Hello,
I would like to authorize the user against LDAP, and if LDAP returns error
or not found set Auth-Type = Reject. What do I have to write in radiusd.conf
to get this?
I know that if no Auth-Type is set, the user will also be rejected, but
this is not enough for me, because m
В сообщении от 19 Апрель 2004 12:43 Roberto Pioli написал(a):
> I'm beginning to test freeradius for voip billing with cisco 5300
> equipment; I'm going use the cisco_h323_db_schema-postgres.sql.
> There's a graphic interface like dialup_admin that can be used with this
> database?
Only selfmaded.
You can try enabling
usercollide to yes
and reload freeradius, however, follow what is
recommened.
- Original Message -
From:
俊宏
To: [EMAIL PROTECTED]
Sent: Monday, April 19, 2004 9:00
AM
Subject: [please help me]user
collision
Hi All,
I want to u
Hello freeradius-users,
I need to create a check attribute depending on how much seconds or
octets user have. Ideal, i would like to equate reply attribute to a
newly created check attribute or to turn reply to check attribute. I
need this to differentiate users by their limits and give th
Hello Milver,
Monday, April 19, 2004, 1:30:05 PM, you wrote:
>> I need to create a check attribute depending on how much seconds or
>> octets user have. Ideal, i would like to equate reply attribute to a
>> newly created check attribute or to turn reply to check attribute. I
>> need this
> I need to create a check attribute depending on how much seconds or
> octets user have. Ideal, i would like to equate reply attribute to a
> newly created check attribute or to turn reply to check attribute. I
> need this to differentiate users by their limits and give them
> ip address
Hi,
In short, this mail is about EAP methods
accessing/using the EAP identifier field.
In details, after reading the Packet modification
attacks paragraph in the RFC 2284bis ("It is
RECOMMENDED that methods providing integrity
protection of EAP packets include coverage of all the
EAP header field
=?iso-8859-1?Q?Alejandro_Mart=EDnez_Marcos?= <[EMAIL PROTECTED]> wrote:
> I would like to authorize the user against LDAP, and if LDAP
> returns error or not found set Auth-Type = Reject. What do I
> have to write in radiusd.conf to get this?
Nothing.
> I know that if no Auth-Type i
Hi,
I would like to configure my aironet 1100 AP for 802.1x. I want to know who to setup the AP to forward incoming packet to the Radius server, Precisely how to inform the AP about the Radius server and the secret key. As well as how to enable EAP on AP.
Regards,
Aoun.
University of Stuttga
On Mon, 2004-04-19 at 03:00, äå wrote:
> The configuration in FreeRadius with PEAP is ok. But just do not know
> how to config other parameters to achieve the "usercollide" with
> "failover".
User collision is not possible with PEAP/EAP-MSCHAPv2 as user collison
processing takes place in the aut
this is imho not a help service for cisco hardware. however, i'm sure
that by opening a web browser and connecting to your AP 1100 address you
will find all the answers you need, quasi automagically. just read the
web pages of the ap, it is self-explanatory.
ciao
artur
Aoun Shah wrote:
Hi,
I am new to this list, so please correct me if I am not formatting this email correctly.
I have FreeRadius 0.9.3. It is running on redhat 7.2. LDAP is authenticating against Novell Edir. It works beautifully. I have an issue though with multiple objects in the directory with the same name, but
Hi All
I’ve got a Freeradius 0.9.3 server proxying
requests to a Cistron server.
The problem I’m having
is that the ip address of the NAS is used when
allowing the request. The NAS is on ADSL with a changing IP address.
Is it possible to have the freeradius server’s ip
making the req
On Mon, 19 Apr 2004, John Hottel wrote:
> I am new to this list, so please correct me if I am not formatting this
> email correctly.
>
> I have FreeRadius 0.9.3. It is running on redhat 7.2. LDAP is
> authenticating against Novell Edir. It works beautifully. I have an
> issue though with multiple
Hi all,
i have a strange problem with an ascend. probably this
is not freeradius' fault, but anyway, perhaps someone
is familiar with this type of problem.
i am running freeradius 0.9.1 with mysql support. all
dial-in's to the ascend are denied with "auth: login incorrect"
message. here is what
Hi,
As Alan DeKok advised us, we upgraded to the latest CVS snapshot on
17/04/2004... and now it's working fine, thanks :-)
Pascal Polleunus wrote:
Hi,
We are trying to do VoIP accounting using Cisco material but we've
problems with the attribute "Cisco-AVPair".
