Is there a way to dynamically attach the mac of the users pc to the
username who has logged in?
This way I can stop people sharing the same username/password
combination on different pc's.
Using the post-auth requests, you can add a Calling-Session-Id for the
concerned user in the radcheck tab
As with most things in networking, when you ask for help, the answer
comes rushing out to you.
Here's what worked.
1. Created radiusd user and the radiusd group, radiusd group is the
primary for the radiusd user.
2. Do this:
[EMAIL PROTECTED] doc]# chmod -R -rwx /etc/raddb
[EMAIL PROTECTED] doc]
Dennis Comeaux <[EMAIL PROTECTED]> wrote:
> I have a user named radiusd in group radiusd.
>
> I have tried chmod -R a+rwx /etc/raddb.
That's OK for testing, but not really an option for a real
deployment.
I would suggest instead (as I suggested before)
$ chown -R radiusd.radiusd /etc/raddb
Additionally - here's the ls -l on /etc/raddb:
[EMAIL PROTECTED] root]# ls -l /etc/raddb
total 460
-rw---1 radiusd radiusd 422 Feb 28 10:40 acct_users
-rw---1 radiusd radiusd 3454 Feb 28 10:40 attrs
drwxrwxrwx3 radiusd radiusd 4096 Mar 16 16:56 certs
-rw-
Here's where I am now:
I have a user named radiusd in group radiusd.
I have tried chmod -R a+rwx /etc/raddb. I still get the
5968:error:0200100D:system library:fopen:Permission
Denied:bss_file.c:104:fopen('/etc/raddb/certs/demoCA/cacert.pem','r')
error.
ls -l on the cacert.pem file shows that t
Larry Riffle <[EMAIL PROTECTED]> wrote:
> I'm trying to decide if this is just a couple of us doing something
> wrong or if check_cert_cn is broken.
It might be broken.
> Does anybody have it working on any platform? By "working" I mean when
> the CN doesn't match your server doesn't crash.
Alan DeKok wrote:
"A. Burak Gurdag" <[EMAIL PROTECTED]> wrote:
I can manage to do digest authentication (according to
sterman-draft-00) over FreeRadius against an LDAP server in which user
passwords are stored in cleartext. I would like to store passwords in
SSHA or MD5 encoded form in the LDAP ser
"A. Burak Gurdag" <[EMAIL PROTECTED]> wrote:
> I can manage to do digest authentication (according to
> sterman-draft-00) over FreeRadius against an LDAP server in which user
> passwords are stored in cleartext. I would like to store passwords in
> SSHA or MD5 encoded form in the LDAP server. But i
Hello all,
This may very well be more of a MySQL question, but since it's directly
involved with me integrating it into FreeRADIUS, I'm hoping someone can
give me a pointer...
First off, I've already got two RADIUS servers that authenticate using a
replicated flat text users file. i want to m
On Apr 1, 2005 3:05 PM, Larry Riffle <[EMAIL PROTECTED]> wrote:
> I'm trying to decide if this is just a couple of us doing something
> wrong or if check_cert_cn is broken.
>
> Does anybody have it working on any platform? By "working" I mean when
> the CN doesn't match your server doesn't crash.
Hi all,
I can manage to do digest authentication (according to
sterman-draft-00) over FreeRadius against an LDAP server in which user
passwords are stored in cleartext. I would like to store passwords in
SSHA or MD5 encoded form in the LDAP server. But it does not seem
possible since FreeRadius ha
Thor,
Thanks very much !
-Original Message-
From: Thor Spruyt [mailto:[EMAIL PROTECTED]
Sent: Friday, April 01, 2005 3:37 PM
To: freeradius-users@lists.freeradius.org
Subject: Re: Fail_over
Rangel, Luciano wrote:
> "Rangel, Luciano" <[EMAIL PROTECTED]> wrote:
>> What should I do
<[EMAIL PROTECTED]> wrote:
> Any
> ideas where I can get rlm_sqlippool from? The archive of this mailling
> list contained a few links, non of them worked. :(
www.mail-archive.com
http://www.mail-archive.com/cgi-bin/htsearch?method=and&format=short&config=freeradius-users_lists_freeradius_org&
=?iso-8859-1?Q?F=E9licien_T?= <[EMAIL PROTECTED]> wrote:
> Can someone helps me to make a ppp server for wireless connection ?
You don't. It doesn't work that way.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius roime <[EMAIL PROTECTED]> wrote:
> libtool: install: `rlm_sql_mysql.la' is not a valid libtool archive
You are trying to install the server when the build process failed.
Don't do this.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius roime <[EMAIL PROTECTED]> wrote:
> I've installed Freeradius 0.9.*
Why? 1.0.2 has been out for a while.
> But when i tried to run it using debugginh mode, i've
> received this text printed at the end of the textprinted.
>
> rlm_eap: Loaded and initialized the type gtc
> rlm_eap: In
Rangel, Luciano wrote:
> "Rangel, Luciano" <[EMAIL PROTECTED]> wrote:
>> What should I do to configure fail-over in my freeradius ?
Read doc/configurable_failover and try.
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.s
Integrating with freeradius and postgresql.Sure.
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
- Original Message -
From: Brian Gao
To: 'freeradius-users@lists.freeradius.org'
Sent
"Brian Gao" <[EMAIL PROTECTED]> wrote:
>
> Where I can get this IIRC?
Um... *cough* "IIRC" == "If I Recall Correctly"
>
> Thanks
You're welcome.
Jim
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
If you donÂt want help mind your own business ???
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 31, 2005 6:32 PM
To: freeradius-users@lists.freeradius.org
Subject: Re: Fail_over
"Rangel, Luciano" <[EMAIL PROTECTED]> wrote:
> What should I do to con
Title: Integrating with freeradius and postgresql.
