Re: CHAP Problems

Radius wrote: When I put the := system first and := local second in the user file, it started working. DEFAULT Auth-Type := System Fall-Though = Yes DEFAULT Auth-Type := Local Fall-Though = Yes It's working for both PAP and CHAP login's. I heard this is not

Legacy data icradius

Hello all I am using freeradius version 1.0.5 and I am seeking some advise with regards to moving some legacy icradius data. We currently have freeradius running,... but our full implimentation requires us to import or load legacy data from icradius into freeradius. Has anyone done this bef

RE: Freeradius How to integrate Active Directory [ADIntegrationWindowsXP NTLM Tutorial]

Alhagie Puye - Network Engineer Datawave Group of Companies (604)295-1817 > >-Original Message- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED] On > >Behalf Of Alan DeKok > >Sent: November 24, 2005 2:36 PM > >To: FreeRadius users mailing list > >Subject: Re: Freeradius How to

Re: Freeradius How to integrate Active Directory [AD IntegrationWindowsXP NTLM Tutorial]

"Alhagie Puye" <[EMAIL PROTECTED]> wrote: > SSL-VPN client -> Cisco VPN Concentrator -> FreeRadius -> W2K Active > Directory What is in the RADIUS packet from the VPN concentrator? EAP? User-Password? You need to know this. > I think I should be using ntlm_auth. Or should I be using the LDAP

Re: rlm_ippool: multiple ip ranges or multiple pools

Andre Dalle <[EMAIL PROTECTED]> wrote: > Looking through the code, it looks like we can't have a second ip range > associated with a single pool, which would be ideal. You can have multiple instances of the pool module. > Is there a way to associate multiple ranges/pools with a single > usergro

rlm_ippool: multiple ip ranges or multiple pools

Currently using rlm_ippool with great success on freeradius-1.0.4. A single IP range and a single pool associated with all dynamic-IP users. Looking through the code, it looks like we can't have a second ip range associated with a single pool, which would be ideal. Is there a way to associate mu

RE: Freeradius How to integrate Active Directory [AD IntegrationWindowsXP NTLM Tutorial]

Let me clarify. Here is my setup: SSL-VPN client -> Cisco VPN Concentrator -> FreeRadius -> W2K Active Directory It seems all the docs on the 'Net I have found talk about wireless or 802.1x clients. I think I should be using ntlm_auth. Or should I be using the LDAP module? Thanks, Alhagie Puy

Re: Freeradius How to integrate Active Directory [AD IntegrationWindowsXP NTLM Tutorial]

"Alhagie Puye" <[EMAIL PROTECTED]> wrote: > FreeRADIUS supports Class Attributes, doesn't it? Yes. Please call it by it's name. As for implementing what's on the Cisco page, do ou have a specific question? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list

RE: Freeradius How to integrate Active Directory [AD IntegrationWindowsXP NTLM Tutorial]

> >-Original Message- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED] On > >Behalf Of Alan DeKok > >Sent: November 24, 2005 7:40 AM > >To: FreeRadius users mailing list > >Subject: Re: Freeradius How to integrate Active Directory > >[AD IntegrationWindowsXP NTLM Tutorial] > > >

Re: CHAP Problems

[EMAIL PROTECTED] wrote: > I went to 1.0.5 and things improved a little that we started seeing the > response from the MySql database > but still nothing in CHAP. I'm sure I'm missing a setting somewhere because > of the Auth-Type warning. Something, somewhere is setting Auth-Type := System. Th

Re: Freeradius as radius gateway

Andrej Sirk <[EMAIL PROTECTED]> wrote: > is possible to recive an radius packet in digest mode and then transform it > one another packet and use an different method. No. The authentication algorithms are designed to make this impossible. Alan DeKok. - List info/subscribe/unsubscribe? See h

Re: Freeradius How to integrate Active Directory [AD Integration WindowsXP NTLM Tutorial]

"Alhagie Puye" <[EMAIL PROTECTED]> wrote: > I have followed the steps in the howto and everything seems to work fine > but FreeRADIUS is ignoring "MS-CHAP". Debug logs? > My question is...can I use Active Directory if I need to use attribute > 25 on FreeRADIUS? What's attribute 25? > If so,

Re: CHAP Problems

When I put the := system first and := local second in the user file, it started working. DEFAULT Auth-Type := System Fall-Though = Yes DEFAULT Auth-Type := Local Fall-Though = Yes It's working for both PAP and CHAP login's. I heard this is not the way to do t

Re: help with EAP MD5 wired authentication

hi the following line seems to be principally correct (don't use explicit Auth-Type): a User-Password == "a" the eap module fails in authentication because it can't find the User- Password for the user. Make sure that the "files" module is used in authorize i.e. that the users fi

Re: help with EAP MD5 wired authentication

hi i have the same problem with peap/mschapv2 authentication... its missing the "User-Password" attribute... but i dont know why... look at your error rlm_eap: processing type md5 rlm_eap_md5: User-Password is required for EAP-MD5 authentication bye Konne - List info/subscribe/unsubscribe?

