On Wednesday 01 June 2005 01:08, Alan DeKok wrote:
> The rlm_krb5 module takes a clear-text password from a RADIUS
> packet, and uses it to authenticate via kerberos. This may work
> against AD, but I don't think anyone has tried it.
Ouch! I think this answers my question... this method cannot
Hello everybody.
I have configured free radius yo work with my sql.my sql server is also
running.I have configured sql.conf and freeradius.conf to work with free
radius.But when i start radius in debugging mode then i find the following
errors.What can be the error.
[EMAIL PROTECTED] mysql]# /usr
Hi Andreas,
Had the same problem recently - it's due to the -next_serial option
being unsupported in your version of OpenSSL but the CA.pl script
requiring it! The -next_serial option was introduced in OpenSSL version
0.9.7e :
Changes between 0.9.7d and 0.9.7e [XX xxx ]
- *)
+ *
On Wed, Jun 01, 2005 at 07:07:02AM +0545, [EMAIL PROTECTED] wrote:
> radius.But when i start radius in debugging mode then i find the following
> errors.What can be the error.
> rlm_sql_mysql: Couldn't connect socket to MySQL server [EMAIL
> PROTECTED]:radius
> rlm_sql_mysql: Mysql error 'Access
Hello,
Check your sql configuration in sql.conf
in the following area
# Connect info
server = "yousqlip"
login = "user"
password = "pws"
Abdul Lateef
Kapilvastu Lumbini
__
Discover Yahoo!
Find restaurants, movies, tra
Thank you very much to all the participants for helping me to
successfully installing the server.i have now created users in my sql and it is
authenticating successfully.Now in the current scenerao I am only able to
give prepaid facility to my users
I mean that in the section “Simeltan
Thank you
I just finished it successfully. Actually the problem was with the sql
server.Now I am defining the attribute " Max-All-Session" in seconds. That
means I am defining time limitations. [Prepaid].But what I want is that I
will make a user and it can surf unlimited.But the total time shoul
On Wed, 1 Jun 2005 13:55:27 -0700
"Rupak" <[EMAIL PROTECTED]> wrote:
> I mean that I wont define any sort of time limitations.But I want my
> customer's surfing time to be appended in mysql.How can this be done?.
The session time of your users is stored in the radacct table.
>And can the Max-
I have to use radclient with another soft but I can't arrive to run it
. When I do :
radclient 192.168.1.1 auth secret
nothing happens, it stays always empty. radtest works successful and
depends of radclient, that's why I don't understand why radclient
doesn't work. Is my syntax is wrong for rad
On Wed, Jun 01, 2005 at 11:07:13AM +0200, Sylvain Clerc wrote:
> I have to use radclient with another soft but I can't arrive to run it
> . When I do :
>
> radclient 192.168.1.1 auth secret
>
> nothing happens, it stays always empty. radtest works successful and
> depends of radclient, that's why
On 6/1/05, Oliver Graf <[EMAIL PROTECTED]> wrote:
> On Wed, Jun 01, 2005 at 11:07:13AM +0200, Sylvain Clerc wrote:
> > I have to use radclient with another soft but I can't arrive to run it
> > . When I do :
> >
> > radclient 192.168.1.1 auth secret
> >
> > nothing happens, it stays always empty. r
Hello all,
I have got an Airespace wireless lan system that allows multiple WLANs to
be created and appear as completely seperate networks. The system allows
radius authentication via multiple servers, but it does not allow
specifying certain WLANs to certain servers.
To determin which WLAN has
Hello All,
I am seeking for a way to configure functions.php3
to allow the dialup_admin to connect ORACLE DB instead of MySQL DB.
If any one have an idea regarding this, I will
appreciate his/her response.
Thanks,
Jamal
*
All,
Just wondering if anyone can point me towards to some good
documentation for FreeRadius please? I'm wanting to build a box
running Radius and using OpenLDAP for authentication detail i.e. user
name, IP etc.
Many thanks
James
--
mailto: [EMAIL PROTECTED]
icq : 48613647
msn : [EMAIL PROTE
Hi, All.
I try to use max4000 with freeradius-1.0.2_1 on my FreeBSD5.3 and
I have a problem with ip address asigning.
Postgresql table "radgroupreply" looks like:
billing=# SELECT * FROM radgroupreply;
id |groupname| attribute | op |value
+
Hello everybody.
I have installed freeradius 1.0.1 on Solaris 9.
However, it seems that I have a problem with MySQL Aythentication. As far as unix authentication is concearned everything seems to be working fine. I have installed MySQL 4.0.21 package, but radius complains about the modules use
Hi Pete,
look at the radiusd.conf file, there is a sample line for ntml_auth.
"man ntml_auth" will give you details on the parameters.
regards,
Stéphane
Hi!
Yes, that famous line! But I can't imagine that the configuration depends
all on that single line.
Here is my new state:
I h
Hi guys.
I was wondering if the information read from the nas table is in any way used
by freeradius or maybe I misread/misconfigured something?
