Hello again,
i have question about Relaying Accounting Data. We have a customer, which
want to have all related accounting data of his realm.
Is there a way to relay the accounting data of his realm to his
radiusserver? i thought about creating a seperate detail logfile and then
setting up a
Hello all,
I've spent quite a long time trying to understand how freeradius works
and trying to get everything I want working.
I am using Openldap since 2001 and I've no problems to understand LDAP
as I wrote many programs around LDAP. In fact I don't understand how
groups are working under
I have a problem i cant seem to figure out, so i wondered if any of you
have a suggestion. It looks like everything is working as intended, the
ldap finds the account, and authorize the client, but then it sends
Access-Reject.
[EMAIL PROTECTED] log]# /usr/sbin/radiusd -x -A
Starting - reading
I seem to have the same problem here, also with version 1.0.1 (haven't
tried it with 1.0 though...)
Regards,
Evert
Mike O'Connor wrote:
Hi All
I have been using freeradius 0.9.3 for a long time and the acct_users
file below has all ways work well (did have a problem where it would
just
is there any way to get rid of those values ? my users have unlimited
access and it is disturbing to see that they overpassed the values?
current values are: 4 hours daily and 20 hours weekly
Thank You
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Well, finally I succeeded to do what I want... The reason of the failure
was too stupid: In the radiusd.conf file, I've put the LDAP server address
in ipv4 dotted address form. Of course, freeradius does not try to resolve
it and of course the address obtained from the LDAP server certificate
does
Hello!
I have some troubles with import cx_Oracle python module. After add
import string to I see this in debug:
Module: Loaded python
python: mod_instantiate = freeradius
python: func_instantiate = instantiate
python: mod_authorize = freeradius
python: func_authorize = authorize
python:
any ideea how i can strip the domain?
my win98 box sends the username as DOMAIN\\USERNAME
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
My thesi is the implementation for a proposed framework of lightweight
WLAN Roaming. So we are trying to reduce the number of messages so as to
provide faster roaming. They have given me a diagram with the exchange of
messages which i must implement. The diagram is like the one in RFCs(which
Please confirm that this is possible!
I've been able to configure, make and install the product with little to
no problem. However, execution aborts when rlm_eap is loaded:
...
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = (null)
unix: shadow =
It is possible to reduce the number of messages for reauthentication by
implementing what is variously known as Fast Roaming, Fast
Reauthentication and Session Resumption. This doesn't have any impact
on the initial authentication exchange. However, once both parties
(supplicant and
Hi list,
I have a strange problem with EAP/TLS authentication.
I have done thesetup with the guide from Ken Roser's howtoprovided in freeradius site:
- The client is XP, wirelesscard: linksys WPC54G
- The freeradius server is installed in linux
- The access point is linksys WRT54G
- The
Hello,
i want to use securid with freeradius on my debian.
I have choosen and installed the pam_securid.so Module from RSA und set up pam
and freeradius.
if a make a radtest everytime a get the following errors in syslog:
Nov 17 14:31:49 abrakadabra freeradius: PAM unable to
=?iso-8859-1?Q?P=E5l?= Hjelmeseth Myklebust [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] log]# /usr/sbin/radiusd -x -A
Please run the server as /usr/sbin/radiusd -X. You will get MUCH
more debugging information, which will help you solve your problem.
Alan DeKok.
-
List
Samareanu Florin [EMAIL PROTECTED] wrote:
any ideea how i can strip the domain?
my win98 box sends the username as DOMAIN\\USERNAME
Read radiusd.cond. Look for the word ntdomain, an dthe realms module.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Prabhdeep [EMAIL PROTECTED] wrote:
It seems that by solving this problem we had taken on
a bigger problem. Because server is now returning
error for any duplicate accounting record,
There are no error accounting packets. The server just doesn't
respond.
clients are
submitting the request
Hi,
I would like to set up a max bandwidth over my cisco 1200AP (ios v12).
