Hello!!!
I don't know why the 'radeapclient -s -xx 127.0.0.1 auth testing123 req.txt'
command
don't authenticate whith radiusd.
The req.txt file contains:
User-Name = test
User-Password = password
EAP-MD5-Password = password
NAS-IP-Address = 127.0.0.1
NAS-Port = 10
EAP-Code = Response
Hello,
what your radius server starting problem? dont log /varlog/radius/radius.conf
:(
Switch IP: 10.0.0.250 - Dlink (26 Port)
Radius Server: 10.0.0.6
#ssh 10.0.0.6
#pico clients.conf
client 10.0.0.250 {
secret = testing
shortname = des-deneme
}
#pico
Hi,
I want to use more than one ldap server to authenticate users. I have setup
a users file that sets the Autz-Type so one of two ldap server are selected
for authorization. Since it is not known which kind of authentication
information is provied by the user, chap is also included, like
Use Autz-Type instead of Auth-Type
and set Autz-Type := aldap1 in the users file (in check items)
2005/12/28, Gerald Richter [EMAIL PROTECTED]:
Hi,
I want to use more than one ldap server to authenticate users. I have setup
a users file that sets the Autz-Type so one of two ldap server are
#tail -f /var/log/radius/radius.log
Wed Dec 28 13:31:21 2005 : Info: Using deprecated naslist file. Support for
this will go away soon.
Wed Dec 28 13:31:21 2005 : Info: rlm_exec: Wait=yes but no output defined. Did
you mean output=none?
Wed Dec 28 13:31:21 2005 : Info: Ready to process
Try moving your entry fpr user way up in the users file. I had the same
problem. Then i moved my user after the first DEFAULT entry and it worked. I
think it has to do with some Checked attribute.(Sorry, i don't have access
to my machine right now. i am on vacation. I can not give more clear
Hi,
Use Autz-Type instead of Auth-Type
and set Autz-Type := aldap1 in the users file (in check items)
That's what I already do and authorization works correctly and accesses
ldap1 or ldap2 as it should, but when it comes to authentication, Auth-Type
is set to LDAP by the authorization
Hi to all,
+--+-+-+-+
| UserName | AcctStartTime | AcctStopTime| AcctSessionTime |
+--+-+-+-+
| pepe | 2005-12-02 16:24:45 | 2005-12-02 16:25:46 |
Hi,
You can also set Auth-Type and then add an entry in
authentication section like you did in authorize.
Yes, I know, but as I wrote in my first message, my problem comes with CHAP,
because if you set the Auth-Type := aldap1, then CHAP will not work anymore,
because the chap modules see
Hi,
You can also set Auth-Type and then add an entry in authentication
section like you did in authorize.
it could look like this :
in users files:
user ...,Autz-Type := aldap1, Auth-Type := aldap1
and in radiusd.conf:
Authorize{
...
Autz-Type aldap1 {
...
}
...
}
Authenticate {
Kai Geek [EMAIL PROTECTED] wrote:
why problem in radius server ?
What problem? Do you see an *error* in the logs?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Marco Spiga [EMAIL PROTECTED] wrote:
the users file contain:
test Auth-Type := EAP, User-Password == password
Use ':=' for the password, not '=='.
The debug log would show that it's not matching that entry. Once
you make this change, it *will* show it's matching that entry.
Gerald Richter [EMAIL PROTECTED] wrote:
That's what I already do and authorization works correctly and accesses
ldap1 or ldap2 as it should, but when it comes to authentication, Auth-Type
is set to LDAP by the authorization phase and it didn't know about
different ldap servers anymore
OK,
On Wed, Dec 28, 2005 at 12:37:00PM +, Anup Parkhi wrote:
From: Anup Parkhi [EMAIL PROTECTED]
To: freeradius-users@lists.freeradius.org
Date: Wed, 28 Dec 2005 12:37:00 +
Subject: Re: EAP-MD5 Authentication problem
Try moving your entry fpr user way up in the users file. I had the
Hi folks
I'm new here and I'm trying to configure Radius for
my home wireless network. I use RADIUS on fedora core 4, my AP is WRT54G and
clients are on WindowsXp sp2.
I made everythig with "how to" on page http://www.linuxjournal.com/article/8095.
But I still don't have authentication
A row like this?
test Auth-Type := EAP, User-Password := password
Reply-Message = Hello, %u
Still it does not work :-((
And I also have tried to write
test Auth-Type == EAP, User-Password := password
Reply-Message = Hello, %u
only to make an
Hi,I know that's possible to configure Freeradius to authenticate Windows NT Domain users, but I just can't find a good/complete documentation about it... Is it possible for anyone on this forum to provide such documentation (files/links/instructions) to me?