We've defined "with_cisco_vsa_
Jerome Warnier wrote:
...snip...
There is also a crontab file in this directory, which uses most the
other scripts there, but needs fixing before being (optionally) put into
/etc/cron.d. This file needs fixing anyway, because it currently points
to /usr/local/...
Did not use any yet, so you are pro
Hi,
i´am movin away from Cistron and now having a issue with the different
behavior
both servers have. Ciston calls users twice once at the time sending the
resquest and
second when the answer from the home server is recievd.
Could matche there then based on realms, usernames and wildcards.
Wich
Hello,
Does anyone know how I could compile freeradius in C++ using g++ instead of
gcc ?
I am not very familiar with the underlying configure mechanism , all i know
is to type 'configure' an then 'make' ...
many thank's.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/use
Hello, I'm new, have read the archives, the FAQ but still can not get this
right:
I want to set up a freeradius server to use for testing a new (Vendor ID
CableLabs = 4491) set of "Vendor-Specific" attributes.
With the radclient I can make "normal" requests and all is fine ( I get
replies, I can
"[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote:
> Does anyone know how I could compile freeradius in C++ using g++ instead of
> gcc ?
Why? There's no C++ code in FreeRADIUS, so there's no point in
using a C++ compiler.
> I am not very familiar with the underlying configure mechanism , all i kn
"Holger Steppke" <[EMAIL PROTECTED]> wrote:
> Now i need same function with Freeradius. Well i think a
> "post_proxy_authorize = yes"
> would do and my usersfile is parsed again.
Yes. That's what it's there fore.
> Is there a better way of doing it in freeradius ?!
That depends on what you
Philipp Steinkrueger <[EMAIL PROTECTED]> wrote:
> Mon Apr 19 16:38:22 2004 : Auth: Login incorrect:
> [account-name1/\263\350>\027\271\240\365] (from client rade port 0)
> Mon Apr 19 16:38:27 2004 : Auth: Login incorrect: [account-name2/\034y]?
> \341\207\371] (from client rade port 0)
The shar
Johan <[EMAIL PROTECTED]> wrote:
> 1) What do I put in stead of "foo": Vendor-Specific = "foo"
> (How do I get the Vendor ID in there, and the vendor specific data .)
Nothing.
> 2) I suspect I somehow use dictionaries. If so can someone please give me
> an example of how to use one of the exis
At 11:41 19/04/2004, you wrote:
"[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote:
> Does anyone know how I could compile freeradius in C++ using g++
instead of
> gcc ?
Why? There's no C++ code in FreeRADIUS, so there's no point in
using a C++ compiler.
I am writing a module that need to use C++
On Mon, 2004-04-19 at 17:13, Guy Fraser wrote:
> Jerome Warnier wrote:
> ...snip...
>
> >There is also a crontab file in this directory, which uses most the
> >other scripts there, but needs fixing before being (optionally) put into
> >/etc/cron.d. This file needs fixing anyway, because it current
Hi,
Running freeradius -x, we get the following:
...
Listening on authentication x.x.x.x:1812
Listening on accounting x.x.x.x:1813
Ready to process requests.
rad_recv: Accounting-Request packet from host y.y.y.y:1646, id=84,
length=461
...
Sending Accounting-Response of id 84 to y.y.y.y:1646
In ra
Hi,
i think i wrote already on this list that i migrating from cistron to
freeradius 0.9.3 so there i found anothere point i like to highlight.
It is subject to discuss. maybe its wanted that way don´t know.
Bascily adding multiple Attributes from the same name does work with +=
adding an attrib
> Hi,
>
> Running freeradius -x, we get the following:
> ...
> Listening on authentication x.x.x.x:1812
> Listening on accounting x.x.x.x:1813
> Ready to process requests.