My question is : what attribute I should use in radius to set the max
download and upload for the client ?
thx
-Message d'origine-
De : [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] De la part de Alan
DeKok
Envoyé
Samareanu Florin [EMAIL PROTECTED] wrote:
is there any way to get rid of those values ? my users have unlimited
access and it is disturbing to see that they overpassed the values?
current values are: 4 hours daily and 20 hours weekly
Those values aren't configured in the default
It means its being truncated. Try adjusting the snaplen. You should be
able to do -s 0 to make sure you capture the entire packet or you can
specify a length such as -s 1024. Do a man tcpdump and search for
snaplen.
ie: tcpdump -i fxp0 -s 0 udp port 1812
-Dusty Doris
On Tue, 16 Nov 2004,
jh vg [EMAIL PROTECTED] wrote:
My thesi is the implementation for a proposed framework of lightweight
WLAN Roaming. So we are trying to reduce the number of messages so as to
provide faster roaming. They have given me a diagram with the exchange of
messages which i must implement.
Are
Guy Davies [EMAIL PROTECTED] wrote:
IIUC, FreeRADIUS implements this in the EAP-TLS module that is used by
EAP-TTLS and PEAP so probably Session Resumption will be supported in
those EAP types at the minimum.
FreeRADIUS doesn't implement fast reconnect for session resumption.
Alan DeKok.
Lara Adianto [EMAIL PROTECTED] wrote:
The log file of freeradius shows that the authentication is
successful, with access-accept being sent. I use tcpdump to confirm
that access-accept is indeed sent and received by the
access-point. However, after about 1 minute, the client will resend
an
[EMAIL PROTECTED] wrote:
i want to use securid with freeradius on my debian.
I have choosen and installed the pam_securid.so Module from RSA und set
up pam and freeradius.
PAM may have memory leaks. If at all possible, I would suggest
using a command-line tool from SecurID to do the
For some reason, you have the LDAP module set up to pull an MD5-hashed
password from your LDAP tree and add it as the NT-Password attribute.
This won't work. In order to use PEAP, you have to have either a
clear-text password or an NT-hashed password.
--Mike
On Wed, 2004-11-17 at 03:44, Pål
--__--__--
Message: 7
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Daily/Monthly limit
Date: Wed, 17 Nov 2004 09:28:43 -0500
Reply-To: [EMAIL PROTECTED]
Samareanu Florin [EMAIL PROTECTED] wrote:
is there any way to get rid of those values ? my users have unlimited
where are those values located in the mysql db?
is it safe to delete them?
Samareanu Florin wrote:
--__--__--
Message: 7
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Daily/Monthly limit Date: Wed, 17 Nov 2004 09:28:43 -0500
Reply-To: [EMAIL PROTECTED]
Samareanu Florin
On Wed, 17 Nov 2004, Samareanu Florin wrote:
where are those values located in the mysql db?
is it safe to delete them?
Samareanu Florin wrote:
See at the end of conf/admin.conf in dialupadmin
--__--__--
Message: 7
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re:
Hello all,
I've spent quite a long time trying to understand how freeradius works
and trying to get everything I want working.
I am using Openldap since 2001 and I've no problems to understand LDAP
as I wrote many programs around LDAP. In fact I don't understand how
groups are working under
Hello Gang,
I just installed the 1.01 on my red hat, but having
problems with the pgsql-voip module. I did what the
doc says, but ended up with this error
rlm_sql (pgsql-voip): Could not link driver
rlm_sql_postgresql: file not found
rlm_sql (pgsql-voip): Make sure it (and all its
dependent
Hello,
I'd like to move client.conf to something that works through rlm_python.
Looking at rlm_sql, this appears possible. I'm willing to update
rlm_python to support this, but I can't seem to find how it binds this
functionality in rlm_sql. Anyone ever try this more?
