This is just a question of curiousity and no real need of an answer,
but has anyone set up FreeRADIUS on Smoothwall? Is that even
possible?
It's not something I'm looking at doing since the Smoothwall server
has plenty to do as it is (firewall, IDS, DHCP, web proxy, etc...)
Evan
-
List
Hi all
I have a wireless network setup authenticated by freeradius using WEP. This
setup works perfectly fine. Now i want to setup WPA support with freeradius. I have
configured my Airport Base Stations for WPA Enterprise. When using with the
client, there 3 requirements
1) Network Name
2)
Dear Team,
While starting the radius server with TLS configuration, the following
error occurs. Does any one have any idea reg this error:
28547:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:637:Expecting: CERTIFICATE
28547:error:06065064:digital envelope
Hello,
I just upgraded a machine from the 0.9.3 Debian package to 1.0.0.
Everything seemed to work smoothly, but upon closer inspection it
started to give login failures for _some_ accounts. I've been unable
to determine what causes this, as other accounts in the same realm
kept on working fine.
Beast ,
Can u check with u R VPN which password authentication method
is support reason in past i had same probs with my vpn server i was
try to using with MikroTik VPN server n it was not work with MSCHAP
but it working with PAP working perfect so please find out support
which are
Hi Kaspar,
What I'd like to do now is to tell my local radiusd to rewrite the
requests coming from the remote radiusd and containing my local realm so
that they won't get proxied back to the remote server (loop). I think it
would suffice to simply strip the realm from the incoming proxied
Hi,
The patch checked out OK and has been committed.
BTW, how do you do that kind of testing? Does everyone of the
developpers have lots of software and hardware clients to do
all kind of testing or what?
Excuse the stupid question, but I'd like to play a bit with
EAP-TTLS and PEAP
James,
We have gotten LEAP to work with Cisco access points. My last posting
on the subject might help if you haven't gotten there yet...
However, we have not been able to get LEAP for Cisco's WDS worked out.
All of the access points in the group authenticate successfully, but
On Tue, Aug 31, 2004 at 12:44:21PM -0400, Alan DeKok wrote:
Erik Immers [EMAIL PROTECTED] wrote:
detailfile = ${radacctdir}//detail-${Huntgroup-Name}
I tried to do this but it just ignores it.
I tried using an % instead of an $, but then the server wont even start.
Try using
As a followup, I did convert the cistron type users file
manually to the new format. It didn't change the behavior
one bit. My suspicion would be that another special
character used in passwords here might have turned unusable,
but I have no real evidence for that. Any developer that
can think
I am running freeradius 1.0.0 intergrated with mysql 4.0 for
authentication and accounting. I have installed and configured the
dialup_admin package to allow for web interface management of the
server, but it does not seem to work. I am able to test the server and
get a successful
[EMAIL PROTECTED] escreveu:
I could ban or reject a specific CallingStationID? , the only examples I seen is on a
specific user or group of users, on file /etc/users
...
and I think it worked just fine, the question now is, I could have this Called, and
Calling stations id in a sql table, so
Hello list!
almost made one counter by myself,but it functions like simple
Session-Timeout. What should i add to this query not to allow user log
in after the time returned by query is = then one set in the data base
for the user?
sqlcounter hours {
counter-name=Hours-Counter
I have been working on a solution for Free Radius and integrating it into the Informix
database from scratch now for 2 days.
All is gone well as well as can be expected. I promise to post a HOW-TO after
completion.
I am using the unixodbc connector to connect the radius server to a remote
phorced access [EMAIL PROTECTED] wrote:
On a packetstorm mirrior this weekend I saw a new RADIUS test package.
Downloaded it and noticed there were scripts for exploiting
vulnerabilities with FreeRADIUS.
They're not exploits, so much as remote crashes.
Has anyone looked into this package
=?GB2312?Q?=BD=F0=BA=E9=D0=F1?= [EMAIL PROTECTED] wrote:
can freeradius receive IKE Pre-shared Secret Request(Type:26)
and send Pre-shared secret?
It's in the dictionary (dictionary.3gpp2), but the server doesn't
support it.
If you have code, documentation for how it works, or
prabhdeep [EMAIL PROTECTED] wrote:
I have setup Service-Type Attribute in radgroupreply to 1 i.e.
Login-User, but
radacct table is not updated accordingly. Infact, the field remains empty.
The radacct table logs attributes from the request, not the reply.
Alan DeKok.
-
List
Mahesh S Kudva [EMAIL PROTECTED] wrote:
When using with the
client, there 3 requirements
1) Network Name
2) Username
3) Password
I have the network name. what is the username and password?
The name of the user, and the users password. WPA has the users log
into the wireless network,
=?big5?B?QmFpIKXVqXalTg==?= [EMAIL PROTECTED] wrote:
Is your mean the cisco don't send the authenticate method
to freeradius?
No. I mean that the user gives their password to the Cisco box,
which gives it to the RADIUS server. The RADIUS server cannot
authenticate the user
Running Freeradius with Mysql fedora core 2
I'm trying to add a user in a one line command ..
I've been trying something like this... although I think I have the syntax
wrong and I have not found a instance of an example in my searching...
mysql radius -e INSERT into userinfo (UserName, Name,
Christian Balzer [EMAIL PROTECTED] wrote:
And now the broken one. The record for that user is in the same users
file as the previous one, of course.
...
modcall[authorize]: module files returns notfound for request 1
Nope, it's not.
auth: No authenticate method (Auth-Type) configuration
[EMAIL PROTECTED] wrote:
BTW, how do you do that kind of testing? Does everyone of the
developpers have lots of software and hardware clients to do
all kind of testing or what?
No. The developers do some testing, but we don't have the time or
money to test against all clients.
