Hi,
Debug mode does not reveal further information, what I've noticed I didn't
before :( is checkrad is used to verify if the connection is still
established, despite simul_verify_query result.
I've set up the SNMP community in naspasswd file and radius polls NAS in order
to check active sessi
i'm running a freeradius 1.0.2 as a proxy, with a very simple configuration -
no ldap, no sql, only a users file, and some attribnute filters for pre- and
post- proxying.
strangely i'm finding that about once a day at random times the server is not
running, but the PID is left - thus confusing
hi Josh
sorry to catch up so late on this.
I mean EAP over RADIUS within a roaming consortium. A good example
of one, which I'm involved in, is eduroam (www.eduroam.org).
i took a look at this, it is mostly TERENA stuff for RADIUS... imho
it only concerns the provider-provider interface a
I came across error while trying to compile freeradius-1.0.5 today and
was looking for a solution. I found a message on the list from
September 12 that no one responded to, so I looked into the problem a
little further and found a solution (at least for that section of the
compile). The problem i
Hi,
Does anyone know of a simple way to invoke an Access-Reject for a user
at the authenticate stage? Without changing the stored password. I have
tried altering the 'op' to != and all manner of other combinations from
within the rad_check table without success.
We would just like to be able
Yes, it is possible, at least in 1.0.5. My nas list is in MySQL. The DB
table columns are in a fixed sequence and referred by
position and not by name. The nas identifier must be either a DNS
resolvable name or IP address or
IP Address/netmask, e.g. 200.100.100.0/255.255.255.0.
I only have 'clie
Hello list,
Radius authentication works fine.
The problem is after, when my radiusclient/application sends another radius
Access-Request message but without the User-Password field and freeradius
complains that it requires it since we are using Digest.
What the radiusclient is trying to do is fin
I managed to get freeradius to use the nas table (from postgres) but I
had to load the SQL module from the 'authorize' section of radiusd.conf.
What I would like to do is load the SQL module for the reading of the
nas table only. Is this possible?
On Fri, 2005-10-14 at 11:30 -0400, Gunther wrote:
Tim O'Donovan wrote:
Hi,
Does anyone know of a simple way to invoke an Access-Reject for a user
at the authenticate stage? Without changing the stored password. I have
tried altering the 'op' to != and all manner of other combinations from
within the rad_check table without success.
We w
Joel Bjerk <[EMAIL PROTECTED]> wrote:
> I managed to get freeradius to use the nas table (from postgres) but I
> had to load the SQL module from the 'authorize' section of radiusd.conf.
> What I would like to do is load the SQL module for the reading of the
> nas table only. Is this possible?
L
Andrew Teixeira <[EMAIL PROTECTED]> wrote:
> I came across error while trying to compile freeradius-1.0.5 today and
> was looking for a solution. I found a message on the list from
> September 12 that no one responded to, so I looked into the problem a
> little further and found a solution (at lea
"David M." <[EMAIL PROTECTED]> wrote:
> Debug mode does not reveal further information, what I've noticed I didn't
> before :( is checkrad is used to verify if the connection is still
> established, despite simul_verify_query result.
Yes. Because the accounting stop packets may have been lost
"Tariq Rashid" <[EMAIL PROTECTED]> wrote:
> anyone suggest a good why to uncover the problem, short of running
> it in -X mode and waiting for it to fail.
Upgrade to 1.0.5, as 1.0.2 has known bugs. See
http://www.freeradius.org/security.html.
It's possible that someone outside of your networ
I have a huntgroup for the dial-up that allows me to differentiate between
the dial and dsl based on the radiusGroupName without any problems. But now
i need to be able to let a DSL user with a static ip be able to log in via
dial-up and pull a dynamic ip. Is this possible and how do i do it (
On Oct 14, 2005, at 2:35 PM, Alan DeKok wrote:
My doubt/question is: checkrad is always used to Simultaneous-Use
checking? Is it not possible to use radacct table instead of SNMP
polling?
Yes. Set the "nastype" to "other".
And when the system misses an accounting stop packet, the user wo
On Fri, 2005-10-14 at 09:48 +0300, Boyan Jordanov wrote:
> On Thursday 13 October 2005 21:55, Max Lock wrote:
> > that's what I'm trying to do.
> >
> > sub authorize {
>
> Maybe you need authenticate instead of authorize ?
> Read docs/aaa.txt
>
thanks Boyan,
I realised that I'd accidently rem
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
I have a server on FreeBSD 5.4-STABLE, using PAP and crypt(). When
it uses MD5 passwords ($1$...) it works fine, but when using
Blowfish ($2a$...) it gives me the unprintable characters error.
Anyone seen this and/or resolved it (without resett
<[EMAIL PROTECTED]> wrote:
> These are mysql tables:
>
> ++--+---++--+
> | id | UserName | Attribute | op | Value|
> ++--+---++--+
> | 1 | Jhassell | Password | == | changeme |
Use := rather than ==. See the rlm_sql document
Hi, at what time is the user included in the radutmp file, in the
authentication process or after a successful connection?
I mean, if i agree with some friend and make at the same time (well,
almost, supose 30 seconds delay from one call to another) a
connection attemp, both will be authenti
Yup, that did it!!!
Thanks Alan!!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan
DeKok
Sent: Friday, October 14, 2005 4:51 PM
To: [EMAIL PROTECTED]; FreeRadius users mailing list
Subject: Re: Group checking - Radius AVP retrieval
<[EMAIL PROTECTED
Hi, how can i run diferent scripts depending on the usergroup of the
username?
According to the documentation:
in radiusd.conf i can define diferent rlm_exec scripts:
modules {
exec tariff {
program = "/path/to/program/tariff"
wait = yes
input_pairs = request
outpu
21 matches
Mail list logo
