Dear all:
I had free radius server 0.9.3 running and every thing is going will, and
the Simultaneous-use is working fine, I defined the Simultaneous-use to be
1, but I want to be allowed to skip simultaneous-use check when the radius
request come from a specific router.
Can I do that?
Is
Hello everyone,
as you probably remember I had the following problem on the conversation
between my Access Point and the client: after the EAP Change Cipher Spec
message sent from the server to the client everything was blocked (I mean no
more messages exchanged).
However, i noted that my
Hi all,
I cant figure out what Im doing wrong with the cisco_vsa_hack = yes.
I have it defined in the radiusd.conf and when starting radiusd -X I see
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = yes
Module: Instantiated
Hi All,
Is there a way to add number of SQL statements into SQL.conf to execute
for each Accounting START/STOP packet?
I need to update multiple tables with stats once radiusd receives
accounting START or STOP packet.
Please see my current SQL.CONF entries below.
Can I write ?
I'm having difficulty understanding the processing of the users file.
I've read it and the O'Reilly _Radius_ book but I'm still having
problems.
Here's my environment:
I have a legacy radius server (10.1.4.51) that validates user name /
password combinations.
I am creating a freeradius (0.9.3)
On Tue, Apr 27, 2004 at 01:13:19PM -0400, Alan DeKok wrote:
Thomas Bridge [EMAIL PROTECTED] wrote:
Currently I have a Cisco BAS terminating broadband customers. Most of
our customers would have their PPP connection terminate on the BAS, but
I would like to forward customers who specify a
Steve OBrien [EMAIL PROTECTED] wrote:
Has anyone successfully tested the new mschap ntlm_auth code with EAP yet?
Not me, but people I know.
If it works for plain MS-CHAPv2, it will work for PEAP.
The only problem with ntlm_auth is that it requires you to *also* be
running winbindd and
Hi,
I am working with free radius and a cisco AS5300. Now i am only using it for
accounting logs. I would like to use it as authenticar too. Could any body
show me wich parameters should i set in the users file for each user of my
voip gateway ??
Regards
-
List info/subscribe/unsubscribe? See
Hello,
I have the following problem:
how can I remote authenticate (in his home network) a user and, at the same
time, authorize him locally?
Basically my scenario is as follows:
A mobile user belonging to the network A moves to the network B.
The network B proxies the authentication request to
Hi
I have downloaded and installed pam_radius_auth on a Gentoo Linux box. It
sort-of works, however not always as I expect.
Before I bore the list with trivial questions which might have been answered
previously, perhaps someone can point me in the direction of an FAQ or some more
background
Steve OBrien [EMAIL PROTECTED] wrote:
When trying to test this with PEAP I occasionally get the ntlm_auth
attempting to use winbindd but mostly I just see the EAP
conversation(which is known good).
If there's a User-Password available, the MS-CHAP module will use
that. To force ntlm_auth,
How to enable Cisco-Avpair attribute?
How to enable Cisco dictionary?
Thanks in advance for your help, I'm inexpert!
Monica M.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Not that I know of using standard methods.
If you were using PostGreSQL you could use 'rules' for inserts and
updates that could invoke additional actions.
See:
http://www.postgresql.org/docs/7.4/interactive/rules-update.html
FreeRadius does work with PostGreSQL.
[EMAIL PROTECTED] wrote:
Hi
Hello,
I have the freeradius server v0.9.3 installed. It
works with PAM clients under Linux, and with W2K
dial-in via a NAS Windows (under W2K server).
I'm now trying to configure a switch Catalyst 3750 to
be the NAS, but it still doesn't work.
Here is the actual configuration of the switch:
aaa
Morning folks,
Im trying to get accounting data to go to our
billing radius server, and our authentication/authorization to go to be
requested. I tried inputting:
radius-dev(config)#radius-server host 4.3.2.1
auth 1812
radius-dev(config)#radius-server host 1.2.3.4 acct
1813
but
Brent Geach [EMAIL PROTECTED] wrote:
when with the Cisco-AVPair all I want to log it to mysql is:
pre-session-time=4
nas-rx-speed=9600
Do those attributes exist in the dictionary.cisco file?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Not sure if caps is important but they are there eg
ATTRIBUTE Cisco-PreSession-Time 198 integer Cisco
Or should I edit this (left this as the original standard was) to reflect
pre-session-time ?
On Wed, 28 Apr 2004, Alan DeKok wrote:
Brent Geach [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 28 April 2004 10:53, RH List Account wrote:
radius-dev(config)#radius-server host 4.3.2.1 auth 1812
radius-dev(config)#radius-server host 1.2.3.4 acct 1813
Use this:
radius-server host 4.3.2.1 auth-port 1812 acct-port 0
radius-server
Title: Re: Cisco config to use two radius servers
On Wed, 2004-04-28 at 10:53, RH List Account wrote:
Morning folks,
Im trying to get accounting data to go to our billing radius server,
and our authentication/authorization to go to be requested. I tried
inputting:
hi rob,
try this:
radius-server host [ip-first-auth] auth 1812 acct 0
radius-server host [ip-fallback-auth] auth 1812 acct 0
radius-server host [ip-first-acct] auth 0 acct 1813
radius-server host [ip-fallback-acct] auth 0 acct 1813
--
gerald
-
List info/subscribe/unsubscribe? See
Title: Re: configuring the NAS
Try setting the ports on the switches config, I will bet you are running
on 1812 and 1813 and the switch is using 1645 and 1646.
