Hi,
in the man page i found the comment that this options are deprecated
and listen/bind should be used.
Just my sentence on this why to let them stay in the code :)
I found such options very usfully maintaining same configuration across
multiple redundand servers.
So eg. Radiusd.conf could be
Dear
Recently I have installed freeradius ,i have some problem in password
auth.
i have created new user:pra with pass:123456
when i tried to test the auth. enabling Debug mod
using command radtest prad 123456 localhost:1812 0 testing123
it generate following massage :
Dear
Recently I have installed freeradius ,i have some problem in password
auth.
i have created new user:pra with pass:123456
when i tried to test the auth. enabling Debug mod
using command radtest prad 123456 localhost:1812 0 testing123
it generate following massage :
Hi all,
I have few questions regarding freeradius:
1. What is the correct way to obtain user's connection time,
by using value of Acct-Session-Time or using STOP:Timestamp -
START:Timestamp?
Why Acct-Session-Time value is always higher than stop-start?
2. I saw attribute Acct-Delay-Time from
Dear
Recently I have installed freeradius ,i have some problem in password
auth.
i have created new user:pra with pass:123456
when i tried to test the auth. enabling Debug mod
using command radtest pra 123456 localhost:1812 0 testing123
it generate following massage :
Dear
Recently I have installed freeradius ,i have some problem in password
auth.
i have created new user:pra with pass:123456
when i tried to test the auth. enabling Debug mod
using command radtest pra 123456 localhost:1812 0 testing123
it generate following massage :
Beast wrote:
Hi all,
I have few questions regarding freeradius:
1. What is the correct way to obtain user's connection time,
by using value of Acct-Session-Time or using STOP:Timestamp -
START:Timestamp?
Why Acct-Session-Time value is always higher than stop-start?
The Timestamps are times that
Hi Guys,
Here is one small problem.
I am using mySQL for the cisco NAS authontication i
add the fowllowing in radreply table:
id UserName Attributeop Value
11 12345Cisco-VSA=
h323-credit-time=10
But It is working and the log is :
Tue Mar 1 08:49:13
Dear
Recently I have installed freeradius ,i have some problem in password
auth.
i have created new user:pra with pass:123456
when i tried to test the auth. enabling Debug mod
using command radtest pra 123456 localhost:1812 0 testing123
it generate following massage :
Pradeep Nevatia wrote:
rad_check_password: Found Auth-Type System
auth: type System
modcall: entering group authenticate for request 1
rlm_unix: [pradeep]: invalid password
modcall[authenticate]: module unix returns reject for request 1
modcall: group authenticate returns reject for
Make sure you have that value defined in one of the dictionaries.
I think that your database should look like:
id UserName Attributeop Value
11 12345h323-credit-time I10
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
On Tue, Mar 01, 2005 at 02:35:09AM -0800, Abdul Lateef wrote:
Hi Guys,
Here is one small problem.
I am using mySQL for the cisco NAS authontication i
add the fowllowing in radreply table:
id UserName Attributeop Value
11 12345Cisco-VSA=
Dear
Recently I have installed freeradius ,i have some problem in password
auth.
i have created new user:pra with pass:123456
when i tried to test the auth. enabling Debug mod
using command radtest pradeep 123456 localhost:1812 0 testing123
it generate following massage :
Michael Mitchell wrote:
Acct-Session-Time is calculated by the NAS.
If the delay in your network is small, then these times should be
practically identical, however, this depends on how your NAS calculates
Acct-Session-Time - ie, when does the NAS consider the session to have
started, how long
Holger Steppke wrote:
Hi,
in the man page i found the comment that this options are deprecated
and listen/bind should be used.
Just my sentence on this why to let them stay in the code :)
I found such options very usfully maintaining same configuration across
multiple redundand servers.
So eg.
JH schrieb:
Out of curiosity, how can you tell that it was being
swapped around
that was giving the problem?
Well, the first thing I noticed was that configure claimed that I had
no SSL_new in -lssl, which was supicious, so I looked into
config.log for the compilation command used
to run
Terry J Fike Jr schrieb:
Okay, quick (and possible moot) question...
could there be issues on this because of compiling it
64bit instead of
32 bit?
Actually what for? You do realize that there
are a couple of _dis_advantages of building
64bit stuff (larger executables, more memory
Hi,
I've something like this in my user file:
DEFAULT Service-Type == Framed-User
Framed-Protocol = PPP,
Framed-MTU = 576,
Framed-IP-Address = 192.168.52.1+,
Framed-IP-Netmask = 255.255.255.0
I've noticed that the IP on the client side depends on the NAS modem
Chan Min Wai wrote:
Vladimir wrote:
I am trying to get 802.1x authentication going for wired clients on our
LAN. I have been successul in using local password database to
authenticate 802.1x users however I haven't been able to get it going
with LDAP. Version of FreeRadius is Debian packaged
the accounting section of radiusd.conf
modcall:
entering group accounting for request 12
radius_xlat:
'/var/log/radius/radacct/192.168.1.20/detail-20050301'
rlm_detail:
/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to
/var/log/radius/radacct/192.168.1.20/detail-20050301
modcall
it might be kind of strange , but here is my problem i guess there must be
some kind o solve .
there is two seperated radius server , if i set realm on both of them ( @new
and @old for example ) everything guess fine , but :
I'm looking for a way to avoid realm Name and @ character , in fact
I am running freeradius 1.0.2. Trying to authenticate wireless
users via PEAP w/ GTC using clear text passwords/ PAP.
