Hello!
> I use freeradius to manage administrative sessions on a large number of
> routers and switches. For redundancy, I have two boxes. I'd like to
> use some sort of a database or directory to configure all of the clients
> devices rather than the flatfile clients.conf. Is that on the roadm
Hi guys.
When I entering the value for some user, with the
admin.conf set to crypt, the value inserted in the db
are encrypted. So when that new user try to login to
the network, he get deny access message. so how can
the ecryption can be a help avoiding the data to be
exposed,at the same time allo
We configure Freeradius to provide secure wireless
connections to access points using EAP/TLS. All allowed users to make wireless
connections to the access point are maintained in the file "users".
Freeradius is configured to run as a daemon in Linux. Whenever the file "users"
is updated, w
I have done a lot of checking. Could someone look over my shoulder and see
what might be wrong?
Here is some data.
from eap.conf --
tls {
private_key_password = naismc-pwd
private_key_file = ${raddbdir}/certs/cert-s
http://www.onlinebilling.ru/freeradius/rlm_sqlippool.tar.gz
Ken Doyle <[EMAIL PROTECTED]> wrote:
> Thanks for the help Alan, however rd.ranetka.ru does not seem to
> resolve, and the one other link to this module that I could find
> (ftp://lopez.globe.net.nz/Linux/freeradius/rlm_sqlippool
I have done a lot of checking. Could someone look over my shoulder and see
what might be wrong?
Here is some data.
from eap.conf --
tls {
private_key_password = naismc-pwd
private_key_file = ${raddbdir}/certs/cert-s
Any ideas why I would be getting this error..
Tue Feb 8 17:43:03 2005 : Auth: Login incorrect (No password configured for
the user): [victoria97] (from client telecomproxy2 port 5512958)
Tue Feb 8 17:43:03 2005 : Auth: Login incorrect: [victoria97] (from client
telecomproxy2 port 5512958)
When
Ah! Thank you, you're a ledgend! That's exactly what it was..
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: Tuesday, 8 February 2005 12:59 p.m.
To: freeradius-users@lists.freeradius.org
Subject: Re: FreeRadius Crashing!
"Craig Spiers"
I have a vendor-specific attribute in my dictionary that is a atring
type. As an attribute that is set, it comes to my authenticating
device, a network switch, as a string. However, when I use it as
an accounting attribute, it shows up in my accounting log on my
RADIUS server not as a string but as
I'm wondering if anyone has ever tried to put an NT hash password
directly into the LDAP userPassword field, and have it authenticated
through free radius.
Here's the situation:
We have a working configuration that is setup as EAP-LEAP and LDAP
where the NT hash is stored in the ntPassword att
Alan DeKok <[EMAIL PROTECTED]> wrote:
> http://www.striker.ottawa.on.ca/~aland/rlm_sqlippool.tar.gz
>
> It may not be there for long, though.
>
> Alan DeKok.
Thanks Alan, greatly appreciated. It downloaded and extracted fine.
I'll go off and tinker with it now. Hopefully that's the last hurdle
o
Ken Doyle <[EMAIL PROTECTED]> wrote:
> Thanks for the help Alan, however rd.ranetka.ru does not seem to
> resolve, and the one other link to this module that I could find
> (ftp://lopez.globe.net.nz/Linux/freeradius/rlm_sqlippool.tar.gz) does
> not resolve either. Given that I missed turning up thi
Alan DeKok <[EMAIL PROTECTED]> wrote:
> Ken Doyle <[EMAIL PROTECTED]> wrote:
> > If the IPPool module could talk to MySQL I wouldn't have a problem.
> > I'm thinking of nfs mounting the database files required for the
> > various pools, but I don't think that's very practical.
>
> There was an r
Alan DeKok wrote:
> But you don't say WHERE in the "users" file it is, or if the users
> file you're editing is being read by the server.
weird. My users file is and always has been in /etc/raddb. This is the
same directory which holds my radiusd.conf and all other radius config
files. The
"DeYoung, Brandon" <[EMAIL PROTECTED]> wrote:
> Unfortunately it didn't work. Users who exist in the Active Directory
> backend are still properly authenticated, but local users are rejected.
The debug log says why. Please read it.
> rlm_mschap: No User-Password configured. Cannot create L
Neil Craig <[EMAIL PROTECTED]> wrote:
> WARNING: Unprintable characters in the password. ? Double-check the
> shared secret on the server and the NAS!
That is a pretty definitive message.
> How does Chilli pass the password? I thought it had to go plain text
> to Freeradius for PAP?? Bit stu
"Craig Spiers" <[EMAIL PROTECTED]> wrote:
> radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
> STRCMP(Username, 'yvoyuhua') = 0 ORDER BY id'
>
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 8192 (LWP 8086)]
> 0x400ea8e1 in sql_userparse (first
If I understand correctly, authentication/accounting port as used as
follows:
Authentication port (older systems) : 1645
Authentication port (newer systems) : 1812
Accounting port (older systems) : 1646
Accounting port (newer systems) : 1813
Our system is 3CON TC100 (NAS) and freeRADIUS-1.0.1 (A
Thanks again Allan,
As instructed, I tried changing:
test Auth-Type = Local, Password = "testing"
In my users file to:
test User-Password == "testing", MS-CHAP-Use-NTLM-Auth = No
Unfortunately it didn't work. Users who exist in the Active Directory
backend are still properly authenticated,
Mike:
There is another reponse from Jon Matias Fraile [EMAIL PROTECTED]
He indicates that the maximun Framed-MTU is 1500. Many people on the 3COM
list has suggested to change the setting to 1514, which I did. What settings
do you have on your 3CON NAS? What is the best settings for Framed-MTU?
Th
Trying to get PAP authentication working with Chillispot and Freeradius.