> rad_recv: Accounting-Request packet from host y.y.y.y:1646, id=84,
> length=461
> ...
> Sending Accounting-Response of id 84
Pascal Polleunus <[EMAIL PROTECTED]> wrote:
> What's wrong, our config or is it just the output?
There's nothing wrong. The server is doing exactly what you're
telling it to do, and is doing exactly the right thing.
You're getting confused about the port the clients is sending the
packet *fr
>> Hi,
>>
>> Running freeradius -x, we get the following:
>> ...
>> Listening on authentication x.x.x.x:1812
>> Listening on accounting x.x.x.x:1813
>> Ready to process requests.
>> rad_recv: Accounting-Request packet from host y.y.y.y:1646, id=84,
>> length=461
>> ...
>> Sending Accounting-Respons
Frédéric EVRARD wrote:
Hi,
Running freeradius -x, we get the following:
...
Listening on authentication x.x.x.x:1812
Listening on accounting x.x.x.x:1813
Ready to process requests.
rad_recv: Accounting-Request packet from host y.y.y.y:1646, id=84,
length=461
...
Sending Accounting-Response of id
Pascal Polleunus <[EMAIL PROTECTED]> wrote:
> Sorry, I didn't mention that everything is working fine! We want to use
> the ports 1812/1813 and the NAS are sending on port 1813.
> If the NAS were not sending on the same port FreeRADIUS is listening on
> it should not work, right?
Again, you're
"Barry" <[EMAIL PROTECTED]> wrote:
> The problem I'm having is that the ip address of the NAS is used when
> allowing the request. The NAS is on ADSL with a changing IP address.
Ok... that's not much of a problem. Just list the whole network in
"clients.conf". There are examples there for list
can anyone elaborate more of the "Expiration" attribute?
is it an attribute of password age or expiration for password?
i am am trying to play around for an expiration attribute -- expiration for
an account
from MySQL table and not from system accounts, using freeradius under FC1.
anyone?
//milver
Hello all. I've searched, but I haven't been able to find an easy way
to make this work.
I'm currently using a DEFAULT entry to fill out our standard reply
items. I would like to have a different default entry to be used when
the username exists, but the password is incorrect, and a third to
"Daniel W. Halverson" <[EMAIL PROTECTED]> wrote:
> I'm currently using a DEFAULT entry to fill out our standard reply
> items. I would like to have a different default entry to be used when
> the username exists, but the password is incorrect, and a third to be
> used when the username doesn't
Where do I find sqlcounter.conf, also what I mean to say when I want 100
hours of dialup
not in 1 session but if a user connects monday for 20 hours, then
tuesday for 30 hours, etc,
after 100 hours was used for the entire month I want it to disable the
account, is there a way
to do this in freer
Thanks for the quick response. With failover, would you be able to
detect if a user exists in the users file, but the password doesn't
match? I'll grab the CVS tonight and check it out.
Thanks again.
Dan
Alan DeKok wrote:
"Daniel W. Halverson" <[EMAIL PROTECTED]> wrote:
make use of rlm_sqlcounter.
- Original Message -
From: "Devin Atencio" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, April 19, 2004 10:53 PM
Subject: Disconnect account after 100 hours of total time used?
>
> Where do I find sqlcounter.conf, also what I mean to say when I wan
On Sun, Apr 18, 2004 at 03:51:12PM +0200, Jerome Warnier wrote:
> On Sun, 2004-04-18 at 15:13, Paul Hampson wrote:
> > On Sun, Apr 18, 2004 at 12:33:53PM +0200, Jerome Warnier wrote:
> > > On Sun, 2004-04-18 at 05:43, Paul Hampson wrote:
> > > > On Sat, Apr 17, 2004 at 11:41:27PM +0200, Jerome Warn
Alan DeKok wrote:
Pascal Polleunus <[EMAIL PROTECTED]> wrote:
Sorry, I didn't mention that everything is working fine! We want to use
the ports 1812/1813 and the NAS are sending on port 1813.
If the NAS were not sending on the same port FreeRADIUS is listening on
it should not work, right?
A
42 matches
Mail list logo
