIL PROTECTED]> wrote:
> I have radius set up to log accounting to a MySQL database. It currently
> holds a couple years worth of logging from several thousand users, so it's
> quite large.. Problem I'm having is if I do a select that will return a
> couple hundred entries, or any
Not really a FreeRADIUS question, but anyway:
For complex queries and/or queries with large result sets MySQL, using
MyISAM tables, will produce a temporary table to fulfill the request. To
ensure that it gets a consistent (temporary) table, MySQL locks the
entire (real) table during this process,
One solution may be to change your insert statements in sql.conf from
"Insert" to "Insert Delayed".
you can read some here:
http://www.mysql.com/doc/en/INSERT_DELAYED.html
Post back to the list if it works.
I'm no guru, so back up your sql.conf before making changes :)
-Mike
- Original
I have radius set up to log accounting to a MySQL database. It currently
holds a couple years worth of logging from several thousand users, so it's
quite large.. Problem I'm having is if I do a select that will return a
couple hundred entries, or anything other than the simplest of queries,
radius
Dave Mason <[EMAIL PROTECTED]> wrote:
> My module returns "RLM_OK" if it works and "RLM_NOOP" if not.
Why? That's what RLM_MODULE_FAIL is for.
> RFC 2866 says that if an accounting record cannot be stored, no
> response should be sent. I find that if I have only two accounting
> modules turn
"Zhang, Defu" <[EMAIL PROTECTED]> wrote:
> In our appication this timeout is too short to complete authentication.
> We need to increase Session-Timeout to a larger number in seconds.
>
> Question:
>
> How to change/config this attribute?
In the "users" file. Add a reply attribute.
>
Didier Conchaudron <[EMAIL PROTECTED]> wrote:
> Vendor-Specific = 0x0c04c302 <---
> NAS-IP-Address = 10.3.50.2
> NAS-Port-Type = Virtual
> Client-IP-Address = 10.3.50.2
> Timestamp = 1078992827
>
> Ethereal said it's Cisco-Disconnec
It could be. Can you post your whole users file or is that line the only
one there? Also, what would it
look like in active directory showing that a user is the member of that
group? You have to make sure you are doing the correct ldap search to
active directory to find that a user is a member o
Dustin Doris,
Thank you for the help! Here is the information.
I have the following group attributes set under LDAP in my radius.conf:
groupname_attribute = Router_Admins
groupmembership_filter =
"(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectCla
On Thu, 11 Mar 2004, Albers Darren wrote:
> Hello all,
>
> I am attempting to use FreeRadius to authenticate based on a group in active
> directory. I have it performing authentication using LDAP against
> Active-Directory fine, but I would like to restrict it based on group
> membership. From w
Hello all,
I am attempting to use FreeRadius to authenticate based on a group in active
directory. I have it performing authentication using LDAP against
Active-Directory fine, but I would like to restrict it based on group
membership. From what I can determine I should use the users file to ena
Update Freeradius to daily snapshot and All ok. Sorry.
>
>
> Hi all!
> I cant insert the Av-Pair value to sql.
> My NAS send me:
> Cisco-AVPair = "xpgk-src-codec=g729 T38fax "
> Cisco-AVPair = "xpgk-dst-codec=g729 T38fax "
> Cisco-AVPair = "h323-remote-id=30
Update Freeradius to daily snapshot and All ok. Sorry.
>
>
> Hi all!
> I cant insert the Av-Pair value to sql.
> My NAS send me:
> Cisco-AVPair = "xpgk-src-codec=g729 T38fax "
> Cisco-AVPair = "xpgk-dst-codec=g729 T38fax "
> Cisco-AVPair = "h323-remote-id=30
"Eng, Joseph" <[EMAIL PROTECTED]> wrote:
> How does one configure the server to generate an Access-Challenge
> response when it gets an Access-Request from the client?
It's automatically defined by the protocol you're using.
> I do not want to use CHAP or MS-CHAP or any extentions like
> EAP.
I am trying to use freeradius with a Cisco VoIP gateway to auth and acc
prepaid cards. This is what I did:
Installed the following:
- Perl 5.8.3
- PostgreSQL 7.4.2 (with perl)
- Freeradius 0.9.3
I followed the instructions from postgres/src/billing concerning using
freeradius with prepaid cards.
Guys,
I'm trying to compile freeradius with LDAP support on Solaris 9 and the
compile is erroring out. I've googled and read the thread
http://lists.cistron.nl/pipermail/freeradius-users/2003-February/016497.html
and I still can get this thing to compile. Here is what I'm using as the
configure lin
Hi all!
I cant insert the Av-Pair value to sql.
My NAS send me:
Cisco-AVPair = "xpgk-src-codec=g729 T38fax "
Cisco-AVPair = "xpgk-dst-codec=g729 T38fax "
Cisco-AVPair = "h323-remote-id=304"
In dictionary.cisco I insert same string:
ATTRIBUTE h323-re
> "rlm_eap_tls: Received unexpected tunneled data
> after successful handshake."
>
I had the same problem a while ago. It turned out the
error lay with the generated certificates.
I never pinpointed the exact problem (i fiddled with
the scripts a lot), so i can't give any detailed
solution but
On Wed, 10 Mar 2004, Alan DeKok wrote:
> "Pavol Zibrita" <[EMAIL PROTECTED]> wrote:
> > Is there some way how to map clients (from accounting log) to for example
> > dhcp ip address assigments?
>
> Look at the logs, and try to compare MAC addresses.
>
> > Or is there some way to get dhpc "comm
Unpack the source and cd into the doc directory. Look for the file proxy.
On Wed, 10 Mar 2004, Sayantan Bhowmick wrote:
> hi all
> i want to know how i can configure my radius server as a proxy server
> which sends requests to another main server. where all do i have to make
> changes. what chan
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
i've installed freeradius with mysql support and i want that's a user 'franck'
could ONLY log one time.
In radreply's tables, i've put : franck Simultaneous-Use := 1
But, when i'm testing with ntradping on 2 computers, i can log 2 times :(
I am trying to use Freeradius 0.9.3 with PostgreSQL 7.4.2 and Perl 5.8.3 so
do prepaid billing for Cisco. I configured everything that was in the README
file in the src/billing directory and when starting radius, a 'segmentation
fault' message appears whenever a request is sent to it, crashing the
Hi!
> > We need to know who had which ip when connected to AP to backtrack
> > activities on net.
>
> Try Arpwatch: http://www.securityfocus.com/tools/142
>
> In some case if the user doesn't use dhcp, arpwatch is a useful tool
> to map ip address to mac address so it is easier to backtrack activi
Selon Alan DeKok <[EMAIL PROTECTED]>:
> You can comment-out the "$INCLUDE dictionary.altiga" line, and
> uncomment "$INCLUDE dictionary.cisco.vpn3000".
Great! It works for the first of the 2 previous unreadable attributes but
there's still one that isn't recognized.
Thu Mar 11 09:13:47 2004
Hi!
> "rlm_eap_tls: Received unexpected tunneled data after successful
handshake."
>
> The conf file is default for the build apart from the location of the
certs,
> and tls is uncommented to enable. I have attempted to run the server as
root
> as ssl can be difficult with permissions. Below is de
32 matches
Mail list logo
