Hi all.
I have a question.
I would like to know how i can prevent using the same username and
password through the radius.
If i have 2 users who takes the same username and password, both of
them pass authentication, If there any possibility to disable 2-nd.
The goal is to prevent fraud and
Do you mean using the same username at the same time, or ever?
A couple of things come to mind:
1. Enable Simultaneous-Use checking to allow only one session per user
at any one time.
2. Use the Calling-Station-Id attribute in your authorization - ie, the
user must call from this phone number
Mike thanks for the reply.
I have ser with radius which using mysql.
So i put in radgroupcheck attribute
Simultaneous-Use := 1
And i am trying to check the logs of the radius,for some reason i am
not receiving any REGISTER requests from my cisco 7960 ip phone.
(Authentication requests)
Any idea
Alle 22:21, sabato 12 febbraio 2005, Nicolas Baradakis ha scritto:
I know you're busy with other things (1.0.2 release, rlm_policy...),
that's why, if you agree with that, I'll look at this issue more
closely and try to provide a patch in a few days.
great !!
Maybe cuold be useful to patch
can I set up a dial-up icon that connects to radius to authenticate a
user and give them access to the network?
On Sat, 12 Feb 2005 19:55:04 -0500, Alan DeKok [EMAIL PROTECTED] wrote:
Colin O'Keeffe [EMAIL PROTECTED] wrote:
Can I get a client to dial-in to the radius box using PPPoE or
Ayman Alashquar wrote:
I am accounting all vpdn connections using free radius against an
Oracle database. I am getting duplicate accounting records for the
same session
with different Acct-Delay-Time time (0,5,10) :
1. What causes these duplicates and can they be avoided?
Here are some that could
Following bugs are just documentation/comment updates.
169 Documentation update for proxy
170 Doc update for RADIUS.SQL-schema
171 Documentation update for Post-Auth-Type
172 Documentation bugs update
177 Update for the attrs file
178 Addition of attr_filter_preproxy
189 Update for preproxy_users
Massimiliano Liccardo wrote:
Maybe cuold be useful to patch the rlm_files in order to provide a
prost_proxy file as the pre_proxy one? Could be useful for setting
the Post-Proxy-Type without re-passing the authorize section and
using rlm_files directy into Post-Proxy, i.e.
Post-Proxy-Type is
An approach could be to allow 0.0.0.0/0 in clients.conf and then have a
rlm_python module validate the client, returning RLM_MODULE_FAIL for
packets coming from an unknown nas. In my understanding, this should
make freeradius silently drop the requests rather than replying with a
reject.
Navid
Colin O'Keeffe [EMAIL PROTECTED] wrote:
can I set up a dial-up icon that connects to radius to authenticate a
user and give them access to the network?
No. RADIUS doesn't work that way.
The dial-up is a PPPoE client, which connects to a PPPoE server.
The PPPoE server may use RADIUS to
An approach could be to allow 0.0.0.0/0 in clients.conf and then have a
rlm_python module validate the client, returning RLM_MODULE_FAIL for
packets coming from an unknown nas. In my understanding, this should
make freeradius silently drop the requests rather than replying with a
reject.
I
Thor Spruyt [EMAIL PROTECTED] wrote:
Following bugs are just documentation/comment updates.
...
Since there's always a lack of documentation, I have taken the time to try
to do something about it, so maybe these are usefull and could go into
1.0.2?
I'll take a look, but I can't promise
Thanks Omar for your input.
I am trying here to rely on the automatic loading of the free radius into
the Oracle database. The thing is that all the records including those with
Acct-Delay-Time time with non zero values are loaded. The trigger on the
accounting table fires all the times, I can
Thanks alot Spruyt
So if I neglect the other records it would be a safe calculation for the
usage ?
Best
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Thor Spruyt
Sent: Sunday, February 13, 2005 4:34 PM
To: freeradius-users@lists.freeradius.org
Subject:
Ayman Alashquar wrote:
So if I neglect the other records it would be a safe calculation for
the usage ?
No! If the first packet from the NAS doesn't make it to your server or can't
be handled by your server, then you'll need the non-zero packets!
--
Groeten, Regards, Salutations,
Thor Spruyt
M:
I have set up FreeRADIUS on Mac OS X Server 10.3.8 and am looking for the best
way to have the daemon startup when the server is rebooted without having a
logged in user.
From the archives I see there is still a patch necessary to run radiusd as a
daemon on OS X, although I thought it was going
I have an updated patch for use on an early January snapshot.
However, my server recently crashed, and I'm still in the process of
getting it back up and running. When I get FreeRADIUS back installed,
I'll use the latest snapshot and make sure the patch is updated to run
on that snapshot. Then
As for as the Bootstrap Daemon, it looks like it is only a plist file
that needs to be created in /etc/mach_init.d directory. From my quick
look at the current .plist files in the directory, all that would need
to be created is a FreeRADIUS.plist file with the following as the
contents:
?xml
Thanks for the updates!
Sorry for the double posting but apparently my mail system was having
difficulties and I got this:
- The following addresses had permanent fatal errors -
freeradius-users@lists.freeradius.org
Now things are flowing and I received mail from yesterday also.
rb
Hi,
I'm having a weird problem with radsqlrelay; it doesn't report the same
Acct-Delay-Time and Acct-Unique-Session-Id as with the detail file when
injecting into sql db. The attributes are defined on the dictionary and
is A/V's are present on the detail file.
-- query string on sql.conf --
Hi again,
Is there a way that rlm_preprocess can be called inside radsqlrelay?
Thanks,
Roy
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanx Stefan , i have added the User-Password in the Check-item list for this
user but this also poses problem.
If now i run RADIUS, file_authorize() matches this user with DEFAULT entry.
It fails on checking reply pairs in the condition
if ((paircmp(request, request_pairs, pl-check,
22 matches
Mail list logo
