based on this log by running checkrad on the command line, it seems like
it's working.
snmpget: /usr/bin/snmpget -r 1 -t 5 -v2c -c 'public' 10.11.12.200
.iso.org.dod.internet.private.enterprises.9.2.9.2.1.18.8
user at port S8: Instance
snpwalk: /usr/bin/snmpwalk -r 1 -t 5 -v2c -c 'public'
hi everybody,
i'm quite new to this mailinglist, actually it's my first post.
i have configured freeradius with mysql, everything is working
fine. i'm able to authenticate adsl and ppp users without any
problems but i do not get mpp working.
the freeradius interacts with a ascend max machine,
Hi Werner,
MPP is not a valid VALUE for Framed-Protocol. Check out the dictionary.
I would guess that the behaviour you want could be configured simply by
using Framed-Protocol = PPP and allowing simultaneous-use. That way,
the users are permitted to open multiple PPP sessions based simply on
hi Guy,
thanks for the fast answer. that means i have to use 'Framed-Protocol =
PPP' instead of using 'Framed-Protocol=MPP' and add the attribute
'simultaneous-use=1'?
thanks for helping a noob with his problems :)
werner
-
List info/subscribe/unsubscribe? See
That would certainly be what I'd try. I hold up my hands and say openly
that I'm far from an expert but, given that PPP is the only valid VALUE
for Framed-Protocol that seems relevant and that simultaneous-use allows
a single user to login multiple times (or controls how many times they
can
hi guy again,
i'll try it and let you know if it worked, thanks again for your
assistance :)
regards,
werner
That would certainly be what I'd try. I hold up my hands and say openly
that I'm far from an expert but, given that PPP is the only valid VALUE
for Framed-Protocol that seems
hi again,
i tried to configure everything as explained, i have now the following
settings for my group 'mpp' in the mysql-database configured:
Framed-Protocol := PPP
Framed-MTU := 1500
Framed-Compression := Van-Jacobson-TCP-IP
Ascend-Maximum-Channels :=
Is your Ascend Max correctly configured to permit multilink? Are the
clients correctly configured to use multilink?
Regards,
Guy
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Werner Detter
Sent: 12 November 2004 11:18
To: [EMAIL PROTECTED]
Hi Werner,
Are the clients attempting to setup the second connection? Is the Max
sending RADIUS requests for those users? What is in those requests?
What, if anything, is in the responses? You'll probably need a snuffer
to capture this info.
Regards,
Guy
-Original Message-
From:
On Fri, 12 Nov 2004, Werner Detter wrote:
yes they are, it worked before with the cistron radius.
the ascend max is configured to accept mpp connections.
any other ideas, thanks for your help again :)
Set Port-Limit to 2. Simultaneous-Use mainly sets the number of different user
logins (not
On Thu, 11 Nov 2004, Eva Kolega wrote:
Paul ,
I enclose the whole make report. The problem starts where the lines are in
bold format. To be precise, I have installed
mysql-standard-4.0.21-sun-solaris2.9-sparc-64bit.tar.gz with nothing else. I
mean no mysql client, no devel, no share. But I
On Fri, 12 Nov 2004, Lito A. Lampitoc wrote:
based on this log by running checkrad on the command line, it seems like
it's working.
snmpget: /usr/bin/snmpget -r 1 -t 5 -v2c -c 'public' 10.11.12.200
.iso.org.dod.internet.private.enterprises.9.2.9.2.1.18.8
user at port S8: Instance
snpwalk:
hi,
thanks for the hint (i set Framed-Protocol back to MPP, i found that
'MPP' is valid value for Framed-Protocol or does it really has to be PPP?
) now the user gets the following
attributes:
Framed-Protocol = MPP
Framed-MTU = 1500
Framed-Compression = Van-Jacobson-TCP-IP
hi again,
i just want to post the log-entry in the radacct for a mpp user:
User-Name = USER
NAS-IP-Address = a.b.c.d
NAS-Port = 10112
NAS-Port-Type = Sync
Acct-Status-Type = Start
Acct-Delay-Time = 0
Acct-Session-Id = 289495599
Acct-Authentic = RADIUS
X-Ascend-Multilink-ID = 86
Magnus Påhlsson said (04-11-10 19:24):
Here's an interesting problem. I got ldap authentication working but
ONLY as long as I have ldap_debug = 0x. Configuration as follows:
If I change basedn to the exact path of the ou where the user objects
are stored
I've configured sql and radutmp accounting and everything works just
fine with my cisco switches. Logged on users are available using radwho
and radlast. The same is not true for HP switches though.