I use the line -
print"http://".$_SESSION[uamip].":".$_SESSION['uamport']."/logon?username=".$_SESSION['username']."&password=$pappassword&userurl=".$_SESSION[userurl].">";
to send the details to Chilli
Entered a MD5 passw
Hi All,
Have posted a question similar to this before, does anyone else see
freeradius crashing while/during running sql queries?
Freeradius is running on redhat 8.0 (same thing happens on freebsd 5.3 as
well).
MySQL is running on redhat 8.0 (was previously running on freebsd 5.1 -
where same th
Paul Kimberley <[EMAIL PROTECTED]> wrote:
> Once I layer some kind of security, on top it seems to break. the
> rad_recv block no-longer contain's a username just "". So my ldap
> searches are base on NULL user.
There isn't much you can do in that situation.
> Is what I am looking for possible
Hi,
I am trying to setup freeradius to authenticate wireless users from an
ldap database of users.
I am using a windows XP supplicant and a Cisco Aironet 1200 AccessPoint.
I have verifyed that I have the ldap component working via a radtest -
my user is found and an accept is sent.I have seen num
Ken Doyle <[EMAIL PROTECTED]> wrote:
> If the IPPool module could talk to MySQL I wouldn't have a problem.
> I'm thinking of nfs mounting the database files required for the
> various pools, but I don't think that's very practical.
There was an rlm_sqlippool a while ago...
ftp://rd.ranetka.ru/p
"Mike Cisar" <[EMAIL PROTECTED]> wrote:
> Note to Alan... just a thought but given that MTU can be such a tricky
> problem to track down... might it be better to ship FreeRADIUS without a
> forced MTU setting in the sample config file... or at least have it
> commented out instead of active by defa
Rizwan Khan <[EMAIL PROTECTED]> wrote:
> So far there has been no luck googlizing the problem, Can anyone tell
> me where to define and store values of these parameters in Radius and
> how to send this information to the nas to make a decision?
> Is there any other way to do it without changing the
Thank you for your reply,
I see there is a script in dialupadmin that is able to parsing the
radius.log when there are some failed logins. If i want to use this
script, what do i need to set in radiusd.conf?
Thank you
Marendra
On Sun, 6 Feb 2005 01:41:31 +1100, Paul Hampson <[EMAIL PROTECTED]> w
Hi Kirti,
I experienced a similar problem a month or so ago, and talked to 4 or 5
people at the time who had all just fixed the problem. It seems that the
default users file shipped with FreeRADIUS includes a "Framed-MTU=576"
setting in one of the default sections. Simply removing that line was
The MTU isn't a freeradius problem, it is a 802.3 specification limit.
You cannot send more than 1500 bytes (except with jumbo frames), you have
to reduce the data length in some way.
Jon
On Mon, 7 Feb 2005, Kirti S. Bajwa wrote:
> Hello List:
>
> I have a new Authentication server setu
Hello
List:
I have
a new Authentication server setup with freeRADIUS1.0.1. I am using 3COM as NAS.
When I dial into 3COM, freeRADIUS authenticates the user
login.
Now
the problem; After logging in, users can not access MS Messenger, www.riteaid.net, and many many other web
sites. One t
Hello Ãystein.
Dne ponedeljek 07 februar 2005 12:54 je Ãystein GÃsdal napisal(a):
> I see that the example in the link uses PAP instead of EAP?
That is correct. We use EAP-TTLS+PAP.
> When I try to use that, the supplicant does not try to authenticate at all,
> exept when I go to User account, a
I thought that was true. And I did that, with no change. So it must be
something in Freeradius/Certs.
Hopefully I will discover the little discrepancy that is keeping this from
working for me.
Does it matter that it is Solaris 2.8? I am running Openssl 0.9.7e, and the
latest Freeradius release
On Tue, 2005-02-08 at 00:08 +1100, Michael Mitchell wrote:
> Won't help much, but today I had an issue with a seg fault. Commented
> out a bit of code where the error was supposedly happening, seg fault
> went away... put the code back in...seg fault didn't return???
>
> Did a make clean; make a
Won't help much, but today I had an issue with a seg fault. Commented
out a bit of code where the error was supposedly happening, seg fault
went away... put the code back in...seg fault didn't return???
Did a make clean; make and everything seemed to be fine again. I guess
in the end I just had
On Fri, 2005-02-04 at 20:44 -0600, Michael Griego wrote:
> Try running with LD_ASSUME_KERNEL=2.4.19. This will force runtime
> linking against the standard libc libs instead of the thread-local
> storage (tls) libs. So, on the command line, run
> "LD_ASSUME_KERNEL=2.4.19 radiusd -X" and see if
I see that the example in the link uses PAP instead of EAP?
When I try to use that, the supplicant does not try to authenticate at all,
exept when I go to User account, and write in user credentials manually.
But then SecureW2 tries to authenticate me as [EMAIL PROTECTED]/password,
istead of domain
Hi,
I use the following scheme for Authentication using freeradius on Debian.
Apache<-->mod_auth_pam<-->PAM<-->pam_radius_auth<-->Freeradius
I need to enable authorization with freeradius now.
More specifically, there are 3 user groups; admin, operator and viewer
on the webserver(NAS). The us
The easiest way to find out if it's the server it is something wrong with,
just turn off validate server certificate under the 802.1x settings in
WindowsXP.
If you are running PEAP, you don't need certificates on the client, just on
the server.
- Øystein
> -Original Message-
> From: Du
Hi,
I've been working on building and configuring a cluster which will,
amongst other things, run Freeradius (I hope).
Currently everything is okay, but now I appear to be stuck. At the
moment I'm dymanically allocating IP's using the IPPool module, which
is working fine on a single server. Unfor
40 matches
Mail list logo