Hi,
I fixed few minor mistake and a little improvement in the oracle SQL file
(oraclesql.conf) and modified the SQL commands to create the NAS table
(db_oracle.sql). I attached at the end the two patches, and following there
is the description of changes for oraclesql.conf.
1) fixed a typo in t
On Mon, 31 May 2004, Alan DeKok wrote:
> You can do:
>
> .ntlm_auth = "/path/to/ntlm_auth ... --username=%{mschap:User-Name}
> --domain=%{mschap:NT-Domain} .."
>
> And the MSCHAP module will take care of doing that for you.
>
Thanks for the tip, works perfectly.
> > Unfortunatley the W
Hi,
Could any one explain how construct the Message-Authenticator attribute
for an access-request. Any sample implementation using java in
constructing the Message-Authenticator will be helpfule.
Regards,
Barath Kumar
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.h
Is there anyone actually running freeradius on Mac OS X?
I'm trying version: radiusd: FreeRADIUS Version 0.9.3, for host
powerpc-apple-darwin7.4.0, built on May 28 2004 at 11:30:54
and I've compiled it on both 10.3.4 and 10.2.8 but it fails to load the
eap module. It's compiled with --disable-sha
Hello,
i want to use Freeradius with PEAP.
Have compiled and configured the newest Package available from
freeradius.org (1.0.0-pre1).
When i start the Daemon it will die with the following error:
***
Tue Jun 1 10:31:35 2004 : Debug: radiusd: entering modules setup
Tue Jun 1 10:31:35 2004 : De
Hi Alan,
> > I've got a serious problem with customers connection the freeradius-
> > server with username an password.
>
> I'll say. You're trying to authenticate users, but you haven't told
> FreeRADIUS what their password is.
I tell freeradius the password in the profile. isn´t that the ri
Hi Juan,
i wrote some shell scripts to support rudimentary failover for ippools:
Basically there are two identically configured radius-servers
radius1 and radius2
each time one of them added/removed an ip to/from pool the
script is executed and updates the "other" server
the first script "radp
Sorry, I just discovered a problem that didn't show up
on initial testing. Luckily it showed up on my PPC machine.
If you're building on a big-endian machine, compilation will
fail on md4.c due to missing definition of htole32. Or at
least it does on Linux.
Here's the patch, already comitted to C
On Mon, 31 May 2004, Alan DeKok wrote:
> "Juan" <[EMAIL PROTECTED]> wrote:
> > i have read configurable_failover for three times but i can not do
> > that freeradius failover with ippool. I have two pools that i want
> > to use then for all my users. I need that freradius start to asign
> > IPs fr
> > 3. Is there a way to put the rlm_ modules in /usr/lib/freeradius while
> > the main libraries stay in {prefix}/lib?
>
> Which "main" libraries?
Well, I was under impression that libradius.so and perhaps libeap.so
could be used by other programs as well ... I guess I was wrong...
compiling
OK, I have several Mikrotik based hotspots out there. They auth users
via RADIUS. I'm now running FreeRadius 1.0.0.
I right now can auth users on them via FreeRadius - works great - and
I'm using MySQL which is even better.
Only problem is, right now they all get non-expiring sessions when the
Rick,
You'll want to use the rlm_sqlcounter module. You can set a
Max-All-Session = 36000 to limit a user to 10 hours of total access for
example. FreeRadius will calculate how much time was used and set the
Session-Timeout attribute automatically.
Hope that helps,
Keith Yoder
Rick Smith escr
On Tue, 1 Jun 2004, Rick Smith wrote:
>
> OK, I have several Mikrotik based hotspots out there. They auth users
> via RADIUS. I'm now running FreeRadius 1.0.0.
>
> I right now can auth users on them via FreeRadius - works great - and
> I'm using MySQL which is even better.
>
> Only problem is, r
> Hi group
>
> Is there a guide somewhere on how to add users on FreeRADIUS ??
>
> Im new to linux, and radius, and need a complete HOWTO on how to add
> users.
Here's many howto for 802.1x/EAP-TLS with WinXP & FreeRADIUS, maybe you
will want to use an other EAP method, but I hope that can help yo
I know the rlm_sqlcounter module is there.
I just need to find an example on how to set up FreeRadius to use it.
I'm very familiar with writing sql queries, just not in this
environment.
