OK
we are proposing a lightweight WLAN roaming architecture. This means that we
implement a roaming architecture for a small community. The scenario is
Client-->AP-->foreign server -->Home server and so on...
All this is done using EAP-MD5 authentication (only this authentication
scheme) and mys
--On Wednesday, December 01, 2004 10:34:22 +0200 Panagiotis Mavros
<[EMAIL PROTECTED]> wrote:
OK
we are proposing a lightweight WLAN roaming architecture. This means that
we implement a roaming architecture for a small community. The scenario is
Client-->AP-->foreign server -->Home server and so
Dear list,
I've got Freeradius 1.0.1 working with
openssl-0.9.7-stable-SNAP-20041028. When I start Freeradius
it asks me for a PEM pass phrase. Can you please indicate what
I could do to supply this pass phrase in a configuration file?
Do I need to re-create the certificates to be able to do thi
On Wed, 1 Dec 2004, [iso-8859-1] Juan Manuel García Carral wrote:
> Hi,
>
> I am currently running freeradius 0.8.1 with LDAP as backend. It works fine.
> I need to upgrade to a later version because I need some features regarding
> Autz.
>
> Certain users have some Cisco ACLs associated in the
Ok list,
I got it. For those of you who will have the same problem,
there's a parameter in eap.conf "private_key_password".
See that it is uncommented and that it contains the right
password. Thanks just the same.
Regards,
Gilbert
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EM
Hi,
In directory /usr/local/lib There isn't rlm_sqlcounter and rlm_counter. Only
rlm_sqlcounter-1.0.1.la
So I need to install rlm_sqlcounter or rlm_counter ? How to Install Modules?
Thanks.
Stephane
- Original Message -
From: "Kostas Kalevras" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTE
Hi,
After editing clients.conf I again started radius in
debugging mode i.e. radiusd -X.
The exact radtest line is as follows :
radtest root 123456 spacecable 1812 omeya
Regards,
-bs sawant
--- Jason Frisvold <[EMAIL PROTECTED]> wrote:
> On Tue, 30 Nov 2004 01:40:15 -0800 (PST),
> bhal
Are there still problems in v1.0.1, when using usernames like "user1%test":
radiusd -xxyz:
radtest "user1%test" "test" localhost 10 oopsi
Debug: Thread 1 handling request 0, (1 handled so far)
User-Name = ""
User-Password = "test"
NAS-IP-Address = 255.255.255.255
N
hello,
we have all our user-informations stored
in an LDAP-directory, but our users should use
one-time password tokens instead of
static passwords for their remote login.
it is possible to configure freeradius
to first check whether the user is allowed to dialin
using an ldap-group and then che
On Wed, 1 Dec 2004 02:44:23 -0800 (PST), bhalchandra sawant
<[EMAIL PROTECTED]> wrote:
> Hi,
> After editing clients.conf I again started radius in
> debugging mode i.e. radiusd -X.
>
> The exact radtest line is as follows :
>
> radtest root 123456 spacecable 1812 omeya
Hrm... Can you post all
How can I properly deny certain users or groups from being able to dial
in and establish PPP sessions?
For groups:
DEFAULT Ldap-Group == "mygroup", Auth-Type := Reject
As for users you can just use an existing attribute (or add a new one) by
using the access_attr configuration directive.
Or you
unsubscribe
Hello,
i have the following situation - have public router (firewall) which is
making NAT to one local router. When user is connecting to that local
router, the request is being made from public router to Freeradius
server. Freeradius as NAS-IP-Address value becomes my local router's IP
(which
Did you do "make clean" before you ran configure and recompiled? I had
to when I recompiled with disable-shared.
Mearl
>>> [EMAIL PROTECTED] 12/1/2004 12:22:29 AM >>>
Ok would be possible to get some instruction on how to build it
staticly, I
have looked through 14763 emails in this list that I
- Original Message -
From: "Mearl Danner" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 01, 2004 10:19 AM
Subject: Re: [radius] Re: Segmentation Fault - gdb output
Did you do "make clean" before you ran configure and recompiled? I had
to when I recompiled with dis
bhalchandra sawant wrote:
Hi,
After editing clients.conf I again started radius in
debugging mode i.e. radiusd -X.
The exact radtest line is as follows :
radtest root 123456 spacecable 1812 omeya
Use 127.0.0.1 instead of spacecable, since spacecable probably isn't
resolving to 127.0.0.1!
--
Regar
Edgars wrote:
i have the following situation - have public router (firewall) which
is making NAT to one local router. When user is connecting to that
local router, the request is being made from public router to Freeradius
server. Freeradius as NAS-IP-Address value becomes my local router's
IP (whi
Hi Jason,
Yes, I had made mistake in $INCLUDE
${confdir}/clients.conf. It was commented.
Now Freeradius started accepting requests.