Here's what a HP26xx switch sends when a user logs on:
rad_recv: Accounting-Request packet from
=?ISO-8859-1?Q?Magnus_P=E5hlsson?= [EMAIL PROTECTED] wrote:
The difference is that the 2950 sends
NAS-Port = 1
NAS-Port-Type = Virtual
Could the lack of these attribs from the HP switch be the reason for the
absense in radwho/radlast?
Yes.
Alan DeKok.
-
List
If you use the ldapsearch utility to perform the same search the
FreeRADIUS server is doing, what does it return? I'm wondering if your
AD tree isn't using LDAP referrals in there somewhere...
--Mike
On Fri, 2004-11-12 at 07:37, Magnus Påhlsson wrote:
Magnus Påhlsson said (04-11-10 19:24):
Hello,
I'm looking into setting up rlm_python, but haven't been able to find
any examples of what I need to add to the radiusd.conf to use it. An
example would be fantastic. I'll submit a patch to include it in the
src/modules/rlm_python/README as well.
James
-
List
Kenneth Grady wrote:
I think I can use port 1812, but thought that 1814 was designed for
just
this sitation.
Port 1814 is used as source port if your server sends packets to another
radius server (functioning as proxy).
In your case, the remote radius server should send authentication packets to
James Sapara [EMAIL PROTECTED] wrote:
I'm looking into setting up rlm_python, but haven't been able to find
any examples of what I need to add to the radiusd.conf to use it.
raddb/experimental.conf
Alan DEKok.
-
List info/subscribe/unsubscribe? See
Then why would I be listening on port 1814? if it's a source port?
just to see if someone is trying to break in?
On Fri, 2004-11-12 at 10:36, Thor Spruyt wrote:
Kenneth Grady wrote:
I think I can use port 1812, but thought that 1814 was designed for
just
this sitation.
Port 1814 is used
Kenneth Grady [EMAIL PROTECTED] wrote:
Then why would I be listening on port 1814? if it's a source port?
just to see if someone is trying to break in?
When run in debug mode, the server prints out which ports it's
listening on, and why. usually:
1812 is for incoming Access-Request
Oh I get it. I'm a proxy to an unknown home server and should shut it
off, unless I want to proxy requests to somewhere else.
On Fri, 2004-11-12 at 10:57, Kenneth Grady wrote:
Then why would I be listening on port 1814? if it's a source port?
just to see if someone is trying to break in?
On
Hi, I was wondering if there's a way to make
freeradius authenticate a client based on more than username and password?
for example, I want to limit a user to dial in only from a certain designated
number (ANI) to prevent fraud. My user lookup is done through
postgresql. Is there a way to
Kenneth Grady wrote:
Oh I get it. I'm a proxy to an unknown home server and should shut it
off, unless I want to proxy requests to somewhere else.
As I understood, you don't want to proxy... but you want another radius
server to proxy requests to you.
If you uncomment all proxy items in your
Im testing the expiration attribute in a freeradius 1.0.1 + mysql instalation.
I have a user with the following attributes:
mysql select * from radcheck;
++--+++-+
| id | UserName | Attribute | op | Value |
To solve our problem, we modified the rlm_preprocess.c source code to
change the colon : to a dash -. I rebuilt the RPM package, added the
'new' attributes to the /etc/raddb/dictionary file (e.g.
ip-source-ip), and everything works! The modified code is shown below:
rlm_preprocess.c
I think u need to use for exapmle :
8 October 2004 12:00:00
For me this format works great!
Greetings
Im testing the expiration attribute in a freeradius 1.0.1 + mysql
instalation.
I have a user with the following attributes:
mysql select * from radcheck;
29 matches
Mail list logo