I'm using freeradius 0.93... and FreeBSD 4.9
For below entry in proxy.conf, Is it possible to STRIP the username during
authentication but NOSTRIP while doing accounting.??
realm myself.com{
type= radius
authhost= LOCAL
accthost= LOCAL
** Reply to note from Nils =?ISO-8859-1?Q?R=F8nhovde?= [EMAIL PROTECTED] Wed, 11 Aug
2004 07:31:44 +0200
Hello,
I am a bit puzzled that radiusd says Ignoring deprecated command-line option -p
while usage() says:
-p port Bind to 'port', and not to the radius/udp, or 1646/udp.
I
On Wed, 11 Aug 2004 11:15:37 +0100
[EMAIL PROTECTED] wrote:
** Reply to note from Nils =?ISO-8859-1?Q?R=F8nhovde?=
[EMAIL PROTECTED] Wed, 11 Aug 2004 07:31:44 +0200
Hello,
I am a bit puzzled that radiusd says Ignoring deprecated
command-line option -p while usage() says:
-p
Hello All,
I am in the process of learning about and setting up simultaneous
usage and have a few questions about how it works.
1. What actually triggers a session to be logged in radutmp?
- Is it logged upon successful authentication of the user or
by the sending of an accounting
Hello,
After a recent near-disaster involving a power failure with our
hosting company that managed to slag the POS backup radius server, I've
finally gotten the go-ahead to purchase and install two identical
servers to act as primary and backup radius server. I was already using
Hi Leonard,
I'm afraid you don't. Wireless LANs are exactly like wired LANs in this
respect. The mechanism used to assign IP addresses to hosts (other than
static assignment) is DHCP. It is entirely possible to assign a static
address to a host using DHCP. You simply create a mapping between
On Wed, 11 Aug 2004, david wrote:
1. What actually triggers a session to be logged in radutmp?
- Is it logged upon successful authentication of the user or
by the sending of an accounting start-packet?
radutmp works for accounting. Check radiusd.conf and you will see. So
Nils =?ISO-8859-1?Q?R=F8nhovde?= [EMAIL PROTECTED] wrote:
That's obvious. I'm interested in why the feature is removed, and what my
alternatives to using it may be.
The feature was removed because it was awkward to implement. The
interaction between the configuration files command-line
Hi Alan and thanks for reply.
On Wednesday 11 August 2004 17:51, Alan DeKok wrote:
andrei [EMAIL PROTECTED] wrote:
But now i must authorize some Access-Request packets, which don't
have User-Name and User-Password attributes, using Calling-Station-Id
and maybe some vendor attributes .
I'm having a problem with the rlm_passwd and users file. I have a
working configuration with 0.9.3 that's not working under 1.0.0 and I
don't know why. Hopefully, a second set of eyes on the list will catch
this. I'm having this problem with a default radiusd.conf (with just
the passwd blocks
Is there any way to limit radius user access to
only certain radius clients via ip address?
TYLER JORDAN
Check scripts/users2mysql.pl in the source.
On Wed, 11 Aug 2004 13:22:02 +0200, Rens Houben [EMAIL PROTECTED] wrote:
Hello,
After a recent near-disaster involving a power failure with our
hosting company that managed to slag the POS backup radius server, I've
finally gotten the
OS = Solaris 9
ver = freeradius-1.0.0-pre3
I'm trying to get FreeRadius to strip the realm
from the User-Name before it proxies to another server. My attr_rewrite is
as follows:
attr_rewrite RmRealm
{
attribute =
User-Name
searchin =
packet
searchfor =
"^(+.)@mydomain.net"
David Hart a écrit :
Recent Broadcom wireless drivers in Dell laptops natively support
EAP-TTLS but do not send an outer User-Name.
Yes. I did not find any way to change this.
Apparently the standard permits this behavior,
That is what I understood when reading the draft (maybe
Hi, everyone.
I am fairly new to RADIUS/FreeRadius. I have FreeRadius running
smoothly, authenticating to either PAM or SQL based on which I set
radiusd.conf to use. I get the proper Attributes and options based on
that configuration as well.
I have multiple NAS devices that will be
In 2001 In installed RH 6.2 on a server with qmail (email), djbDNS, Apache,
etc. The system has been working fine except it is slow.
Now I want to move over a new server with RH9 authenticate using
freeRADIUS.
I noticed that in the old system (RH6.2), User Names (UID) Groups (GRP)
are
Hi Trevor:
why are you trying to use the attr_rewrite stuff for
proxying.
The simpler approach is to use the proxy.conf
and
use the 'strip' option
for e.g.
realm mydomain.net {
type= radius
authhost= anotherserver.mydomain.net
accthost=
Title: Message
Hi
All,
I am
using FreeRADIUS version 0.9.3, and would like to use LEAP as the eap
method and LDAP to authorize and authenticate the
user.
Using ethereal I see
that for authorize the bind dn is picked up as configured in
radiusd.conf
but when
Hi Mohammed,
That exactally what I needed thanks for the info!!
Trevor
- Original Message -
From: Mohammed Petiwala [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, August 11, 2004 1:13 PM
Subject: Re: Pre-proxy attr_rewrite problems
Hi Trevor:
why are you trying to use the
Kirti S. Bajwa [EMAIL PROTECTED] wrote:
I am physically copying /etc/passwd /etc/group files from old RH6.2 system
to the new RH9 freeRADIUS server. Since UID GID do not match, freeRADIUS
does not authenticate.
I'm not sure what you mean by that. Edit the passwd file if it's
wrong...
Alex Reynolds [EMAIL PROTECTED] wrote:
Has anyone successfully connected AEGIS clients to freeRADIUS (esp.=
using self-signed certificates)? Are there extra steps involved?
I've done it. I don't think there are any extra steps.
However, I cannot get AEGIS (10.2 and WinXP) 802.1x clients
Alan DeKok [EMAIL PROTECTED] wrote:
Kellogg, Chris [EMAIL PROTECTED] wrote:
I have a Cisco VPN device and a Cisco RAS device. Each is in a
different subnet with different requirements and options,
but both use
the same username/password to connect (Usernames are universal for
Hi ,
Using freeradius 0.9.3 with FB 4.9 OS
Try sending request using
"bacangtesting.com/bacang" and in radiusd.conf already configure 2
realm order i.e "realmslash" and "suffix"
But since i put the "suffix" above "realmslash"...
It will search only at "suffix" and once not found.. it will
Hello,
Kindly clear this doubt.
According to Radius RFC,
Session Timeout and Connectivity timeout are to sent by Radius Server in
Access-Accept,
Challenge packets.I need to know, whether a Radius CLient implementation can
configure these values by setting attributes in Access-request,
24 matches
Mail list logo