unsubscribe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> Thanks. I already read all of that and i did everything he said to do. I'm
happy that i read that because it was the only thing that >really helped me
to get started with freeradius in general. I followed all of the directions
and got the thing running using text file >authentication, then i fo
Hello all,
I have some questions:
1. How do I have to add attributes (all the steps
plese !) that my freeradius server 0.9.3 will take
from my LDAP database, and forward to the dial-up
client ?
2. Here is the configuration of my NAS (Cisco Catalyst
3750 switch):
aaa new-model
aaa authentica
Thanks for the reply Alan!
for each AuthColumnDef Radiator compare a value returned from SQL with a
value from the user request
>Which is a great feature, and probably wouldn't be too hard to add to
FreeRADIUS.
Well, this feature will be added really to the next releases of freeradius ?
Can I
Hello,
I need to set up a Red Hat 9 Linux machine as RAS server with the PAM
module to be used with FreeRADIUS.
I need to be able to add/remove users using a database which is inturn
used by FreeRADIUS. However, as I read in a posting in this list, the
usernames should also be contained in the Li
hi alan,
1-i tried inserting new attributes into the main dictionary file itself
inspite of that these values from dictionary.ascend are taken.
the surprising thing is that on the radclient i get the
Ascend-PW-Lifetime=-1 in access-accept but on the server side it is ahown
as MAC-Addres
You may want to do some reading in the freeradius/doc directory - take a look
at the rlm_sql file in particular - one thing that is mentioned is the
"driver" for the sql database is really just a "shim" used to connect the
freeradius server to the database through the database client application
Hi all,
I have two questions that some might have the answer.
I can't seem to find it anywhere so I'll try here! :)
1ST)
Is there a way to prevent loops on authentication/accounting?
My scenario is that I have several servers that authenticate (TTLS &
PEAP) on a Realm base, and use a proxy server
Hi Ernie,
This is really not a Freeradius issue - you probably would do better to ask this sort
of question on the FreeBSD list - they should be able to point you in the right
direction...
Now - having said that - I use FreeBSD (currently the 5.2.1 version) but don't run the
security
that high
Milver, Can you please tell me the command line that i have to enter to
recompile freeradius with support to rlm_sql module? I'm running Linux
Redhat 9, Mysql 3.23 and freeradius-0.9.3. Thank you.
- Original Message -
From: "Milver S. Nisay" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent
>From a previous solution:
About freeRADIUS:
1. We suppose that you MySQL installs under /home/mysql
2. ./configure --prefix = /home/radius --with-rlm-sql_mysql-include-dir =
/home/mysql/include/myql 3. make && make install 4. mkdir /home/radius/src
5. cp
/home/freeradius-0.9.3/src/modules/rlm_sql/
Hello,
i need configure freeradius to manage two ranges
of
IPs, Poll A y B, i need that freeradius assign IPs
from
pool A and when this is full, start assign from
Poll B.
I have read the documentaction but i do not known
how i
must configure it. lredady I have running
freeradius
version 0.93
Hello! I am trying to authorise some users with freeradius and pgSQL.
Anyone know what I must put into radcheck and radreply tables? Or any other
tables, for that matter?
It is an easy enough thing: I want to authorise username="callerid" and get
a response attribute with the account number. How
"Linda Pagillo" <[EMAIL PROTECTED]> wrote:
> Milver, Can you please tell me the command line that i have to enter to
> recompile freeradius with support to rlm_sql module? I'm running Linux
> Redhat 9, Mysql 3.23 and freeradius-0.9.3. Thank you.
Normally, you don't have to do anything. FreeRADI
Manjunath M Prabhu <[EMAIL PROTECTED]> wrote:
> 1-i tried inserting new attributes into the main dictionary file itself
> inspite of that these values from dictionary.ascend are taken.
The client doesn't see dictionary updates on the server.
And please read my original response, whic
I have already setup my radius server (Freeradius0.9.3).
I use clear-text password in local configuration file, and it works.
But i can't see any accounting report in my server, in
/var/log/radius/radacct.
Do somebody know how to solve this problem.
Thank you
Monica M.