Anyone have a sample radiusd.conf and sql.conf for calculating
Session-Timeout's ?
> -Original Message-
Rick Smith escreveu:
I know the rlm_sqlcounter module is there.
I just need to find an example on how to set up FreeRadius to use it.
/doc/rlm_sqlcounter tells you everything you need to know.
Keith Yoder
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Bill,
Is your actual username "User\\, Asteroid"? That does not look
correct to me. I would assume that you are looking for
"CN=User\\,OU=Asteroid"... If the comma is indeed a part of the username,
you may want to try to remove it as commas have a special meaning in LDAP.
Also, make su
> Hi,
>
> I am using EAP authentication protocol. When I send an access request
> from the NAS to the Radius Server, the server rejects the request.
> Please let me know how to resolve this problem. The log messages of the
> radius server are as follows:
>
> Log Messages:
>
> rad_recv: Access-Reque
> > rlm_counter: Packet Unique ID = '0d62303b8e51c196'
> > rlm_counter: Could not find Service-Type attribute in the
> request. Returning
> > NOOP.
>
> But rlm_counter cannot find it, since it's not included in
> the accounting stop
> packet. So try commenting out the allowed-servicetype direct
Package versions:
kernel-2.4.22-1.2188.nptl
glibc-2.3.2-101.4
gcc-3.3.2-1
The ntlm_auth as used by the rlm_mschap module employs
exec-program-wait.
--Mike
On Mon, 2004-05-31 at 23:43, Sergei Golod wrote:
> Just exec-program or exec-program-WAIT? What version of libc6 used in FC1?
>
> Sergei.
"Markus Ebel" <[EMAIL PROTECTED]> wrote:
> > I'll say. You're trying to authenticate users, but you haven't told
> > FreeRADIUS what their password is.
>
> I tell freeradius the password in the profile. isn't that the right
> way.
Yes... but obviously it isn't being used. Read the debug out
Damjan <[EMAIL PROTECTED]> wrote:
> Well, I was under impression that libradius.so and perhaps libeap.so
> could be used by other programs as well ... I guess I was wrong...
Don't make assumptions about what I meant, it's rude.
Currently, the "configure" process puts all of the libraries in
In my case kernel 2.6 (2.6.6) used :(
- Original Message -
From: "Michael Griego" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, June 01, 2004 7:31 PM
Subject: Re: Latest freeradius and NPTL fail
Package versions:
kernel-2.4.22-1.2188.nptl
glibc-2.3.2-101.4
gcc-3.3.2-1
The nt
"Peter M. Geiser" <[EMAIL PROTECTED]> wrote:
> i want to use Freeradius with PEAP.
> Have compiled and configured the newest Package available from
> freeradius.org (1.0.0-pre1).
> When i start the Daemon it will die with the following error:
...
> freeradius: relocation error:
> /usr/lib/freerad
yes, who are neither in users nor in the SQL db.
ciao
artur
ro0ot wrote:
So, it will reject users that is not in the /etc/raddb/users file?
Regards,
ro0ot
NGUYEN Tuan Anh wrote:
It works!!
Thank you very much Artur!!
Ciao
Artur Hecker wrote:
hi
ok, that's a bit messy though. take a look at the mys
hi
Thx for your help Artur, but I forgot to say my authenticator is a Cisco
switch 3550, then not a wireless access-point. There's something I don't
understand, with PEAP or EAP-MD5, the windows 2000 supplicant answer to
identity request send by the switch but with EAP-TLS, it stay sleeping
withou
Hi Artur,
> hi
>
>
>> Thx for your help Artur, but I forgot to say my authenticator is a Cisco
>> switch 3550, then not a wireless access-point. There's something I don't
>> understand, with PEAP or EAP-MD5, the windows 2000 supplicant answer to
>> identity request send by the switch but with EAP-
hi Frederic
I think, they are well installed, like it's explained in most HOWTOs, but..
then i don't know.
What do you want to say is that win2K is going to take EAP-Identity value
in client certificate, before EAP-TLS challenge start ??
I don't think so, it doesn't work like that with Xsupplican
The documentation for the functionality of the "other" nastype when
used with Simultaneous login blocking is substantially lacking. The
documentation in doc/Simultaneous-Use mentions that "other" means
don't check. However, the checkrad.pl script has an entry in it for
"other". This is misleadin
Ted Cabeen <[EMAIL PROTECTED]> wrote:
> The documentation for the functionality of the "other" nastype when
> used with Simultaneous login blocking is substantially lacking. The
> documentation in doc/Simultaneous-Use mentions that "other" means
> don't check.