Thanks,
-bs sawant
--- Jason Frisvold <[EMAIL PROTECTED]> wrote:
> On Wed, 1 Dec 2004 02:44:23 -0800 (PST), bhalchandra
> sawant
> <[EMAIL PROTECTED]> wrote:
>
Hi,
I have freeradius 1.0.1 installed on a 64bit linux server. It was
compiled using libraries and includes from an recent openssl SNAP
version. After I run a test (radiusd -sfxxyz -l stdout) I get the
following response:
Starting - reading configuration files ...
reread_config: reading radius
Nick Marino" <[EMAIL PROTECTED]> wrote:
> Is there anything else I can try and is that what alan meant when he said to
> build it staticly is to use the --disable-shared switch?
See the FAQ.
$ configure --disable-shared
$ make
$ make install
Alan DeKok.
-
List info/subscribe/unsubscribe?
"Lim Han Shyong" <[EMAIL PROTECTED]> wrote:
> Thanks for reply.. what i want to do is cisco command accounting, which mean
> logging cisco shell command enter by user.
>
> So is it possible done by freeradius ?
What did my previous response say? Please read it.
> according old mailing list, i
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 01, 2004 12:03 PM
Subject: Re: [radius] Re: Segmentation Fault - gdb output
Nick Marino" <[EMAIL PROTECTED]> wrote:
Is there anything else I can try and is that what alan meant w
"Nick Marino" <[EMAIL PROTECTED]> wrote:
> I tried what was in the faq about using --disable-shared and everything
> seemed to compile ok without any errors but that did not help I still get
> the same segfault.
Try deleting ALL previous binaries, libraries, etc. installed by
FreeRADIUS.
If
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 01, 2004 12:03 PM
Subject: Re: [radius] Re: Segmentation Fault - gdb output
Nick Marino" <[EMAIL PROTECTED]> wrote:
Is there anything else I can try and is that what alan meant w
"Panagiotis Mavros" <[EMAIL PROTECTED]> wrote:
> we are proposing a lightweight WLAN roaming architecture. This means that we
> implement a roaming architecture for a small community. The scenario is
> Client-->AP-->foreign server -->Home server and so on...
> All this is done using EAP-MD5 authen
Edgars <[EMAIL PROTECTED]> wrote:
> Is it
> possible to use not '%{Nas-IP-Address}' variable but something like
> '%{Host}' which is the IP of the public router?
%{Client-IP-Address}
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Darren Zamrykut <[EMAIL PROTECTED]> wrote:
> I have freeradius 1.0.1 installed on a 64bit linux server. It was
> compiled using libraries and includes from an recent openssl SNAP
> version. After I run a test (radiusd -sfxxyz -l stdout) I get the
> following response:
...
> Illegal instruction
>
"Nick Marino" <[EMAIL PROTECTED]> wrote:
> Well ok I have done a clean and recompiled twice now and still get the same
> segfault as before.
That's not quite what I said.
Please REMOVE all previous FreeRADIUS binaries, libraries, etc. from
your system. What's happening is that the new insta
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 01, 2004 12:08 PM
Subject: Re: [radius] Re: Segmentation Fault - gdb output
"Nick Marino" <[EMAIL PROTECTED]> wrote:
I tried what was in the faq about using --disable-shared and
"Nick Marino" <[EMAIL PROTECTED]> wrote:
> Ok I deleted everything and ran make clean and recompiled now I get this
> error when building.
>
> In file included from rlm_eap.c:26:
> rlm_eap.h:26:18: ltdl.h: No such file or directory
Yes... you probably didn't run "configure" after deleting the
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 01, 2004 12:33 PM
Subject: Re: [radius] Re: Segmentation Fault - gdb output
"Nick Marino" <[EMAIL PROTECTED]> wrote:
Ok I deleted everything and ran make clean and recompiled now
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 01, 2004 12:33 PM
Subject: Re: [radius] Re: Segmentation Fault - gdb output
"Nick Marino" <[EMAIL PROTECTED]> wrote:
Ok I deleted everything and ran make clean and recompiled now
On Dec 1, 2004, at 10:17, Alan DeKok wrote:
"Panagiotis Mavros" <[EMAIL PROTECTED]> wrote:
we are proposing a lightweight WLAN roaming architecture. This means
that we
implement a roaming architecture for a small community. The scenario
is
Client-->AP-->foreign server -->Home server and so on...
On Wed, 1 Dec 2004 09:30:37 -0800 (PST), bhalchandra sawant
<[EMAIL PROTECTED]> wrote:
> Hi Jason,
> Yes, I had made mistake in $INCLUDE
> ${confdir}/clients.conf. It was commented.
>
> Now Freeradius started accepting requests.
Cool!
> Thanks,
No problem. Happy to help :)
> -bs sawant
-
Hi,
Am I correct that the reply attribute for the sqlcounter module is hard
coded and always set to 'Session-Timeout'?
If not, can I configure an attribute in the radreply table (eg
"mikrotic-recv-limit) and give the value of a sqlcounter?
David
-
List info/subscribe/unsubscribe? See http://w
Darren Zamrykut <[EMAIL PROTECTED]> wrote:
>> I have freeradius 1.0.1 installed on a 64bit linux server. It was
>> compiled using libraries and includes from an recent openssl SNAP
>> version. After I run a test (radiusd -sfxxyz -l stdout) I get the
>> following response:
>...
