actually it's the latest version that you have on your
website (not the cvs).
--- Alan DeKok [EMAIL PROTECTED] wrote:
Apu islam [EMAIL PROTECTED] wrote:
I just downloaded the pre 1 release of the
freeradius
Why? -pre3 has been out for a while. Try it
instead.
Alan DeKok.
-
Hello Alan, David.
David, you realy should ask Alfa Ariss about their product details,
not the FreeRADIUS developers.
Alan DeKok pravi:
[EMAIL PROTECTED] wrote:
Does SecureW2 (1.0.9) support only PAP ?
AFAIK: Yes. 2.x supports EAP and Windows EAP module (EAP-TTLS-EAP-xxx)
It is possible to do
Hi there
Im using 1.0.0-pre3 to authenticate users with ldap as backend. In the
LDAP-tree I have md5 passwords. When I configure the Network Access Server
to use PAP it works fine, but with CHAP it does not work. I have read that
CHAP can not be used with encryptet passwords in the database, is
Hi! Can someone help me with this error message: Error: rlm_eap_tls:
conf N ctx stored
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi all,
I'm using a Netgear WG-302 Acces Point (using 802.1x with EAP-TTLS) in
combination with FreeRADIUS (1.0.0-pre3). The wireless clients receive
their WEP-Key correctly and can communicate to the wired network. But the
wireless clients can't communicate to each other. I guess it is more a
I had been using freeradius 0.9.3 for a while and now
for a larger deployment I am choosing pre3 with
postgres option. However, there are some discrapencies
I have noticed while I wanted to build it with
pgsql-voip with cisco vsa hack.
The database schema provided on
src/billing/cisco_xxx.sql file
Dear all,
my linux is not able to load radius.so as per my observation in
/var/log/message.
Can any body tell me in which package radius.so includes ??? so that i
can download and install it..
Help me ..
Regards,
joel
-
List info/subscribe/unsubscribe? See
Daniel Eyholzer wrote:
Hi there
Im using 1.0.0-pre3 to authenticate users with ldap as backend. In the
LDAP-tree I have md5 passwords. When I configure the Network Access Server
to use PAP it works fine, but with CHAP it does not work. I have read that
CHAP can not be used with encryptet
has anyone here used quintum box to authenticate to freeradius?
//milver
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
In short, yes you need a clear text password at the server end.
You have two choices:
a) store your passwords in your ldap database in clear test
b) use a reversible encryption algorithm to store your passwords, and
modify the rlm_ldap code to decrypt the user password as it pulls it out
of
hello,
i got a problem with radrelay.
its working and is relaying accounting data correctly to other radius
servers, but the problem is that the detail-combined file(radrely-log)
will grow infinitely. i dont know why, maybe its becaue i got many
accounting data in cause of accounting alive
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi everybody,
The version 0.6.4 of tinyca was just uploaded to the website
http://tinyca.sm-zone.net/
This version can be used to create certificates with extendedKeyUsage as
nescessary for certificate usage in windows. For extendedKeyUsage do:
Mitchell, Michael [EMAIL PROTECTED] wrote:
In short, yes you need a clear text password at the server end.
Okay.
b) use a reversible encryption algorithm to store your passwords, and
modify the rlm_ldap code to decrypt the user password as it pulls it out
of ldap.
This feature is not
b) use a reversible encryption algorithm to store your
passwords, and
modify the rlm_ldap code to decrypt the user password as it
pulls it
out of ldap.
This feature is not implemented yet?
Well its not a standard feature of freeRADIUS, and quite possibly
shouldn't be, so probably
Mitchell, Michael [EMAIL PROTECTED] wrote:
Well its not a standard feature of freeRADIUS, and quite possibly
shouldn't be, so probably never will be. ;-)
Why isn't it a standard feature? Is there an obvious reason? Are you all
storing your password in clear text in LDAP or whatever backend you
On 2004-07-15 at 13:55:04 +0200, Michael Schwartzkopff wrote (shortened):
This version can be used to create certificates with extendedKeyUsage as
nescessary for certificate usage in windows. For extendedKeyUsage do:
Setup - OpenSSL - ServerCertificate - extendedKeyUsage- AskUser
Setup -
Why isn't it a standard feature? Is there an obvious
reason? Are you all
storing your password in clear text in LDAP or whatever
backend you use? Or
are you just not using CHAP for authentication?
