Hello,
i had a problem with freeradius and rlm_ldap module
sometimes and i don' know why users couldn't authenticate on ldap server.
I had this message in radius.log:
Auth: Login incorrect (rlm_ldap: User not found): [dupont]
and few seconds later the authentification is ok with the same user:
Hi there,
Im a newby here so forgive if I ask obvious questions.
Im trying to setup, wel actually I did setup FreeRADIUS Version 1.0.2 on a
Linux Debian machine and it is working fine :)
But I need to achieve the following setup:
We have # cisco routers and switches who are locally managed
Yes this is my experience as well. Running v 1.0.2 there was nothing in the
change log for 1.0.3 to say this was fixed either.
Just as a note when I posted these findings nothing came back.
I was using an ldap backend as well. It would be great to have a detailed
explaination of this one and
Hi,
I plan to implement simultaneous MAC+EAP authentication for my wireless
users. From my observation, Freeradius can only do either MAC or EAP but not
MAC and EAP authentication. Can somebody gives me some hints on how to do
that?
Thanks.
-
List info/subscribe/unsubscribe? See
On Mon, Jun 13, 2005, Jefri bin Dahari wrote:
Hi,
I plan to implement simultaneous MAC+EAP authentication for my wireless
users. From my observation, Freeradius can only do either MAC or EAP but
not MAC and EAP authentication. Can somebody gives me some hints on how to
do that?
I check
Hi Alan,
thank you for replying,
this is how I tried this before, I will try to keep this as short as
possible.
1)
users:
bob Password == bob, Huntgroup-name == diegem
Login-Service = 0,
Vendor-Specific = 9,
Reply-Message = Hello, bob,
Cisco-AVpair =
I have a configuration similar to your no one option.
From readinr the huntgroups how to and the users how to, this seems to
be the most correct method to use.
I have a second issue with this in that the users file has a defulat
reject if the group is not matched. This also is not being used
Hello guys and girls,
While executing a script of mine in the radiusd.conf file I get a very
strange error that worries me.
/radius_xlat: '/home/vicky/finalprog/compAttrs Access-Request'
Exec-Program: /home/vicky/finalprog/compAttrs Access-Request
MASTER: Child PID 28050 failed to catch
Try this.
huntgroups
diegem NAS-IP-Address == 10.5.x.x
diegem NAS-IP-Address == 10.5.x.x
diegem NAS-IP-Address == 10.5.x.x
brusselsNAS-IP-Address == 10.2.x.x
users file
#note: there is no default auth-type = system here
DEFAULT Group ==
I have a second issue with this in that the users file has a defulat
reject if the group is not matched. This also is not being used
correctly by freeradius. The user defaults into that if there group does
not match but does not get rejected.
I have never noticed any problems like that
Ming-Ching Tiew [EMAIL PROTECTED] wrote:
With the current state of the drivers, they are not usable. Period.
Does this mean:
a) you will do something about it?
or
b) you expect someone else to do something about it?
Alan Dekok.
-
List info/subscribe/unsubscribe? See
Dustin I get matchs in my users files. But the huntgroup seems to just be
bypassed.
Could you PM me with a users file and huntgroups file incase it is a syntax
issue.
thenks
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dustin Doris
Sent: 13 June
I just wanted to make
sure that I wasn't missing something, and that there isn't
an easier
way to get at the ASCII inside the octet stream.
Edit the dictionary, and change octets to string?
I saw discussion in a previous thread (Handling of the 'Class'
attribute, this post in
We've set up Simultaneous-Use := 1 - and this seems fine.
However, I have my first user - who is really off the net and 'radzap'
seems to do nothing (radwho still gives the user as being there).
What is the code... in sql.conf...
simul_count_query = SELECT COUNT(*) FROM ${acct_table1} WHERE
I'm having a similar problem. I'm using sql accounting. I've
uncommented the simul_count_query query line. I've entered the
Simultaneous-Use attribute in the radgroupcheck table with the := op.
It's still trying to use checkrad (in the log) no matter what I do.
I've read the doc file.
Upon further inspection i found it was sending 2 other attributes, defaults
from my users file
i started testing it with radclient, using info one of the NAS's sent,
radtest wasn't giving it this extra info i guess
and i ended up with these 2 extra attributes
Framed-MTU = 576
Hi Artur Hecker,
Very thanks for your help. I think you did a good job and hope you keep doing something like this.
Thanks again.
Best Regards__Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -
Shawn K. O'Shea [EMAIL PROTECTED] wrote:
I saw discussion in a previous thread (Handling of the 'Class'
attribute, this post in particular,
http://lists.freeradius.org/mailman/htdig/freeradius-users/2003-July/021
267.html) that implied this was frowned upon, at least when interacting
with
Stefan Winter [EMAIL PROTECTED] wrote:
Occasionally, this file gets corrupted: it contains a _plain text_
copy of an accounting packet (exactly as you see them in the detail
files) as opposed to the binary format this file is usually in.
That sounds to me like file descriptors are being
romel dutta [EMAIL PROTECTED] wrote:
Here i am using freeradius-1.0.2 using for AAA function...and
pppoe-server as the client Here i need to assgin the DNS ip
address to the pppoe-client through the radius. server... pls tell
me which attribute is there to assign DNS IP
Florian Prester [EMAIL PROTECTED] wrote:
authorize: If I place the users-word before anything else, the
authorization should take place by the users-file, which means if an
user exists in the users-file it is authoized? correct?
It means that the users file is processed before anything
Martial VdB [EMAIL PROTECTED] wrote:
Ive tried several setups by using the huntgroups and using system as
authentication method but I can't get the huntgroup validation to work. It
looks like the huntgroups are just ignored. Everyone can just enter any
device as soon as their usrname and
Jefri bin Dahari [EMAIL PROTECTED] wrote:
I plan to implement simultaneous MAC+EAP authentication for my wireless
users. From my observation, Freeradius can only do either MAC or EAP but not
MAC and EAP authentication. Can somebody gives me some hints on how to do
that?
It can do both.
Hello,
Running Debian, I have done a $ fakeroot
dpkg-buildpackage -b on the freeradius 1.0.3 directory. I
get a warning saying
remember to run 'libtool --finish
/usr/lib/freeradius'
which I do when the process finishes, and three error messages:
dpkg-shlibdeps: warning: could not find path for
Hello,
I am getting the following error when running freeradius -X:
radiusd.conf[2] Failed to link to module
'rlm_sqlcounter': /usr/lib/freeradius/rlm_sqlcounter.a: invalid ELF
header
Thanks.
Max
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
=?iso-8859-1?B?R2VvcmdpbmEgTm9lbWkgR29ueuFsZXogQ2ViYWxsb3M=?= [EMAIL
PROTECTED] wrote:
I know that is a problem with the client certificate.. i imported the root
and client certificate to windows.
It doesn't appear that the client is sending the certificate to the
server.
Either the
Hello,
I am looking at setting up a group of Proxim AP-4000 wireless gateways. I
want to be able to authenticate via the MAC address of each user's laptop
WiFi NIC.
I am trying to find the raddb tags required to send / receive the
information to make this work. Can someone point me in the right
i personally think that it's completely useless.
implementing EAP or MAC authentication, meaning that one of both would
work, is a huge security hole and requiring both is useless since EAP
authentication implicitly filters away everything unauthenticated...
(even if i understand that might be
28 matches
Mail list logo