>> Illegal instruct
Now you have understood the whole idea
Yes universities are a dream world where professors try to prove their value
writing papers...The problem is that someone must prove what they wrote is
applicable (or not)And guess who must do it...
Ok i am sorry that i waste your time with these
It works fine. Thanks to all.
J.M.
Dmitry Lebkov wrote:
Juan Manuel Garcia Carral ÐÐÑÐÑ:
[skip]
I read the mail archive and found similar problems in threads:
"about duplicated attribute in freeradius"
"Multiple cisco-avpair entries"
where is referenced the use of += operator, which works fine if y
The approach I would use is to include in the users file:
defaultAuth-type := System
Exec-Program-Wait = '/etc/raddb/local'
...
Then for local.c (very simplistic version based on my recollection of
your needs)
#include
int main (int argc, char *argv[], char *envp[])
{
Darren Zamrykut <[EMAIL PROTECTED]> wrote:
> (gdb) bt
> #0 0x01008000652e in ?? ()
Hmm... that's not particularly useful.
My suggestion would be to build the server statically, maybe that
may help.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/us
"Panagiotis Mavros" <[EMAIL PROTECTED]> wrote:
> Ok i am sorry that i waste your time with these nonsense but i have spent 3
> months trying to do something that has no value...
My suggestion is that next time, you find out more about the
protocol you're trying to modify before working on chang
I'm setting up freeradius, but our passwords are stored in a
non-standard format. It's no problem to write a perl script to handle
figuring out if a given user/password pair is OK, but I haven't been
able to figure out how to get freeradius to run this program to verify
the user. Ideally this c
Chris Riley <[EMAIL PROTECTED]> wrote:
> I'm setting up freeradius, but our passwords are stored in a
> non-standard format. It's no problem to write a perl script to handle
> figuring out if a given user/password pair is OK, but I haven't been
> able to figure out how to get freeradius to run t
Alan DeKok wrote:
Chris Riley <[EMAIL PROTECTED]> wrote:
I'm setting up freeradius, but our passwords are stored in a
non-standard format. It's no problem to write a perl script to handle
figuring out if a given user/password pair is OK, but I haven't been
able to figure out how to get freeradius t
Despite reading everything I can find, performing many different
experiments, turning the issue over to a UNIX hack with 20 years of
experience, and asking questions on lots of different forums, I cannot
figure out a problem I have with RADIUS. I am sure it is due to my
ignorance, and not a bug -
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
> It's funny to notice that sometimes they say "We want to get rid of
> Exec-Program(-Wait)" and other times they say "Use Exec-Program(-Wait)" :)
Until it's replaced with something better, people should use it.
I have a pretty good idea as to what I
Brian Ammons wrote:
We are a WISP, we have freeRadius running with mySQL. The NASs that
currently use RADIUS (SmartBridge XOs) transmit the CPE's MAC address
as
both UserName and Password. We have new and better NASs (MikroTik)
that transmit the CPE's mac address as the UserName, but with a
"null
Alan DeKok wrote:
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
It's funny to notice that sometimes they say "We want to get rid of
Exec-Program(-Wait)" and other times they say "Use
Exec-Program(-Wait)" :)
Until it's replaced with something better, people should use it.
I have a pretty good idea as t
I'm having a problem with Free-Radius running on Gentoo Linux.
I recently got a Apple Airport Extreme AP and I'm trying to setup
freeradius so that it will authenticate users. I have tried to emerge
freeradius using portage and I also built it by downloading the latest
stable build.
Everytime I u
Hi,
Recently we upgraded FreeRADIUS from 0.5 to 1.0.1 which seems to be
working fine.
However, I've encountered that the detail module cannot determine the
client ip address hence the detail files are not written under
Client-IP-Address. Version 0.5 used to get the client ip address and all
detai
Your comments are very interesting, I will consider them as much as I know
how.
Yes, the NASs are wireless access points on steroids, and they get
bandwidth-throttling information from RADIUS along with Accepts/Rejects.
Re: the NASs not identifying themselves - yes, I thought that being able
to s
Thanks for your reply.
Have a nice day.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Alan
DeKok
Sent: Thursday, December 02, 2004 2:06 AM
To: [EMAIL PROTECTED]
Subject: Re: How to use the checkval and can radius log the command info
?
"Lim Han Shyong"
Alan DeKok wrote:
DEFAULT Auth-Type := Accept
Exec-Program-Wait = "/path/to/program args args"
But in this case freeradius will fork process on every request.
Possible configure freeradius for fork process at startup and send
attributes through pipe?
--
TARANTUL
-
List info/subscribe/unsubsc
On Thu, Dec 02, 2004 at 11:30:39AM +0400, Nick 'TARANTUL' Novikov wrote:
> Alan DeKok wrote:
>
> >DEFAULT Auth-Type := Accept
> > Exec-Program-Wait = "/path/to/program args args"
> >
> >
>
> But in this case freeradius will fork process on every request.
> Possible configure freeradius for f
54 matches
Mail list logo