Excuse the
Brad Dixon [EMAIL PROTECTED] wrote:
However straight back in came the error.
rlm_sql unknown attribute Password
WHY ?
I'd say it's not in the dictionary. I don't know why
It really seems like a dictionary problem.
Yup.
However this server works fine for users in the users
Mike Lampson [EMAIL PROTECTED] wrote:
When I run radiusd -X, all behaves as expected. The Access-Reject is sent
after the delay time indicated by the reject_delay setting.
However, when I run radiusd as a deamon without any parameters, the
Access-Reject is delayed by reject_delay +
David [EMAIL PROTECTED] wrote:
Setting hardware considerations aside for the moment, what is
the max number of realms that FreeRadius can proxy to?
There is no pre-set limit.
If there are many realms, the server may slow down a bit. That can
be fixed by moving the realm code to use trees,
If there are many realms, the server may slow down a bit. That can
be fixed by moving the realm code to use trees, rather than linked
lists.
Thanks for the information. I am not familiar with moving the realm code
to use trees. Can you expand on that or point me in the right direction.
Hello,
Christian Balzer [EMAIL PROTECTED] wrote:
And now the broken one. The record for that user is in the same users
file as the previous one, of course.
...
modcall[authorize]: module files returns notfound for request 1
Nope, it's not.
Yes, it quite is. Same file, works fine with
david [EMAIL PROTECTED] wrote:
Thanks for the information. I am not familiar with moving the realm code
to use trees. Can you expand on that or point me in the right direction.
Much of the server code has been updated to use red-black binary
trees. See src/main/request_list.c.
The list
Christian Balzer [EMAIL PROTECTED] wrote:
And of course is not quite feasible and acceptable, having a few ten
thousand users with a % in their password. I was suspecting % for a
moment earlier, but _some_ users with that in their PW worked, most likely
because they didn't match the
Brad Dixon wrote:
rlm_sql unknown attribute Password
WHY ?
Have a look in the dictionary file and you won't find such attribute!
You need the User-Password attribute :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List
Cris Boisvert wrote:
mysql radius -e INSERT into userinfo (UserName, Name, Mail) Values
('blahtest3', 'blahtestname3', 'blahtestmail3');
Odd question for the freeradius list :)
You need quotes around the query!
mysql radius -e INSERT INTO ... ( ...) VALUES ( ...);
--
Regards,
Thor Spruyt
Thank you for the response. It is sad that they did not try and
contact you. When can we expect the new release?
Thank you!
On Wed, 01 Sep 2004 10:13:58 -0400, Alan DeKok [EMAIL PROTECTED] wrote:
phorced access [EMAIL PROTECTED] wrote:
On a packetstorm mirrior this weekend I saw a new
phorced access [EMAIL PROTECTED] wrote:
Thank you for the response. It is sad that they did not try and
contact you. When can we expect the new release?
We hope within a week or so.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Excuse the stupid question, but I'd like to play a bit with
EAP-TTLS and PEAP (possibly submitting some patches at a later
time) and don't really know how to even generate suitable queries
to test what I'm doing. :-(
Use various clients.
--verbose ?
I.e. can you recommand
[EMAIL PROTECTED] wrote:
I.e. can you recommand some free, software based EAP-TTLS client which
allow(s) testing a large variety of inner protocols?
xsupplicant, alfa arris...
Google can help, too.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
xsupplicant, alfa arris...
Thanks a lot.
Google can help, too.
Sure. However, that gave me lots of references to lots of
different stuff, all of which I never heard of (while I've
been using various RADIUS stuff for quite some time, I'm
completely new to the world of EAP protocols ...).
On 1 Sep 2004 at 8:34, Keith Yoder wrote:
I changed the default SQL queries to do this. I'll try to explain how
(using MySQL).
First I created a table to store the bad CallingStationIDs.
CREATE TABLE `bad_callingstationids` (
`CALLINGSTATIONID` varchar(18) NOT NULL default '',
Sounds like your PEM file isn't really a PEM file.
A PEM file looks like this:
-BEGIN CERTIFICATE-
MIICTjCCAfigAwIBAgICIQUwDQYJKoZIhvcNAQEFBQAwTjELMAkGA1UEBhMCVVMx
snip
6xlBaIsuMxnHmr89KkKkYlU6
-END CERTIFICATE-
-
List info/subscribe/unsubscribe? See
On Wed, 01 Sep 2004 10:36:14 -0400, Alan DeKok wrote:
Thanks Alan...
Of course, Informix returns a 64 char field each time, so Password would have 58 white spaces after it...
Set the char field to 8 chars and presto.
I'll have to have a think how this can be rectified permenantly.
Title: Message
Dear
users,
I have read
rlm_acct_unique doco and the mailing list archive and I would like to ask the
following question.
I have manged to get
this module working (i.e. generating unique Session IDs).
I'd like to know
under which circumstances if any this module will
Alan wrote:
Christian Balzer [EMAIL PROTECTED] wrote:
And of course is not quite feasible and acceptable, having a few ten
thousand users with a % in their password. I was suspecting % for a
moment earlier, but _some_ users with that in their PW worked, most likely
because they didn't match
Dear Ben,
I used the certificate file which I have attached with this mail.
It has the format which you have mentioned. but still the error comes.
Do you have any idea reg why this error occurs.
--
Regards,
S.Suresh Babu
' You must be the change you wish to see in the world.'
-M.K.Gandhi.
Bag
Title: Re: freeradius 1.0.0 crashes on oracle errors
Message: 12
Date: Tue, 31 Aug 2004 12:13:46 +0300
From: Kostas Zorbadelos [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: freeradius 1.0.0 crashes on oracle errors
Reply-To: [EMAIL PROTECTED]
On Tue, Aug 31, 2004 at
43 matches
Mail list logo