Ted
On Wed, 2004-04-28 at 10:53, deborha malka wrote:
Hello,
I have the freeradius server v0.9.3 installed. It
works with PAM
I believe I've lost my mind.
I have a NAS unit (USR Netserver PRI) that will not authenticate
on a radius server running on OpenBSD/sparc64. The shared secret
and password decoding is the problem - Freeradius thinks the secret is wrong.
I compiled Freeradius-0.9.3 identically under NetBSD
Perfect. Thanks all.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gerald
Krause
Sent: Wednesday, April 28, 2004 2:37 PM
To: [EMAIL PROTECTED]
Subject: Re: Cisco config to use two radius servers
hi rob,
try this:
radius-server host [ip-first-auth]
I've set up sqlcounter and I'm on testing right now, the next step is
prepaid cards and still dont know how to do them
Rogelio Alvarado Anchisi
Ing. de Sistemas
Galaxy Communications Corp.
Tel. +507-2000128
Fax.+507-2000132
Cel. +507-6744093
-Original Message-
From: [EMAIL
I've set up sqlcounter and I'm on testing right now, the next step is
prepaid cards and still dont know how to do them
read the subscription list
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ok, I set up sqlcounter and made my tests. And it keeps doing failures
because the sqltrace never shows the sql sentences for accounting. I
don't know if it's the table or if it could be something else that is
jamming my stuff.
Questions:
How do I have to fill the radcheck and userinfo in order
I am sending an authorization packet from radclient with vendor specific
attribute:
Cisco-AVPair=ip:xxx
along with username and correct password.RADIUS server authorizes the user
with access-accept packet with Cisco-AVPair=ip:yyy, which confuses me.
Because in the users file on server side
Andre Dalle [EMAIL PROTECTED] wrote:
I have a NAS unit (USR Netserver PRI) that will not authenticate
on a radius server running on OpenBSD/sparc64. The shared secret
and password decoding is the problem - Freeradius thinks the secret is wrong.
I recall OpenBSD issues...
I've actually
Hello all,I am using Freeradius 0.9.3 on a X86 machine runningGentoo Linux. I compiled Freeradius myself fromsource. I am using Ascend Max for NAS. We are
authenticating users from authentication data in a
MySql database. I am also using the PHP interface
called "Dialup Admin".
I need to collect
Shah, Nishant B [EMAIL PROTECTED] wrote:
I am sending an authorization packet from radclient with vendor specific
attribute:
Cisco-AVPair=ip:xxx
Ok... I don't see why, though.
RADIUS server authorizes the user
with access-accept packet with Cisco-AVPair=ip:yyy, which confuses me.
Patrick Bartkus [EMAIL PROTECTED] wrote:
What I want it to do is check that if a request comes from my Lucent
MAX 6000 dial-up server, that it verifies that this user is a member of
a unix group called dialupgrp. I put the Lucent NAS in a huntgroup
called dialserver. If the user is in the unix
Alan DeKok [EMAIL PROTECTED] said:
Shah, Nishant B [EMAIL PROTECTED] wrote:
I am sending an authorization packet from radclient with vendor specific
attribute:
Cisco-AVPair=ip:xxx
Ok... I don't see why, though.
RADIUS server authorizes the user
with access-accept packet
Shah, Nishant B [EMAIL PROTECTED] wrote:
YES I DO HAVE SPECIFIC QUESTION.
AS FOR EXAMPLE,
No need to shout.
If the user sends a packet with Cisco-AVPair=ip:xxx
attribute and Cisco NAS is using RADIUS for authorization, what does RADIUS
do besides authorization.
I don't mean to be
Alan DeKok [EMAIL PROTECTED] said:
Shah, Nishant B [EMAIL PROTECTED] wrote:
YES I DO HAVE SPECIFIC QUESTION.
AS FOR EXAMPLE,
No need to shout.
I apologise for that, I didn't mean to shout. sorry if I hurt someone's
feelings
If the user sends a packet with Cisco-AVPair=ip:xxx
Kaczmarek, Thaddeus wrote:
...snip...
DISCLAIMER
e-mail, and any attachments thereto, is intended only for use by the
addressee(s) named herein and may contain legally privileged and/or
confidential information. If you are not the intended recipient of
this e-mail, you are hereby notified
Hi,
According to the comments in radiusd.conf file for reply_log,
it should be logging the Access-Rejects as well. But, I am seeing only the Access-Accept
messages only. Is there anything
else that I need to configure to get the Access-Rejects as well.
Thanks,
Htin
No.. you told it to log to stderr. That's what -lstderr means.
If you don't say -lstderr, logging goes to wherever it says in
radiusd.conf, usually radius.log somewhere.
Unless... if you mean that the radius.log is one created by
daemontools...
Logging had been working fine for almost
37 matches
Mail list logo