Hi,
I am running FR 1.0.0 on RedHat9. I have 2 radius servers
set up primarily for proxying but we do have some locally managed
realms. I have 2 special cases where I need to add realm
information to our accounting data. I had been trying this
with attr_rewrite with little success.
Case 1: IS
I don´t know radius so deep but hope these attributes are here as well
as other initial details, aren´t?
Look at "radius -X" for
attr_rewrite add_realm {
attribute = User-Name
searchin = packet
searchfor = "[EMAIL PROTECTED]"
replacewith = ".%{NAS-Identifier}"
ignore_case = no
new_attribute
Hi all,
I'm upgraded to FreeRADIUS from an old version of ICRADIUS but having
trouble migrating my old tables. To start with, the radgroupreply table of
FreeRADIUS has two fields, op CHAR(2) and prio INT(10) not present in my
older ICRADIUS table.
I'm wondering if anyone can tell me what these
Zdenek Svarc <[EMAIL PROTECTED]> wrote:
> but attr_rewrite doesn't know %{NAS-Identifier} as well as others NAS*
> and Call* and points back only "user."
Are those attributes in the RADIUS packet? If not, they don't
exist, and can't be used.
And yes, when you run in debug mode, you will not
On Fri, 2004-09-17 at 09:35, Michael Hare wrote:
> For obviously security reasons I'd prefer not to publish my huntgroups file,
> but if it's deemed important for troubleshooting, I'll provide it.
Providing the full debug output would be a good start in anyone helping
with this problem. You may
I see errors and warnings. Can anyone tell me if this looks correect when I
try t compile with 'make', please?
[EMAIL PROTECTED] freeradius-1.0.0]# make
gmake[1]: Entering directory `/tmp/freeradius/freeradius-1.0.0'
Making all in libltdl...
gmake[2]: Entering directory `/tmp/freeradius/freeradi
"Stephan Pfeiffer" <[EMAIL PROTECTED]> wrote:
> is it possible to cache the authentication status?
It's done by default, in the cookie.
> atm the mod_auth_radius module ask on every webserver-request the
> radius-server.
That is not the default configuration.
Maybe the browser is blockin
Hello,
I just recently changed radius servers from Cistron to Freeradius. I love
it. However, I have about a dozen or so users with "&" in their username.
Everyone is able to login just fine except these users. I searched through
the archive and didn't find anything like this. Any help with
1233211233 has to be a member of the group test using
the usergroup table. Or you can add the Auth_type
attribute to the 1233211233 user
--- Dmitriy Milashenko <[EMAIL PROTECTED]> wrote:
> Hi, Amedzekor.
>
> Amedzekor wrote 17 ñåíòÿáðÿ 2004 ã., 17:37:00:
>
> > Yes freeradius works with quintums
Mike,
problem solved.
> This means that your supplicant is deciding not to proceed with the
> authentication for some reason. You have to figure out why the
> supplicant is refusing to complete the authentication.
yep, you're right. What it didn't like was the Usage Attributes
accompanying the ce
Because of my "NAS-Identifier as a part of stored user name" message I tryed:
attr_rewrite add_realm {
attribute = User-Name
searchin = packet
searchfor = "[EMAIL PROTECTED]"
replacewith = ".%{NAS-Identifier}"
ignore_case = no
new_attribute = no
max_matches = 1
append = yes
}
bu
Hi, Amedzekor.
Amedzekor wrote 17 сентября 2004 г., 17:37:00:
> Yes freeradius works with quintums.
> I think you need to add sql in the authorize section
> of your radiusd.conf
well it is already there
you can see that radius sends "authorize_check_query" to the database
>> rlm_sql (pgsql-voi
hi,
is it possible to cache the authentication status? atm the mod_auth_radius module ask
on every webserver-request the radius-server. this is no problem by static passwords,
but i have one-time-passwords that was generated by a token. the result is that the
first data from a webserver request
On Fri, 17 Sep 2004, Lionel Gavage wrote:
> Yes but even without it doesn't work. By using the directive "listen" in the
> radiusd.conf file (as indicated in my preceding mail)
>
> radiusd.conf:
>
> bind_address = *
> port = 1645
>
> listen {
> # IP address on which to listen.
> #
Yes freeradius works with quintums.
I think you need to add sql in the authorize section
of your radiusd.conf and you also need to send return
code back to the quintum from the sql.
You can read the rlm sql in the doc directory or
src/billing for some pointers.
All the best.
Kafui Amedzekor.