Thanks,-- Richard Bortolucci
-
List
Marco Spiga [EMAIL PROTECTED] wrote:
Still it does not work :-((
Go read the FAQ. See 5.10. It's directed specifically at your remark.
Alan DEKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Richard Bortolucci [EMAIL PROTECTED] wrote:
I know that's possible to configure Freeradius to authenticate Windows NT
Domain users, but I just can't find a good/complete documentation about
it... Is it possible for anyone on this forum to provide such documentation
(files/links/instructions)
Ezequiel O. Block [EMAIL PROTECTED] wrote:
In some rows there are even bigger differences, shouldn´t be
AcctSessionTime the difference of AcctStopTime - AcctStartTime ?
Sure. But FreeRADIUS logs what the NAS sends it. See the queries
in sql.conf.
Alan DeKok.
-
List
of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module preprocess returns ok for request 0
radius_xlat: '/var/log/radius/radacct/192.168.1.2/auth-detail-20051228'
rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/radius
Hello,
I'm using Freeradius with rlm_sql sqlcounter to authorize access to hotspots.
I would like to set a specific Reply-Message (which is displayed in
the user browser) depending the Reject cause, for instance:
- Reply-Msg=Account has expired (if reject because of Expiration == )
-
=?us-ascii?Q?Frank_Buttner?= [EMAIL PROTECTED] wrote:
Hello, I try to use freeradius to secure my WLAN. But it will not work.
The clients talk to the ap and the ap to my radius Server. But the answer of
the radius server is not ok:(
What's going wrong? Your message doesn't include anything
hi everybody, well finally get install openssl v0.9.8a, now when i try to
generate certificates to be used with freeradius (eap-tls or eap-peap) i use
these command to CERTIFICATE AUTHORITY GENERATION:
#openssl req -new -x509 -keyout newreq.pem -out newreq.pem -passin
pass:clue1 -passout
Hi !
I succeed in compiling cleanly Freeradius 1.1.0-pre0 on OpenBSD 3.8
with the following configure :
./configure --with-rlm_ldap --without-rlm_krb5 \
--without-rlm_acct_unique --without-rlm_otp \
--without-rlm_perl --enable-shared=no --enable-debug
Freeradius
If the server doesn't respond on localhost, then either it isn'trunning, or you edited the configuration files to break it.Alan DeKok.
Thank you for your suggestion.
Thefact is Radius works correctly on the localmachine (the same machine on which FreeRadius 1.0.5 was installed).However, when a
Vincent Bernat [EMAIL PROTECTED] wrote:
I have the original configuration files with EAP defaulting to PEAP
and TLS enabled. Here is the backtrace from gdb :
(gdb) bt
#0 0x06fdcbb6 in memset () from /usr/lib/libc.so.38.2
#1 0x80601740 in ?? ()
#2 0x1c03c33f in make_tunnel_passwd (
On Wednesday 28 December 2005 19:51, yao guoxian wrote:
Thank you for your suggestion.
The fact is Radius works correctly on the localmachine (the same
machine on which FreeRadius 1.0.5 was installed).However, when a
authentication request was sent to Radius Server from the other
Watch out for a software firewall. Is it blocking any ports?
On Wed, 28 Dec 2005, LeRoy DeVries wrote:
Date: Wed, 28 Dec 2005 20:10:23 -0700
From: LeRoy DeVries [EMAIL PROTECTED]
Reply-To: FreeRadius users mailing list
freeradius-users@lists.freeradius.org
To: FreeRadius users
Hi,
OK, enough is enough. This auto-set Auth-Type in LDAP is
just broken. I'll fix it before 1.1.0 to do the following:
- add a config option saying set_auth_type = yes/no
- the default will be yes for backwareds compatibility
- the yes case will also be smarter about multiple
Marco Spiga [EMAIL PROTECTED] wrote:
Still it does not work :-((
Go read the FAQ. See 5.10. It's directed specifically at your remark.
Alan DEKok.
Endured made!!
I don't have include the output of radtest because I want to only qualify
radiusd to use authentication EAP MD5.
Marco Spiga [EMAIL PROTECTED] wrote:
However as soon as installed freeradius I have tried radtest and it worked
well, also whith users inserted in
radcheck table of postgresql and authentication EAP MD5 has not never worked.
The entry in the users file isn't being matched because you edited
LeRoy DeVries [EMAIL PROTECTED] wrote:
In order to resolve the problem one must know what the problem is. May I
suggest that you start Radius with radiusd -sfxxyz -l stdout and observe
what happens and then maybe that will give you a clue.
It's even simpler than that. He should edit the
33 matches
Mail list logo
