Thanks,
I will try to simulate the case on 1.0.0-pre release. But I am still
wondering why would the message "Error: Dropping conflicting packet from
client xxx: - ID: zzz due to unfinished request yyy" be repeated for
the same request. Does this mean that the NAS keeps resending the same
On Sat, 2004-06-26 at 22:25, Alan DeKok wrote:
> If your AP's can't do per-user WEP keys, then they can't do EAP-TLS,
> EAP-TTLS, or PEAP. It means that the *only* way you can secure the
> wireless connection is by making the clients use VPN's.
Technically speaking, there are APs that will do T
Alain Perry <[EMAIL PROTECTED]> wrote:
> Yep, got that. But as I said in one of my previous mails, that is not
> really possible in my case.
If your AP's can't do per-user WEP keys, then they can't do EAP-TLS,
EAP-TTLS, or PEAP. It means that the *only* way you can secure the
wireless connectio
> Which is why EAP-TLS, EAP-TTLS, and PEAP all provide per-user WEP
> keys.
Yep, got that. But as I said in one of my previous mails, that is not
really possible in my case.
> EAP methods do authentication, and *nothing* else. Even the WEP key
> sending is a hack on top of that, that the AP
Alain Perry <[EMAIL PROTECTED]> wrote:
> Yep. I guess I wasn't clear. Sorry for my english by the way. The thing
> is, WEP cannot be used in my case, since the WEP key is shared among
> users at a given moment,
Which is why EAP-TLS, EAP-TTLS, and PEAP all provide per-user WEP
keys.
> Can I send
On Jun 26, 2004, at 8:20 AM, Alan DeKok wrote:
David Stanaway <[EMAIL PROTECTED]> wrote:
radclient -f testpacket -c 1000 10.13.77.78 -q acct s3cr3t
This only logs 256 accounting packets. I think it is to do with the
requestid looping.
You didn't say if it *sent* 1000 packets. Odds are that it d
Le sam 26/06/2004 à 15:52, Michael Griego a écrit :
> Depending on your access points, this is not true. If you're using
> Cisco APs, for instance, you have per-user WEP keys generated so that
> each user can only decrypt his traffic. Any AP that claims WPA
> compliance should issue per-user keys
On Sat, 2004-06-26 at 09:32, Alain Perry wrote:
> Yep. I guess I wasn't clear. Sorry for my english by the way. The thing
> is, WEP cannot be used in my case, since the WEP key is shared among
> users at a given moment, which means any user can decipher data sent or
> received by any other user.
I can compile and start last snapshot using these otpions
on a suse9.1
CFLAGS="$RPM_OPT_FLAGS -I/usr/include/security -I/usr/include/et"
./configure \
--prefix=/usr \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--libexecdir=/usr/libexec \
--datadir=/usr/share \
> WEP with static keys is insecure. TTLS & PEAP include ways of
> rotating the keys before the data can be decrypted. It's not a problem.
Yep. I guess I wasn't clear. Sorry for my english by the way. The thing
is, WEP cannot be used in my case, since the WEP key is shared among
users at a give
Hello,
I have compiled Freeradius for building a Campus WLAN. I want to use TLS.
TLS is working flawless with openssl certifactes.
But, I don`t want the users to use a command line to generate their
certificate for authenticating to the network. I need a WebInterface.
Is there any way to use ce
Hi,
TLS works fine. When switching eap.conf to peap, Freeradius 1.0.0 pre 3
crashes.
I`m using Fedora Core 2 and Windows XP and 2K as Clients.
Any Ideas ?
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.1.230:2369, id=185,
leng
Wisam Najim <[EMAIL PROTECTED]> wrote:
> After my Radius runs for some time (2 or 3 days with no crashes) I will
> start getting "Error: WARNING: Unresponsive child (id mm) for request
> yyy" and the message "Error: Dropping conflicting packet from client
> xxx: - ID: zzz due to unfinished
David Stanaway <[EMAIL PROTECTED]> wrote:
> radclient -f testpacket -c 1000 10.13.77.78 -q acct s3cr3t
>
> This only logs 256 accounting packets. I think it is to do with the
> requestid looping.
You didn't say if it *sent* 1000 packets. Odds are that it did.
> In this case, only 256 packets
Simeon Penev <[EMAIL PROTECTED]> wrote:
> i have the following configuration in radiusd.conf:
>
>
> detail {
...
> but when i receive accounting request, the logging is:
...
Which shows that the detail module works.
What, exactly, do y
"James D. Munroe" <[EMAIL PROTECTED]> wrote:
> Has anyone tried or successfully been able to get Cisco-Leap to work
> using FreeRadius?
Lots of people. That's why the feature is there. It's been used
for over a year now.
If you can't get LEAP to work, I suggest running the server in
debuggi
Alain Perry <[EMAIL PROTECTED]> wrote:
> Yep, the problem is that the encryption is WEP isn't it ? I don't really
> mind that WEP is easy to break, since I could change the key often
> enough,
WEP with static keys is insecure. TTLS & PEAP include ways of
rotating the keys before the data can be
Helo!
I've a problem with accounting. Authenticating and accounting works
fine. But the Radius doesn't receive Acct-Stop. I don't know why.
When I reconnect, it receives that packet, but when I simply log out it
doesn't receive.
There is a problem with my NAS? Or with Winxp?
I'm using Freeradius
18 matches
Mail list logo