User db is stored in ldap.
I have PAP configured to use SHA1.
The ldap server is returning the password but it
is returning the base64 of the SHA1 hash.
So PAP reports that it is
Mahesh S Kudva [EMAIL PROTECTED] wrote:
Sorry for the incomplete mail. I have a mail server and a couple of
application servers inside my network. The RAS and VPN user ID and
passwords are same. I want to restrict the user, once he is connected to
VPN, to only use the mail and only one
Mahmud Jami [EMAIL PROTECTED] wrote:
rlm_chap: login attempt by jami with CHAP password
rlm_chap: Could not find clear text password for user jami
Did you tell the server what the *correct* password is for the user?
Nope.
Do that.
Alan DeKok.
-
List info/subscribe/unsubscribe?
Sébastien Cantos [EMAIL PROTECTED] wrote:
I would like to configure my radius to give the first available IP in the
subnet 192.168.52.0/24 without carrying about the NAS modem number.
Is there a way to configure this ?
Read radiusd.conf. Look for ippool
Alan DeKok.
-
List
Vladimir Vuksan [EMAIL PROTECTED] wrote:
So I can't use MD5 hashes for authentication ?
No.
Putting passwords in clear text for devices is doable but if down
the line I want to authenticate users leaving their passwords in
clear text doesn't sound like a good option.
Too bad. Nearly
Colleen Morrissey [EMAIL PROTECTED] wrote:
Has anyone found a way around this on freeradius?
Changed the PAP module to support SHA1 b64
and be willing to share the code/changes?
Are there plans to support SHA1 b64 in freeradius?
Try the CVS snapshot, it should work there.
Alan DeKok.
-
Holger Steppke [EMAIL PROTECTED] wrote:
I found such options very usfully maintaining same configuration across
multiple redundand servers.
I agree. But until the code gets updated to make them work
properly, they won't work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Armin Ranjbar [EMAIL PROTECTED] wrote:
I'm looking for a way to avoid realm Name and @ character , in fact , if the
user aaa ask for authentication , the main server look at its own database
and if no match found take a look at another server ( in fact , realm ) and
response Access-Accept ,
Alan DeKok wrote:
Too bad. Nearly all authentication protocols require access to
clear-text passwords.
:-(. The suggestion to put passwords in clear text worked. Thanks for
your responses.
Vladimir
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I would like to find out if it is possible to specify a different LDAP
source if FreeRADIUS sees an EAP message ie. currently I have an LDAP
tree with regular users ie.
cn=users,dc=domain
only root and user can see their UserPassword hashes. I am also creating
a subtree for 802.1x devices with
I does not understand how to produce certificates with CA.ALL of
Freeradius
Help me please.
Patrice
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Vladimir [EMAIL PROTECTED] wrote:
I would like to find out if it is possible to specify a different LDAP
source if FreeRADIUS sees an EAP message ie. currently I have an LDAP
tree with regular users ie.
In 1.0.x, you can use the Autz-Type attribute to pick an LDAP
instance. See
Nick Bright [EMAIL PROTECTED] wrote:
My question is this: Can FreeRADIUS *learn* passwords, if a user has no
password set? What I mean is that when it queries the database, if it
finds a NULL password, it would *SET* the password to whatever was
submitted?
If you run an external script,
Hi everybody,
i got the following problem:
I am using EAP (mschapv2)/TTLS tunnels for authentication on a Postgres
database and it works fine so far.
Then i tried to turn on accounting on userbase and thats where i am
completely stuck.
By default i get only [EMAIL PROTECTED] as username entries
Hi,
My problem is at the dialup admin.
I'm using NoCat Gateway as the Client and a linux PC's
for my FR server. These three tables inside my MySQL
db seems not filled. I try to run the log_badlogins
scripts but it there is an error saying that sql
binary file could not be found. From the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greeting All,
I'm having a problem of this Simultaneous lockup the users when one of
the NAS was power down (without any logout session)
All the users will seem to be login for freeradius.
I think this was in the documentaion but can't find that.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kostas Kalevras wrote:
On Mon, 28 Feb 2005, Chan Min Wai wrote:
Greeting,
I wonder if there is anyway to do something like that.
Insert into the radacct DB with the Group is equal to something.
Not directly but you can send back a Class
I told the server the correct password, but the server fails to authenticate.It shows the same rlm_chap error.
Jami
Alan DeKok [EMAIL PROTECTED] wrote:
Mahmud Jami <[EMAIL PROTECTED]>wrote: rlm_chap: login attempt by "jami" with CHAP password rlm_chap: Could not find clear text password for user
Hi All
Sorry for the incomplete mail. I have a mail server and a couple of
application servers inside my network. The RAS and VPN user ID and
passwords are same. I want to restrict the user, once he is connected
to VPN, to only use the mail and only one application server. Rest of
the
Dear
Recently I have installed freeradius ,i have some problem in password
auth.
i have created new user:pra with pass:123456
when i tried to test the auth. enabling Debug mod
using command radtest pradeep 123456 localhost:1812 0 testing123
it generate following massage :
Hi,
The NAS table is read at freeradius startup.
It's possible to reload this table when I change a record (update for
example the nasname field with a new ip client) ?
Thank you
Luca
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yes, you have to send the server a HUP.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Luca Lafranchi
Sent: Wednesday, 2 March 2005 6:49 PM
To: freeradius-users@lists.freeradius.org
Subject: Reload NAS table on freeradius after record update
Hi,
The
43 matches
Mail list logo