Is it possible to force peap to require client's certificates?
I can use PEAP, I can use TLS, but I want to join them together. I know that
in PEAP certificates are optional not obligatory, how to make it obligatory?
Norbert
-
List info/subscribe/unsubscribe? See
Norbert Grochal wrote:
Is it possible to force peap to require client's certificates?
I can use PEAP, I can use TLS, but I want to join them together. I know
that in PEAP certificates are optional not obligatory, how to make it
obligatory?
No it is not. Use EAP-TLS.
-
List
Using freeradius-1.1.0 version.
compile with nothing special other than defining log dir
when 'make' receive error like following:
gcc -shared rlm_unix.lo cache.lo compat.lo -Wl,--whole-archive
/usr/lib/libshadow.a -Wl,--no-whole-archive -lcrypt
/usr/lib/libshadow.a -lssl -lcrypto -lnsl
Can someone help me with this?
Is Freeradius support the implementation of IKEv.2?
If so, where can I find documentation of it?
Many thanks
Priscilla
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
Hello list,
I'm using freeradius 1.1.0 with dialup_admin and mysql 5.0.x
I need different ip pools to be accessible only by one name, e.g. :
ippool 1 {
...
}
ippool 2 {
...
}
ippool 3 {
...
}
post-auth {
1
2
3
}
Hi,
I´ve been searching a while about how to kick a logged user or force
terminate it´s session. It seems that this has been asked before on the
list, but I didn´t find an answer different from radius can´t do that. The
only answer that I´ve found is that it´s required an external script for
On Mon, Feb 06, 2006 at 11:47:38AM -0500, Eduardo Bejar wrote:
Hi,
I?ve been searching a while about how to kick a logged user or force
terminate it?s session. It seems that this has been asked before on the
list, but I didn?t find an answer different from radius can?t do that. The
only
Hi Everyone,
I am sending this
Thanks for all the help. I verified that error_reporting is set to
E_ALL, and have changed display_errors to On.
Now, when I go to dialup-admin I get the first page fine, but when I click a
link, here's the errors it displays:
(above link window)
Notice: Undefined variable:
Norbert Grochal [EMAIL PROTECTED] wrote:
Is it possible to force peap to require client's certificates?
$ grep -i cert share/dictionary*
ATTRIBUTE EAP-TLS-Require-Client-Cert 1019integer
DEFAULT EAP-TLS-Require-Client-Cert = yes
...
Alan DeKok.
-
List
Priscilla B [EMAIL PROTECTED] wrote:
Is Freeradius support the implementation of IKEv.2?
Huh? Maybe you mean FreeSWAN?
Alan DEKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Everyone,
I am sending this message at very first time, and I hope that I'll get
response.
My Question is that:
In sql.conf's Authorization section, can I write my own queries and can I
use the result of my own query. For detailed elaboration I will give you
following example:
I want
On Mon, 2006-06-02 at 11:47 -0500, Eduardo Bejar wrote:
Hi,
I´ve been searching a while about how to kick a logged user or force
terminate it´s session. It seems that this has been asked before on the
list, but I didn´t find an answer different from radius can´t do that. The
only answer
OK - I've figured out my own problem (I think) but not sure exactly what I
did - BUT it seems to be working fine. However, how do I get rid of the
MySQL Debug output such as:
- Original Message -
From: Scott Miller [EMAIL PROTECTED]
To: FreeRadius users mailing list
OK - I think I figured out my problem, although not sure exactly which
correction I did fixed it. However, I am still getting the MySQL Debug
output and was wondering how to get rid of it:
DEBUG(SQL,MYSQL DRIVER): Query: SELECT groupname FROM usergroup WHERE
username = 'srmiller';
Hey gang,
I'm still struggling getting freeradius and LDAP working to
authenticate my PPTP users. I'd really appreciate if one of the guru's
could have a look.
I've wiped my old install and installed a fresh copy of freeradius and all the config files.
Reading the list postings it's clearly
Hi,
OK - I think I figured out my problem, although not sure exactly which
correction I did fixed it. However, I am still getting the MySQL Debug
output and was wondering how to get rid of it:
DEBUG(SQL,MYSQL DRIVER): Query: SELECT groupname FROM usergroup WHERE
username = 'srmiller';
Guy Fraser wrote:
there. I looked into it briefly for Cisco 5248 and determined
that by setting the interface administratively down would boot
the user, then setting it back to up would allow it to accept
access again. The tricky part was matching the user to the
interface so you would
Joey McDonald [EMAIL PROTECTED] wrote:
I'm now storing my password(s) in the ldap directory in plain text. Using
radtest from another machine on the network authenticates from the LDAP
server just fine.
Don't set Auth-Type.
In users I added:
DEFAULT Auth-Type := LDAP
Hi Alan,
I've taken out the LDAP section in users - so it's exactly the same as the default users file.
ldap is now listed after mschap in authorize {}. Trying again, I get the following:
rlm_ldap: user joey authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
Login
[EMAIL PROTECTED] wrote:
I've taken out the LDAP section in users - so it's exactly the same as the
default users file.
ldap is now listed after mschap in authorize {}. Trying again, I get the
following:
Run the server in debugging mode, as suggested in the README, FAQ,
and INSTALL.
Hello,
we have freeradius 1.0.4-4 installed on a suse 10.0 64bit box. We want to
authenticate with LDAP against Novell edirectory. On suse 10.0 32bit everything
worked fine. With the 64bit version we get the following error: Error reading
Universal Password. Errorcode = -1635. Universal
Hi ,
Which authentication protocol are you using? If you are using PAP
and want to authenticate against eDirectory there is no need to use
Universal Password. However if you plan to use authentication methods
like CHAP, EAP-MD5, PEAP-MSCHApv2 you will have to use Universal
Password.
The error
Hi,
we are using MSCHAPv2 and CHAP. We want to use EAP/PEAP too.
Before upgrading to suse 64 bit this worked fine. After installing the 64 bit
version we get the -1635 error. We didn't change anything on edir/nmas/netware.
Regards
Boert
On 6 Feb 2006 at 23:32, Sayantan Bhowmick wrote:
Hi ,
24 matches
Mail list logo