The sql.conf file has set readclients = yes but freeradius is ignoring the
information stored in sql using only the one from clients.conf.
The clients.
Hello all! I would like to know if anyone has gotten freeradius to work
with eDirectory (LDAP)? We are using freeradius 0.93 (ships with sles9)
and want our wireless users to authenticate to the eDirectory box. I
changed the radiusd.config file at the ldap entry. Clients file has not
been touched.
>Hello all! I would like to know if anyone has gotten freeradius to work
>with eDirectory (LDAP)? We are using freeradius 0.93 (ships with sles9)
>and want our wireless users to authenticate to the eDirectory box. I
>changed the radiusd.config file at the ldap entry. Clients file has not
>been touc
Hi everybody,
as frequently here, an other EAP-TTLS problem ;)
I use WinXP + SecureW2 + Cisco AP1100 + freeRADIUS 1.0.1 & 1.0.2
freeradius see TLS packet but it's EAP-TTLS (with PAP) so authentication
doesn't works. Of course eap is set in radiusd.conf (authentication and
authorization section)
Hello all,
I'm using freeradius-1.0.2 with AceesPoint Cisco ap1100; I'm
using eap/ttls to authenticate users.
I try to connect to with Xp clients or Mac osX clients; All go wrong.
When using Mac OSX client and 802.1X setup ( authentification TTLS
alone
with PAP Authentica
/local/var/log/radius/radacct/11.0.0.2/auth-detail-20050601'rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/11.0.0.2/auth-detail-20050601 modcall[authorize]: module "auth_log" returns ok for request 0 modc
Hello,
1)can i make so that each separate proxy.conf realm uses different
rlm_passwd file?
At the moment it works in a simply way - using one passwd file.
2)Is it possible to separate Reply attributes from passwd file, i mean -
passwd contains only username, but some other file (users(?)) is
in the slq conf file set readclients=yes and make sure that nas_table=nas.
Regards,
Edgars
Marcin Jessa wrote:
Hi guys.
I was wondering if the information read from the nas table is in any way used
by freeradius or maybe I misread/misconfigured something?
The sql.conf file has set readcli
I was having same message (rlm_eap_tls: Requiring client certificate)
because there was a mistake in eap.conf.
Look at "default_eap_type = ttls" line under "eap {" or "tls {" (not sur
efor the right place because I've a similar problem to your now)
eap {
default_eap_type =
Hi again,
On my quest to get working FreeRadius with Active Directory, I am now stuck
in the TLS section.
Following some posts on the list ntlm_auth requires mschapv2 and mschapv2
requires peap which needs tls to work!
So I tried this but without success. I'm using the default example
cert
Title: Message
Hello!
I have been
searching for a way to send radius accounting information to multiple accounting
hosts. I have been unable to get this working using proxy realms. I have also
searched the mail archives and not come up with any solution. Has anyone been
able to configure f
for request 26
modcall: group authenticate returns ok for request 26
Login OK: [mbourguel/X] (from client localhost port 265 cli 0011.2420.94f9)
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 26
radius_xlat: '/var/log/radius/radacct/local
Hi Edgars.
On Wed, 01 Jun 2005 16:41:15 +0300
Edgars <[EMAIL PROTECTED]> wrote:
> in the slq conf file set readclients=yes and make sure that nas_table=nas.
In the first email I said I had that enabled.
So you mean nas table is properly used by freeradius and reads the hosts stored
in it with
call[authenticate]: module "unix" returns ok for request 26
> modcall: group authenticate returns ok for request 26
> Login OK: [mbourguel/X] (from client localhost port 265 cli
> 0011.2420.94f9)
> Processing the post-auth section of radiusd.conf
> modcall: entering gr
Hey people,
I'm trying to upgrade my freeRADIUS server and to do so, I downloaded
and installed the latest version available on freeradius.org. I
installed and configured it in a separate folder than the "old" server
is configured in. Today I stopped the "old" server and brought up the
new on
here are my results:
just rebooted and the radiusd is running and taking requests.
then I connect with my windows xp to my AP wich redirects to my radius
server. First it authenticates then connect. But I CAN'T access
internet. About 4-5 seconds later it disconnects, then tries to
re-authentic
"Jefri bin Dahari" <[EMAIL PROTECTED]> wrote:
> I try to implement EAP/TLS for network users in company I work.
> Authentication is works only for one certificate. When I create a second
> certificate and concatenate with the first certificate using 'cat', both
> certificates does not work . The
Hello,
Thanks for your advice. Effectively I'd upgraded to
"tiger". After deleting the old certifcate (server and certification authority)
everything works fine.
bets regards
Maurice
certificate
> Subject: Re: help for using eap and TTLS
> X-BeenThere: freeradius-users@lists.freeradius.
"Arne =?utf-8?q?G=C3=B6tje?= (=?utf-8?q?=E9=AB=98=E7=9B=9B=E8=8F=AF?=)" <[EMAIL
PROTECTED]> wrote:
> Can ntlm_auth handle MD5 hashes as passwords???
