Cian Phillips wrote:
Thanks to Alan, Thor and Vladmir for getting me this far. grin
I have TTLS-PAP working and authenticating against our OSX LDAP
server. I was wondering if anyone has had any success getting
Microsoft clients to use TTLS-PAP without installing additional
software as
Hi all
I am new to the freeRadius and wish to study the code of the server. Please tell me abt the code structure so as to be able to study and understand the code properly.
Thanks
Shruti
Too much spam in your inbox? Yahoo! Mail gives you the best spam protection for
All,
I am using freeradiusd 1.0.4 on RedHat Linux 9 and have just run the digest
test suggested in the doc area through radclient.
As it stands, I receive a code 3 reply (Access-Reject).
The instruction for the test tells me to do the following:
1. In the /etc/raddb/users file insert entry as
Greetings!!!
I'm new to freeradius. I have installed freeradius-1.0.4 on my machine and
it responds back for the packets sent through radclient.
Now my requirement is:
I have a linux box whose user profiles are maintained by the RADIUS
server. When I use ssh/rlogin/telnet etc it should
Hello,
I am using free radius server for sending accounting request packets and receive accounting response packets.However it displays shared secret is incorrect.Could you let me know howto configured the free radius server for radius accounting or any special configuration has to be done apart
Hi,
what you are saying is that I should do something like this:
user_ttls EAP-Type != PEAP
that however only prohibits the usage of PEAP for user_ttls while i
would like to only enable TTLS for this specific user (which is not
quite the same).
Yes, however you said
How can I add this OID to my machine certs ? using CA.certs script and xpextensions file ?
Regards,
Jeremy
Ben Walding ben.walding at gmail.com wrote:
I also found using machine certificates to be hit and miss (some
machines they'd be picked up, others they wouldn't - all XP SP2 with
Hello
I'm using FreeRADIUS with MySQL for accounting and authentication.
From a Cisco 2651XM router, I have multiple Cisco-AVPair attributes send in
accounting packets:
rad_recv: Accounting-Request packet from host 192.168.167.14:1646, id=186,
length=201
Acct-Session-Id =
Sorry, but I didn't find any references of this OID in the creation scripts in the
scripts directory (Ca.all, CA.certs...).
The only OID added seem to be 1.3.6.1.5.5.7.3.1 and 1.3.6.1.5.5.7.3.2 (in
xpextensions).
Is there any way to do this without patching openssl (like explained there
I am authorizing wireless network cards in users file with radius server (old
cistron radius) and that is working fine
entry like:
121212-232323 Auth-Type = Accept
Only network card matching abov entry get access
Now I am building new radius server with FreeRadius and users information and
check this out Jeremy
http://www.linuxjournal.com/article/8095
On Wed, 2005-08-31 at 14:22 +0200, Jérémy Cluzel wrote:
Sorry, but I didn't find any references of this OID in the creation scripts
in the scripts directory (Ca.all, CA.certs...).
The only OID added seem to be 1.3.6.1.5.5.7.3.1
hi Alan
hi Stefan
thanks for your help. I think I understand the idea. however my problems
are on the implementation level.
two things are still not clear to me.
1. we use 'sql' and not 'files' (my fault i didn't mention it
previously) and thus I don't see how I can add the line below to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I want to do user authentication by Kerberos 5. Therefore I was happy to
see that FreeRADIUS contains the krb5 module. But I wasn't able to find
the documentation for this module. Can somebody give me a link or an
example on how to use this
Joe H [EMAIL PROTECTED] wrote:
lines. lines 2 and 11 are other DEFAULT entries in the users file with
fall-through set to yes. It skips right over the SNS-Enable checkItem.
Ah. The users file isn't set up to do comparisons on check items.
So I don't think it will work.
Alan DeKok.
shruti kukkar [EMAIL PROTECTED] wrote:
I am new to the freeRadius and wish to study the code of the
server. Please tell me abt the code structure so as to be able to
study and understand the code properly.
The code structure is documented in the code.
Alan DeKok.
-
List
Iandc Davies [EMAIL PROTECTED] wrote:
The instruction for the test tells me to do the following:
1. In the /etc/raddb/users file insert entry as below :-
test Auth-Type := Digest, User-Password = test
That should be ... User-Password := test.