James
-
List
Thanks,
I have to leave, but the quick and last test I did with your advice,
gave me bad results. See tomorrow..
Using radtest, I don't get any IP, and there is very little doc about
ippool and the way it works.
I suppose that the NAS is completely relying on radius for IP delivery.
I'm
You'll still need to configure the ippool modules and include those in the
accounting section and post-auth section. Forgot to include that in the
last email. A radiusd -X will show you exactly what is going on. If it
doesn't work, please post that to the list will all output.
ie:
accounting
The final problem: in the dialup admin web page i press show groups, i
chose one group name (static in my case) , select one user from Group
Members and press the Administer Selected User button. Nothing happens,
the page gets refreshed and i am returned to Group static administration
index.
Hi, everyone
Could any one tell me how to find the patch for 0.8.1 supporting IPv6?
I've looked it up on google but didn't find any useful results about it...
Thank you very much!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, 16 Nov 2004, David Mitton wrote:
I am interested in an AP that can do 802.1x (authenticator without being a
server) that's a bit cheaper than that. I'd also like a firewall/NAT
router functions, you know, the typical Cable/DSL/router configuration.
Suggestions?
A Linksys
Shawn [EMAIL PROTECTED] wrote:
Could any one tell me how to find the patch for 0.8.1 supporting IPv6?
There is no such patch, and there will never be a patch.
1.0.1 supports IPv6 attributes in RADIUS, but not listening on an
IPv6 socket.
Alan DeKok.
-
List info/subscribe/unsubscribe?
Using freeradius 1.0.1
I need to be able to pass a binary or text file to be parsed at the
other end Are there any suggestions?
Marco
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 11/16/2004 09:27 PM, Paul wrote:
David Mitton wrote:
A Linksys WRT54GS with Sveasoft looks like a bargin functionally.
Amazon.com has the WRT54GS for $81.99 - $10 Rebate.
Yeah, that's a good price. I use the WRT54GS with the tinyPEAP embedded
RADIUS server. The firmware is based on
Hi All
I still have problem in huntgroup with Freeradius 1.0.1 and little
investigate about it.
In the 1st, I add 'auth_log' setting at authorize section in 'radiusd.conf'
file for collect more information.
In the 2nd, I chheck current User information at our MySQL server by using
SQL Query
On 11/17/2004 11:01 AM, Andrea G. Forte wrote:
Hi all,
I am new to WPA/802.11i and I have a few doubts. I hope you can help me.
What is not clear to me is how often a supplicant needs to authenticate to
the server...is it everytime the supplicant performs a L2 handoff?
The supplicant needs to
Ok, so I have looked all over the web but cant
really find any good how-to articles on freeradius
when it comes to setting up a dial-up server.
Anyone have any links or even a book that might help?
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system
On Thu, Nov 18, 2004 at 12:17:28AM -0600, Dallas Graves wrote:
Ok, so I have looked all over the web but cant really find any good
how-to articles on freeradius when it comes to setting up a dial-up
server. Anyone have any links or even a book that might help?
If you're looking at setting a
On 11/17/2004 11:01 AM, Andrea G. Forte wrote:
Hi all,
I am new to WPA/802.11i and I have a few doubts. I hope you can help me.
What is not clear to me is how often a supplicant needs to authenticate to
the server...is it everytime the supplicant performs a L2 handoff?
The supplicant needs to
On 11/18/2004 12:20 AM, Andrea G. Forte wrote:
On 11/17/2004 11:01 AM, Andrea G. Forte wrote:
Hi all,
I am new to WPA/802.11i and I have a few doubts. I hope you can help me.
What is not clear to me is how often a supplicant needs to authenticate to
the server...is it everytime the supplicant
Hello!
==
Regular expression matching in proxy.conf
enables very flexible and intiutive realm
proxying. It can reduce number of
realm entries:
realm company2.com {
regexp = ^.*\.company2\.com$
type= radius
authhost
47 matches
Mail list logo