-
List info/subscribe/un
Vlasis Hatzistavrou <[EMAIL PROTECTED]> wrote:
> Is there a way to authenticate the users without having to create the
> usernames in the Linux RAS, but only by "asking" FreeRADIUS for
> authentication?
Yes. PPPd can do that, or if not, there are patches to make it do that.
Alan Dekok.
-
L
"Luis Guido" <[EMAIL PROTECTED]> wrote:
> Is there a way to prevent loops on authentication/accounting?
Theoretically, yes. Practically, due to wonderful servers like
Merit, it's difficult.
You can use the "pre-proxy" section to add vendor-specific
attributes to the proxied request, and then
Juan" <[EMAIL PROTECTED]> wrote:
> i need configure freeradius to manage two ranges
> of
> IPs, Poll A y B, i need that freeradius assign IPs
> from
> pool A and when this is full, start assign from
> Poll B.
You can create two IP pools (rlm_ippool), and then fail-over from
one to the other (d
Thanks, Alan!
This worked great!
>From reading the Jonathan Hassell _Radius_ book, I thought realms were
just for cross-ISP authentication. But you've shown me a whole new use
for them.
That's the wonderful thing about freeradius. It will do about anything
you want; and there are probably 3 way
I have a Access-Request packet from NAS that looks like:
User-Name = user1
Password = user1
Cisco-AVPair = "ip:9.3.41.17"
On server, user1 is defined in users file with password user1 and Cisco-
AVPair = "ip:9.3.141.1".
I want to authorize user based on the password and Cisco-AVPair
= "ip:9.3.1
Hi Alan,
sorry if I bother you again but I need some explanation...
Briefly the point is: can I take authorization decisions based on the realm
(for instance to block the access to my local ftp server for user of a
specified realm) info BEFORE proxying the authentication?
If the answer is yes,
James <[EMAIL PROTECTED]> wrote:
> Briefly the point is: can I take authorization decisions based on the realm
> (for instance to block the access to my local ftp server for user of a
> specified realm) info BEFORE proxying the authentication?
Yes.
> If the answer is yes, what should I modif
> I have already setup my radius server (Freeradius0.9.3).
> I use clear-text password in local configuration file, and it works.
> But i can't see any accounting report in my server, in
> /var/log/radius/radacct.
> Do somebody know how to solve this problem.
>
you can search the list for rlm_mysq
> Hello,
>
> i need configure freeradius to manage two ranges
> of
> IPs, Poll A y B, i need that freeradius assign IPs
> from
> pool A and when this is full, start assign from
> Poll B.
>
> I have read the documentaction but i do not known
> how i
> must configure it. lredady I have running
Eduard <[EMAIL PROTECTED]> wrote:
> Well, this feature will be added really to the next releases of freeradius ?
If someone supplies a patch.
> Can I make sugestions and request features?
Sure, but it's unlikely to happen unless someone else needs it, too.
Alan Dekok.
-
List info/subscr
Hello again:
I've been trying for days to get freeradius working
with Mysql. I'm using Linux Redhat 9, Mysql 3.23 and Freeradius-0.9.3 At first i
configured freeradius without any options.. i was able to get it working
perfectly using text file authentication. Then i started to configure th
Hello again:
I've been trying for days to get freeradius
working with Mysql. I'm using Linux Redhat 9, Mysql 3.23 and Freeradius-0.9.3
At first i configured freeradius without any options.. i was able to get it
working perfectly using text file authentication. Then i started
it should work, one box that i have is
the exact platform, RH9, MySQL 3.23+freeradius 0.9.3 and it's still working,
it's not a
bug, there must be something wrong with your
config.
by the way, i can offer my service to you, setting
up freeradius+mysql, (administration is optional) not for m
"Linda Pagillo" <[EMAIL PROTECTED]> wrote:
...
Please edit your text so it's not all one run-on sentence.
Arranging text neatly not only looks pretty, it ensures that the ideas
are communicated clearly.