Hello-
I have a user setup in my user files with three different access levels.
bennettj Auth-Type := System, Huntgroup-Name == "isp"
Service-Type = NAS-Prompt-User,
cisco-avpair = "shell:priv-lvl=5",
Juniper-Local-User-Name = "op"
be
Yes but even without it doesn't work. By using the directive "listen" in the
radiusd.conf file (as indicated in my preceding mail)
radiusd.conf:
bind_address = *
port = 1645
listen {
# IP address on which to listen.
# Allowed values are:
# dotted quad (1.2.3.4)
Edgars <[EMAIL PROTECTED]> wrote:
> sorry to bother but how can i fight with this error which is appearing
> al the time an is 95% of all log content?
>
> Error: Dropping conflicting packet from client Hotspot:2461 - ID: 24 due
> to unfinished request 3186
Generally it's because something is
"Lionel Gavage" <[EMAIL PROTECTED]> wrote:
> I use freeradius 1.0.0-pre3. I must use two radius servers on the same
> computer.
> But when I specify another listen port, this last is not used. The
> freeradius server listens on the default port !
>
> [EMAIL PROTECTED] freeradius-WDS]# ./sbin/radiu
"J.R. Cabanban" <[EMAIL PROTECTED]> wrote:
> Q. did the ldap server properly authenticated the user & allow access. if
> so why did the final result was Access-Reject?
The debug log says:
> rad_check_password: Found Auth-Type System
> auth: type "System"
> Processing the authenticate sec
On Thu, 16 Sep 2004, J.R. Cabanban wrote:
> command: radtest arookie localhost 1 sharedsecret
>
> response: rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=61,
> length=20
>
> snapshot of radiusd -X -A
>
> rad_recv: Access-Request packet from host 127.0.0.1:32847, id=53,
>
Здравствуйте, freeradius-users.
I'd like to make pre-paid voip using quintum.
so, I've created database
voip=# SELECT * FROM radcheck;
id | username | attribute | op | value
++---++
1 | 1233211233 | User-Password | == | 1233211233
(1 запись)
Thanks Thor!
would you be so kind and telll me how exactly is named this arameter in
the radiusd.conf? there are some delays, but not sure that i'll change
the correct one:)
Edgars
Thor Spruyt wrote:
Edgars wrote:
Error: Dropping conflicting packet from client Hotspot:2461 - ID: 24
due
to unf
Hi,
I have already set-up FreeRadius+mySQL and it works fine. What I want is
instead of our NAS giving our the IP address, I want FreeRADIUS to be the one
giving it. I've seen that it can be done using ippool in radius.conf.
your answers are repeatedly answered, if you allot
Hi,
I have already set-up FreeRadius+mySQL and it works fine. What I want is instead of our NAS giving our the IP address, I want FreeRADIUS to be the one giving it. I've seen that it can be done using ippool in radius.conf.
Can you give help me configure mySQL, on what specific entries that I nee
Edgars wrote:
> Error: Dropping conflicting packet from client Hotspot:2461 - ID: 24
> due
> to unfinished request 3186
If your NAS is resending auth packets after 1 seconds and freeradius is
configured to delay the response for one seconds for Access-Rejects, then
you might experience this.
Poss
sorry to bother but how can i fight with this error which is appearing
al the time an is 95% of all log content?
Error: Dropping conflicting packet from client Hotspot:2461 - ID: 24 due
to unfinished request 3186
Edgars
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/user
i realized where was the problem. nasportid type by default was
integer,i suggest to put it as bigint in that ready db structure file.
Edgars
Edgars wrote:
Hello,
can someone explain what does this error below mean?
Error: rlm_sql (sql): Couldn't insert SQL accounting ALIVE record -
ERROR: valu
Hello,
can someone explain what does this error below mean?
Error: rlm_sql (sql): Couldn't insert SQL accounting ALIVE record -
ERROR: value "2152726759" is out of range for type integer
Thank you!
Edgars
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> Hi,
>
> Is there anyone out there who has successfully managed to make a Cisco
> WLSE authenticate against a freeradius server when joining a WDS? Cisco
> AP1200 access points successfully authenticate to the freeradius server
> through the WDS, but I have been unsuccessful when it comes to
Hello,
let´s imagine this:
We stored user names in SQL as "User-Name dot NAS-Identifier" (ie.
"john.acme").
User do login as "john" and don´t care about ".acme"
Freeradius "rad_recv" takes User-Name and NAS-Identifier and authorize
the user as "user.nas".
Do you have any ideas how to do it?
R
Hi,
I use freeradius 1.0.0-pre3. I must use two radius servers on the same
computer.
But when I specify another listen port, this last is not used. The
freeradius server listens on the default port !
[EMAIL PROTECTED] freeradius-WDS]# ./sbin/radiusd -p 1645 -X
...
Listening on authentication *:18
32 matches
Mail list logo