What is the added benefit of something that is encrypted where
the algorithm keys to decrypt
On Thu, 15 Jul 2004, Mitchell, Michael wrote:
In short, yes you need a clear text password at the server end.
You have two choices:
a) store your passwords in your ldap database in clear test
b) use a reversible encryption algorithm to store your passwords, and
modify the rlm_ldap code to
On Thu, Jul 15, 2004 at 03:07:44PM +0200, Oliver Graf wrote:
On Thu, Jul 15, 2004 at 02:35:03PM +0200, Daniel Eyholzer wrote:
Mitchell, Michael [EMAIL PROTECTED] wrote:
Well its not a standard feature of freeRADIUS, and quite possibly
shouldn't be, so probably never will be. ;-)
Why
Chan Min Wai (System Administrator) wrote:
Daniel Eyholzer wrote:
Hi there
Im using 1.0.0-pre3 to authenticate users with ldap as backend. In the
LDAP-tree I have md5 passwords. When I configure the Network Access Server
to use PAP it works fine, but with CHAP it does not work. I have read that
Daniel Eyholzer wrote:
Mitchell, Michael [EMAIL PROTECTED] wrote:
Well its not a standard feature of freeRADIUS, and quite possibly
shouldn't be, so probably never will be. ;-)
Why isn't it a standard feature? Is there an obvious reason? Are you all
storing your password in clear text in LDAP or
Vanessa Effelsberg [EMAIL PROTECTED] wrote:
Hi! Can someone help me with this error message: Error: rlm_eap_tls:
conf N ctx stored
Ignore it. It's a debugging message, erroneously labelled as an error.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
So we need to be able to support both PAP and CHAP.
We have a mixture of cleartext and encrypted passwords. Ideally we
would like to have PAP used for the encrypted passwords and either PAP
or CHAP for the clear text.
I am testing things out with an Ascend MAX authenticating against an
Hi.
I'm running freeradius 1.0.0-pre3 od RH9.0.
I have configured freeradius (with realm and IP pool) with PEAP support on
mysql backend. NAS is Cisco 1100 and client is CB21AG (Cisco) pcmcia
adapter. Authorization and authentification works ok.
But my problem is that my winXP didn't recieved IP
Hi,
I wrote a patch that enables regular expression matching for realms.
This patch allows to use regular expressions in the realm definitions,
so that wildcards are possible in realm names.
The example below shows a realm containing a regular expression,
matching anything like [EMAIL
Jan Satko [EMAIL PROTECTED] wrote:
I have configured freeradius (with realm and IP pool) with PEAP support on
mysql backend. NAS is Cisco 1100 and client is CB21AG (Cisco) pcmcia
adapter. Authorization and authentification works ok.
But my problem is that my winXP didn't recieved IP address
You're trying to use a PPP mechanism over an ethernet media. Wireless
clients use DHCP for the acquisition of IP addresses (and other
parameters), not Framed-IP-Address. Remove the IP-pool info from your
RADIUS server (unless you're also using dialup NASes) and put it onto a
server running
Hi,
I'm implementing an EAP method, named EAP-PSK, under
FreeRADIUS (See
http://perso.rd.francetelecom.fr/bersani/EAP_PSK/EAP-PSK.htm
for more details about this new EAP method).
I would like to implement EAP request reemission when
a bad response has been received in order to reduce
simple DoS
You're trying to use a PPP mechanism over an ethernet media.
Wireless clients use DHCP for the acquisition of IP addresses (and
other parameters), not Framed-IP-Address. Remove the IP-pool info
from your RADIUS server (unless you're also using dialup NASes) and
put it onto a server
Wireless authentication CANNOT assign IP addresses.
You have to use RADIUS to authenticte the wireless user, and DHCP to
assign the user an IP address.
So if I understand:
- user wireless user authentification and client IP address are two
independent problems.