The users file isn't really set up for
Nisha P Kurur [EMAIL PROTECTED] wrote:
I have a linux box whose user profiles are maintained by the RADIUS
server. When I use ssh/rlogin/telnet etc it should give me the prompt,
get the user name and password from the prompt and authorise it with
the RADIUS server. If authorized, then a
I told my colleagues about the advantages of FREERADIUS+ORACLE.
BUT, they say, that it is GPL violation.
IS that true?
Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Peter Hicks [EMAIL PROTECTED] wrote:
When trying to refer to these in a SQL INSERT statement for accounting
(where if the AVPair is 'isakmp-initiator-ip', it gets stripped and the
address inserted), the AVPairs overwrite each other.
Is there a workaround for this, or is the behaviour of a
Is there a way to tell freerad not to check user-password ?
Ian Davies {02476 564662}
Internal (x740 4662)
IMS-SIPAC
Software Development Engineer
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I'm trying to have a local user in my users file called guest password
guest. If the user is not guest forward on the user to domain
authentication. I'm having trouble when authenticating guest when it comes
to the mchap authentication, although I have the MS-CHAP-Use-NTLM-Auth = No,
it
Iandc Davies [EMAIL PROTECTED] wrote:
Is there a way to tell freerad not to check user-password ?
Use :=, as per my previous message.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Velikanov [EMAIL PROTECTED] wrote:
I told my colleagues about the advantages of FREERADIUS+ORACLE.
BUT, they say, that it is GPL violation.
IS that true?
No.
If you *distribute* a binary with Oracle, it could be. But if you
just use it yourself, it's not.
Alan DeKok.
-
List
Joachim Selke [EMAIL PROTECTED] wrote:
I want to do user authentication by Kerberos 5. Therefore I was happy to
see that FreeRADIUS contains the krb5 module. But I wasn't able to find
the documentation for this module. Can somebody give me a link or an
example on how to use this module?
The
Alan DeKok wrote:
Jason Carr [EMAIL PROTECTED] wrote:
I grepped for local in the raddb directory, and I'm not seeing anything
related to Auth-Type := Local in any config file.
Did you set it in the SQL database?
I saw that I'm not supposed to explicitly define Auth-Type := EAP,
but
Hello-
I'd like to authorize users based on their Calling-Station-Id via a
local users file and authenticate/authorize (simple access allowed flag)
via an ldap server. The reason I need to double authorize is because I
do not have rights to add/edit any data in the remote ldap server. I
Jason Carr [EMAIL PROTECTED] wrote:
Against recommendations, I've added DEFAULT Auth-Type := EAP and the
server still says it's trying to use local authentication. Does the
server fall back to local if it doesn't know which method to use or if
there's an error?
It uses Auth-Type = Local in
Alan, Stefan
replying to myself:
using 'files' I've managed to make it work. the correct (working)
configuration is:
user_ttls FreeRadius-Proxied-To == 127.0.0.1, User-Password ==
test_ttls
Session-Timeout = 3600
user_ttls EAP-Type != EAP-TTLS
Having some trouble setting up PEAP with a windows XP workstation, a Cisco 350 AP (upgraded to IOS version 12.2), I am using the default XP Client to set things up. Many moons ago I had LEAP working great, the hard drive on this linux machine failed and it was time to reinstall. Not sure why i'm
hi
J Zakhar wrote:
Having some trouble setting up PEAP with a windows XP workstation, a
Cisco 350 AP (upgraded to IOS version 12.2), I am using the default XP
Client to set things up. Many moons ago I had LEAP working great, the
hard drive on this linux machine failed and it was time to
I managed to get it working, the machine here running freeradius has 2 ip addresses. I had noticed in another message on the list, that can be problematic. I set freeradius to bind to a specific IP and it light right up, go figure heh. I do appreciate the respone though. I spent a good 5 1/2 hours
Dear all,
How can i copy data from LDAP after mapping new attributes... as below:-
thanks..
--haizam
- Original Message -
From: haizam [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Monday, August 29, 2005 12:13
Subject: Re: usage of
32 matches
Mail list logo