Where I can get this IIRC?
Thanks
Brian
"Brian Gao" <[EMAIL PROTECTED]> wrote:
>
>
> Just wondering if anyone has done "integrating with freeradius and
> postgresql"?
IIRC, the docs talk about doing just that. Have you examined them?
Jim
--
Note: My mail server employs *very* aggressive anti-spam
filtering. If you reply to this em
Zoltan Ori <[EMAIL PROTECTED]> wrote:
>
> On Friday 01 April 2005 11:58, Jim Seymour wrote:
> > Zoltan Ori <[EMAIL PROTECTED]> wrote:
> > > On Friday 01 April 2005 11:45, Jim Seymour wrote:
> > > > No certificate matches private key
> > >
> > > That may be the problem.
> >
> > Indeed, it may well
On Friday 01 April 2005 11:58, Jim Seymour wrote:
> Zoltan Ori <[EMAIL PROTECTED]> wrote:
> > On Friday 01 April 2005 11:45, Jim Seymour wrote:
> > > No certificate matches private key
> >
> > That may be the problem.
>
> Indeed, it may well be. But what does that *mean*? What
> "certificate?" W
Title: Integrating with freeradius and postgresql.
Just wondering if anyone has done "integrating with freeradius and postgresql"?
Brian
Zoltan Ori <[EMAIL PROTECTED]> wrote:
>
> On Friday 01 April 2005 11:45, Jim Seymour wrote:
> > No certificate matches private key
>
> That may be the problem.
Indeed, it may well be. But what does that *mean*? What
"certificate?" What "private key?" I have no idea what it's
looking for o
On Friday 01 April 2005 11:45, Jim Seymour wrote:
> No certificate matches private key
That may be the problem.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I'd like to generate new certs, but whenever I run CA.all I get, after
the last phase:
...
Certificate is to be certified until Apr 1 16:15:07 2006 GMT (365 days)
Sign the certificate? [y/n]:y
failed to update database
TXT_DB error number 2
No certificate matches private key
14428:error:0D07
It looks like the secret you specified in the radtest command, does not exist
in your clients.conf file.
client 127.0.0.1 {
secret = radius
shortname = localhost
nastype = other
}
Do you have an entry like the above in your clients.conf file?
...
Title: Auth problem (freeradius+mysql)
Hi,
I have freeradius and mysql installed on my debian box, both of them are working fine.
But when I run command: radtest testing password localhost 17 radius
I got the messages like:
Sending Access-Request of id 129 to 127.0.0.1:1812
User-N
I have set up my radius server in Master/Slave configuration with a
replicated MySQL db backend. Seems to work fine, however, I can't seem
to find any information on the rlm_sqlippool module (package?) as I know
need to address the issue of dynamic IP pools on a shared database. Any
ideas where I
Hey,
Can someone helps me to make a ppp server for wireless
connection ? I tried lot of configuration from internet but non of
them works? I’m running FreeBSD 5.3. I installed freeradius which seems
to work. I tried it with RadiusTest. I used Poptop which works with user in
ppp.secret b
Hello,
are there any plans to enable log_badlogins to extract clients information
from a nas table instead of from the clients.conf file? It currently doesn't
work properly if the clients.conf doesn't contain the information it wants.
I have patched it myself so that it uses neither nas table no
I'm trying to decide if this is just a couple of us doing something
wrong or if check_cert_cn is broken.
Does anybody have it working on any platform? By "working" I mean when
the CN doesn't match your server doesn't crash.
Date: Sun, 27 Mar 2005 18:10:35 +0200
From: Willem Eradus <[EMAIL PROT
freeradius roime <[EMAIL PROTECTED]> wrote:
>
> Hi everyone.
> I've installed Freeradius 0.9.* on solaris 8 OS and it's installed
> successfull. But when i tried to run it using debugginh mode, i've
> received this text printed at the end of the textprinted.
>
> rlm_eap: Loaded and initialized t
baeckerei-wasmer.de> writes:
> --snip--users-File--
> #"testuser" Service-Type == Framed-User
> # Tunnel-Media = IEEE-802,a
> # Tunnel-Private-Group-Id = 5,
> # Tunnel-Type = VLAN
>
> "testuser"Service-Type == Framed-User
> Tunnel-Type += 13,
> Tunnel-Media += 6,
Title: freeradius bandwidth counter help
Hi all,
Here is the scernario
Authenicating users against a MySQL database, what i want to do is to have a counter to how much bandwidth the user has used, but to count DOWN from a set amount ie 100mb, if they use 3mb in one session then the next s
Hi Alan,
This happened to me too, I setup my freeradius 0.9.3 with Expiration
attribute in the radgroupcheck (for a group)and I even went ahead to do it
for individual user in the radcheck table but its not executing it as at
when the expiration of the user of the group is reached.
I used suse90
> Is there a way to dynamically attach the mac of the users pc to the
> username who has logged in?
> This way I can stop people sharing the same username/password
> combination on different pc's.
Using the post-auth requests, you can add a Calling-Session-Id for the
concerned user in the radcheck
> > wether setting
> > an Expiration attribute in radcheck normally implies a Session-Timeout
> > to be added to the access-accept messages, or not.
>
> Yes.
>
> If it doesn't work in SQL, try it in the "users" file.
Thank you for answer. I tried with the "users" file and got the same
behavi
Hi everyone,
I've set up a FreeRADIUS-Installation v1.0.2 for testing with EAP-TLS
authent.
to provide dynamic VLAN-IDs to a HP 2524-Switch (Firmware 05.22). We
have set
the switch to HP's "Open VLAN-Mode".
If authentication is sucessfull, the switch puts the port in the correct
"auth,
but no VLAN
41 matches
Mail list logo