Pretty much.
> However, the chec
"Alan DeKok" <[EMAIL PROTECTED]> writes:
> Ted Cabeen <[EMAIL PROTECTED]> wrote:
>> The documentation for the functionality of the "other" nastype when
>> used with Simultaneous login blocking is substantially lacking. The
>> documentation in doc/Simultaneous-Use mentions that "other" means
>> do
Ted Cabeen <[EMAIL PROTECTED]> wrote:
> Right. But if you change the behavior of checkrad to always allow on
> other, nothing happens because it's over-ridden in the code. If the
> other nastype doesn't do anything, it either shouldn't be defined in
> checkrad or there should be a comment
Hi Group
Im installing FReeRadius EAP/TLS and stumpled
upon this in the howto:
"edit the parameters in the
[req_distinguished_name] section to match your locale and information" in the
openssl.cnf
What does this mean ? Could someone plz give
me an example on what should be written in the
"Alan DeKok" <[EMAIL PROTECTED]> writes:
> Ted Cabeen <[EMAIL PROTECTED]> wrote:
>> Right. But if you change the behavior of checkrad to always allow on
>> other, nothing happens because it's over-ridden in the code. If the
>> other nastype doesn't do anything, it either shouldn't be defined
Title: Cygwin 2.427 patches for Freeradius 0.9.3
Many thanks to Phil Blow for the doc/CYGWIN instructions...here's an update to the patches for compiling the 0.9.3 release under Cygwin v2.427. I have no idea where else to submit them, and apologize if this was incorrect. I will not respond t
Hi
I have installed FreeRadius with EAP/TLS according
to this howto http://www.impossiblereflex.com/8021x/eap-tls-HOWTO.htm
I have carefully, step by step, analysed the
scripts and my settings, but keep getting this output :
rlm_eap: EAP_TYPE - tlsrlm_eap: processing type
tlsrlm_eap_tls
Hi,
I have the latest 0.93 available on SuSE Professional 9.1 and need to proxy
in-bound requests based upon the called phone number.
The most obvious way would be to add a realm name to the 'user name' and proxy
based upon the full account name matched to a called phone number. i.e. "fred.
[E
Hi!
I use a freeradius 0.9.3.
Is it possible to give a user more than one NAS Server in the
first line ??
On the old livingston radius server you had to make two user
entries, when ou tried to enable a user to dialin on more
than one dialin server.
Is this by the freeradius the same ?
Are there a b
hi jacob
I have installed Cistron Radius 1.6.6 on my redhat 9.0 machine. My goal is
to authenticate all users on a wireless 802.1x network, and here are the
specs.
huh... i'm not sure cistron radius does 802.1X; perhaps you should take
freeradius, the latest pre-release...
Router: 10.10.0.1
Gat
On Tue, Jun 01, 2004 at 01:39:13PM +0200, Damjan wrote:
> > > 3. Is there a way to put the rlm_ modules in /usr/lib/freeradius while
> > > the main libraries stay in {prefix}/lib?
> >
> > Which "main" libraries?
>
> Well, I was under impression that libradius.so and perhaps libeap.so
> could be
Frédéric EVRARD wrote:
Hi group
Is there a guide somewhere on how to add users on FreeRADIUS ??
Im new to linux, and radius, and need a complete HOWTO on how to add
users.
Here's many howto for 802.1x/EAP-TLS with WinXP & FreeRADIUS, maybe you
will want to use an other EAP method, but I hope t
Hello,
I´m trying to install freeradius+mysql+mpd (vpn server) on FreeBSD 5.1, does
any one know some howto about freeradius and mpd ??
Thanks
Rui Oliveira
Portugal
http://www.segurmelis.pt
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Am Di, den 01.06.2004 um 23:10 Uhr +0100 schrieb paul hanson:
> Hi,
>
> I have the latest 0.93 available on SuSE Professional 9.1 and need to proxy
> in-bound requests based upon the called phone number.
>
> The most obvious way would be to add a realm name to the 'user name' and proxy
> b
43 matches
Mail list logo