RE: freeradius SSLv3 probleme

rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): startin

Re: CHAP Problems

[EMAIL PROTECTED] wrote: I have tried to hire someone to help with my Radius over the last 6 month's but have not been able to get it working correctly. As much as I would like to take your money, its probably not necessary. :-) This is usually a very simple thing to get working. I see

help with EAP MD5 wired authentication

Hi, I am struggling with EAP-MD5 wired authentication for last couple of days. I checked the web and archives but to no avail. I am using XP supplicant. Tried with Funk's supplicant also but same result. Any help will be highly appreciated. Thanks Anup My users file has following towards the

Re: Freeradius as radius gateway

Andrej Sirk wrote: You get the point, this is what I want. Where can I find a how-to. thanks. On 11/24/05, *Christopher Carver* <[EMAIL PROTECTED] > wrote: Andrej Sirk wrote: > Hello, > > is possible to recive an radius packet in digest mode and th

RE: tool for testing machine authentication

Robin Mordasiewicz wrote: >i just did a google on NTRadTest, but found nothing. Where can I download NTRadTest Try NTRadPing at: http://www.mastersoft-group.com/download/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 2#Mime.822 Description: Binary data AdmID

Re: CHAP Problems

Taking it out stopped everything all together. - Original Message - From: "Mitchell, Michael J" <[EMAIL PROTECTED]> To: "FreeRadius users mailing list" Sent: Monday, November 21, 2005 3:37 PM Subject: RE: CHAP Problems > There used to be a DEFAULT stanza in the "users" configuration fi

Re: CHAP Problems

Michael, I got it to work. What I found worked. I recall this was not the way to do this, but it worked until I get it worked out. I have two entries in the users file. DEFAULT Auth-Type := System Fall-Through = Yes DEFAULT Auth-Type := Local Fall-Through = Yes

RE: CHAP Problems

There used to be a DEFAULT stanza in the "users" configuration file that set Auth-Type := System which tells the RADIUS server to use /etc/passwd for authentication. This has caused a few issues like this in the past, though I thought it had been resolved for 1.0.5. If is still exists you may have

CHAP Problems

I have tried to hire someone to help with my Radius over the last 6 month's but have not been able to get it working correctly. I seem to be getting answers from my MySql database but when a CHAP request comes in, it will not authorize and ells us Auth-Type already set. The database seems to be a

Re: Freeradius as radius gateway

You get the point, this is what I want. Where can I find a how-to. thanks.On 11/24/05, Christopher Carver <[EMAIL PROTECTED]> wrote: Andrej Sirk wrote:> Hello,>> is possible to recive an radius packet in digest mode and then> transform it one another packet and use an different method.>> thanks,>

freeradius SSLv3 probleme

nected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql:

Re: Freeradius as radius gateway

Andrej Sirk wrote: Hello, is possible to recive an radius packet in digest mode and then transform it one another packet and use an different method. thanks, - List info/subscribe/unsubscribe? See http://www.freerad

Re: Proxy radius GTC

My final target is to use EAP-PEAP authentication with EAP-GTC (Wi-Fi 802.1x). In the first step, I try to connect Supplicant to Radius (not FreeRadius) with EAP-PEAP / EAP-GTC. The Supplicant freeze. In the second step, I try to connect Supplicant to a Radius (not FreeRadius) with EAP-PEAP / EA

Re: SQL Mac-Authentication based on Call-Check

Hi. Thanks for your thoughts.On 11/23/05, Alan DeKok <[EMAIL PROTECTED]> wrote: florian broder <[EMAIL PROTECTED]> wrote:> The only thing I'm currently unaware of is, where I can tell freeradius to> use Call-Check together with mysql, I think it's somewhere in sql.conf?  No, it's also in the "rad

Freeradius as radius gateway

Hello, is possible to recive an radius packet in digest mode and then transform it one another packet and use an different method. thanks, - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html