- RADIUS logs contain MAC
Hello,
I am running FreeRadius 0.9.3 with ucd-snmp-4.2.6 on several Red Hat 9.0
servers. My radius servers are used primarily for proxying to other ISP's.
I am currently tracking the total number of access requests using SNMP and
a command similar to:
snmpget -v 2c -Of -c commstring localhost
David [EMAIL PROTECTED] wrote:
I would like to also know the total number of access rejects, accepts, dup
requests etc.
However when I use snmpget for those mibs, or snmpwalk, it always returns
counter32: 0 for those mibs.
0.9.3 doesn't keep those counters. 1.0.0 does.
Alan DeKok.
-
We are using a Zyxel Prestige 300 Series. The router connects via one
radius server (0.8.1) (yea yea...no comments on the fact that it is a
dinosaur...it works). Then we are using the router's interal radius
authentication to authenticate via a secondary radius server 1.0.0pre3.
I can see
- Original Message -
From: jesk [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, July 15, 2004 1:12 PM
Subject: radrelay problem
hello,
i got a problem with radrelay.
its working and is relaying accounting data correctly to other radius
servers, but the problem is that the
0.9.3 doesn't keep those counters. 1.0.0 does.
Has the official 1.0.0 been released or will pre3 be considered
the offical 1.0.0 release? I am getting ready to upgrade to 1.0.0
shortly.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- Original Message -
From: jesk [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, July 15, 2004 7:12 PM
Subject: Re: radrelay problem
- Original Message -
From: jesk [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, July 15, 2004 1:12 PM
Subject: radrelay
David [EMAIL PROTECTED] wrote:
Has the official 1.0.0 been released or will pre3 be considered
the offical 1.0.0 release? I am getting ready to upgrade to 1.0.0
shortly.
There are one or two one-line patches which will make 1.0.0-pre3
different from 1.0.0 final.
The final 1.0.0 will be
Is it possible to make radius tell the dial equipemnt to send the
password in clear text if it can't authenticate a CHAP password?
No.
In many cases, the NAS can't even control it. The client uses
CHAP, and there's no way for the NAS to tell it to use PAP.
We had a case of a service that
Hi,
Many thanks all developers, I have a [mostly] working MySQL based
freeradius server .. :)
Two queries however if someone could help;
a. I can't seem to get any accounting logs, either textual or MySQL
( radiusd.conf below, text log files are not created and nothing appears
in the radacct
Guys,
Per the original email (below), here is some more information (debug)
output. The symptons are that the radius users are all logging into the
Juniper with priv. level 10 (regardless of what the
ERX-Cli-Initial-Access-Level is set to). Here is what I'm seeing when I
run 'radiusd -X -A':
You don't want the Service-Type = Administrative-User for everyone
only for the few administrators.
On Thu, 2004-07-15 at 13:08, Robert Banniza wrote:
Guys,
Per the original email (below), here is some more information (debug)
output. The symptons are that the radius users are all logging
Gareth Bult [EMAIL PROTECTED] wrote:
a. I can't seem to get any accounting logs, either textual or MySQL
( radiusd.conf below, text log files are not created and nothing appears
in the radacct table)
The server logs data ONLY when it receives Accounting-Request
packets. This is in the FAQ.
I think this was done for Cisco enhanced Privilege levels so that we
could use Shell Levels of 15 for users.
On Thu, Jul 15, 2004 at 01:24:15PM -0600, Kenneth Grady wrote:
You don't want the Service-Type = Administrative-User for everyone
only for the few administrators.
On Thu, 2004-07-15
Hi,
The server logs data ONLY when it receives Accounting-Request
packets. This is in the FAQ.
Sure...
But then it should do this when someone authenticates .. leastways I was
expecting it to based on experience of other servers .. ?
Your shared secret is wrong.
Urm, no it's not ..
Hi Managers,
I am trying to configure my freeradius to except EAP-MD5 and I can not do it
PS: it is work with PAP only.
Any idea
Version freeradius-0.9.2
1) this is the log file when I us EAP-MD5:
rad_recv: Access-Request packet from host 199.107.194.20:32855, id=8,
length=77
45 matches
Mail list logo