Nope.
> Any solution to this or am I forced to use a M$ compatible radius server
> instead?
You're forced to use IAS. Nothing else does the r
Jeff Fern <[EMAIL PROTECTED]> wrote:
> Does anyone know if it is possible to configure freeradius to proxy out
> all incoming radius requests but convert the attribute to an actual realm?
Yes. See "preproxy_users", where you can add/edit attributes to the
request which will get proxied.
Alan
James Flockton <[EMAIL PROTECTED]> wrote:
> Just wondering if anyone can point me towards to some good
> documentation for FreeRadius please? I'm wanting to build a box
> running Radius and using OpenLDAP for authentication detail i.e. user
> name, IP etc.
The server comes with documentation.
[EMAIL PROTECTED] wrote:
> Hello all! I would like to know if anyone has gotten freeradius to work
> with eDirectory (LDAP)? We are using freeradius 0.93 (ships with sles9)
> and want our wireless users to authenticate to the eDirectory box.
See 1.0.2, which includes eDirectory integration.
T
Maxim Hitrov <[EMAIL PROTECTED]> wrote:
> I have configured freeradius to make preproxing. But i have another problem:
> The "Reply-Message" didn't reach the application wich have been made auth
> request.
The debug log you posted shows the server sending it.
> So, it receives replay only on s
"Ramm-Ericsson, Johannes" <[EMAIL PROTECTED]> wrote:
> I have been searching for a way to send radius accounting information to
> multiple accounting hosts.
See "radrelay"
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Stephen Donovan <[EMAIL PROTECTED]> wrote:
> I am trying to use both PEAP and TTLS to authenticate a mobile device
> through an Access Point to my radius server. Using TTLS everything
> works fine, however I can not get it to work using PEAP.
Please READ the debug output:
> modcall: entering gr
vicky <[EMAIL PROTECTED]> wrote:
> Module: Library search path is /opt/freeradiusupgrade/lib
> ERROR: Cannot find a configuration entry for module "exec".
> zsh: exit 1 /opt/freeradiusupgrade/sbin/radiusd -X
>
> With no line number or file name I don't even know where to begin to
> look. Does
Hi,
> tls: private_key_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
> tls: certificate_file = "(null)"
> tls: CA_file = "/usr/local/etc/raddb/certs/demoCA/cacert.pem"
> tls: private_key_password = "SecretKeyPass77"
> tls: dh_file = "/usr/local/etc/raddb/certs/dh"
> tls: random_file = "/dev/ura
hi,
reading the error logs reveals
modcall: entering group Auth-Type for request 16^M
rlm_mschap: No User-Password configured. Cannot create LM-Password.^M
rlm_mschap: No User-Password configured. Cannot create NT-Password.^M
rlm_mschap: Told to do MS-CHAPv2 for octo with NT-Password^M
I just finished doing a basic install of freeradius
on freebsd. However, I am receiving a command not
found message when trying to execute radiusd from the
command line. I’m sure I am just
overlooking something minuscule, but if someone could point me in the right
direction I would greatly
[EMAIL PROTECTED] wrote:
Hello all! I would like to know if anyone has gotten freeradius to work
with eDirectory (LDAP)? We are using freeradius 0.93 (ships with sles9)
and want our wireless users to authenticate to the eDirectory box. I
changed the radiusd.config file at the ldap entry. Clients
Hi everyone,
Just a quick question about running radiusd as a user other than root. Do I need
to compile the server as that user? And do I need to do anything else other than
uncomment the lines in radius.conf?
Is there a help/doc file about this?
Thanks a bunch.
Andrey
-
List inf
Hi Dan.
I assume you installed freeradius from ports.
Try then to run rehash command in your shell and/or
# which radiusd
/usr/local/sbin/radiusd
If you dont get any output you did something wrong
You should also have /usr/local/etc/rc.d/radiusd.sh
Remeber to edit /etc/rc.conf and add there radiu
Hi Andrey.
Edit your radiusd.conf and uncomment:
#user = nobody
#group = nobody
You can manually add new users the radius will run as. Propaly the easiest way
is to run vipw and copy line from some other service, change the uid, gid and
the username, edit /etc/group and put there your group as
Hi,
> Edit your radiusd.conf and uncomment:
> #user = nobody
> #group = nobody
>
> You can manually add new users the radius will run as. Propaly the easiest
> way is to run vipw and copy line from some other service, change the uid, gid
> and the username, edit /etc/group and put there your gr
Thanks Alan for the feedback. If you or somebody from this list can give me
a lead or link on how to edit the source code to have multiple certificate,
I would highly appreciate.
Thanks.
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>ce
To: "FreeRadius users mailing list"
Hi,
FreeRADIUS 1.0.2 has been integrated with eDirectory to support
wireless
authentication. See
(http://www.novell.com/documentation/edir_radius/index.html)
You can also use FreeRADIUS 0.9.3. That supports LDAP authentication
to eDirectory. In this case you could try EAP-TTLS + PAP.
http://
53 matches
Mail list logo