> When i edited my sql.conf and radiusd.conf files to use the Mysql, i
> received this error
"Michael Markstaller" <[EMAIL PROTECTED]> wrote:
> I'm getting some strange leading "\000" in some L2tp-attributes within
> accounting records like (IPs are changed):
> Tunnel-Server-Endpoint:0 =3D "\00010.11.1.1""
It's a bug.
I've committed a fix to the CVS head, which will be in 1.0.0
On Apr 30, 2004, at 1:37 PM, Alan DeKok wrote:
"Michael Markstaller" <[EMAIL PROTECTED]> wrote:
I'm getting some strange leading "\000" in some L2tp-attributes within
accounting records like (IPs are changed):
Tunnel-Server-Endpoint:0 =3D "\00010.11.1.1""
It's a bug.
Just out of curiosi
Hi,
I've seen your posts and you have my sympathy. The best I can say is
that everything magically works if it's set up right. I think you've
already seen the web site with the config notes?
My suggestions would be to rebuild with a fresh dump from the tar file,
in case you made some changes
Chris Brotsos <[EMAIL PROTECTED]> wrote:
> Just out of curiosity, was this bug just recently introduced into the
> system? I ask because we are running a CVS head after 0.9.3 and don't
> have this problem.
No, it's most likely due to a client doing weird things.
If the tag is zero, then the
Hello all,
We are in the process of testing 802.1x authentication for future
deployment on campus. Our test setup includes the following:
freeradius-snapshot-20040427 running on RHEL 3.0 AS
Configured for PEAP with MSCHAPv2 using SAMBA's winbind/ntlm_auth
Multiple AD domains (smb.conf points to a
Hi Mr.DeKok,
Your previous post said "Normally, you don't have to do anything.
FreeRADIUS will find MySQL, and automatically build the rlm_sql_mysql
driver."
When i configured freeradius the first time, i didn't do anything special. I
just did the basic ./configure and that was it.
As i posted p
"Linda Pagillo" <[EMAIL PROTECTED]> wrote:
> Your previous post said "Normally, you don't have to do anything.
> FreeRADIUS will find MySQL, and automatically build the rlm_sql_mysql
> driver."
FreeRADIUS will find it: IF MYSQL EXISTS ON YOUR SYSTEM.
It is very clear that the MySQL developmen
"Dourty, Brian R. (IATS)" <[EMAIL PROTECTED]> wrote:
> 1. Keeping in mind that user1 in domain1 can auth as long as domain1
> isn't supplied why does supplying domain1 cause the auth to fail?
Because the MS client does the MS-CHAP calculations using the
username without the domain, but supplies
>
> FreeRADIUS will find it: IF MYSQL EXISTS ON YOUR SYSTEM.
I agree.
>
> It is very clear that the MySQL development package DOES NOT exist
> on your system. No amount of playing games with FreeRADIUS is going
> to install the MySQL development package. Stop playing with
> FreeRADIUS, it's
> "Dourty, Brian R. (IATS)" <[EMAIL PROTECTED]> wrote:
> > 1. Keeping in mind that user1 in domain1 can auth as long
> as domain1
> > isn't supplied why does supplying domain1 cause the auth to fail?
>
> Because the MS client does the MS-CHAP calculations using
> the username without the do
On Apr 30, 2004, at 2:04 PM, Alan DeKok wrote:
Chris Brotsos <[EMAIL PROTECTED]> wrote:
Just out of curiosity, was this bug just recently introduced into the
system? I ask because we are running a CVS head after 0.9.3 and don't
have this problem.
No, it's most likely due to a client doing weird
Does anyone know if this has been done?
Ernie A.
Riverside,CA
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Fri, Apr 30, 2004, [EMAIL PROTECTED] wrote:
>
>Does anyone know if this has been done?
I've been using it for quite a while, built as packages under the
OpenPKG.org packaging system.
Bill
--
INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Systems, Inc.
UUCP: camco!bill P
Hi,
Wondering if something is wrong with my questions and therefore,
ignored. If any one has some info for these, I would like to know. I
appreciate it.
Thanks,
Htin
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:freeradius-
> [EMAIL PROTECTED] On Behalf Of Htin Hlaing
> Sent:
44 matches
Mail list logo
