2006/2/7, Saeed Ahmed <[EMAIL PROTECTED]>:
Hi,
For some reasons I've
to use Stored procedure
With Freeradius but I am getting following error from mysql:
Error: 1312 SQLSTATE: 0A000 (ER_SP_BADSELECT)
Message: PROCEDURE %s can't return a result set in the given context
You can con
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all
In the 'users' file, I have the following lines:
DEFAULT Huntgroup-Name == "Security-Devices", LDAP-Group ==
"group1", Proxy-To-Realm := 'innerradius'
Class:="OU=vpngroupa;",
Fall-Through = No
DEFAULT Huntgroup-Name == "Securi
Hi,
Thanks for the answers. Well after testing a while and checking the dusty
radkill script, I´d like to comment, for the mailing list archive, about
what I tested/found:
- For the record: Freeradius can´t kick a logged user. There's no
configuration option on radiusd.conf or something to kick a
I been told that I need to configure "ascend-data-filters" to pass ADF's
to make port 25 work for our dialup users. Does he mean something like
this?
Ascend-Data-Filter = "ip in forward destport = 25"
**
Computer problems? ...
.
Alan DeKok wrote:
> "Mike O'Connor" <[EMAIL PROTECTED]> wrote:
>
>>Do any one have any idea of how this could be made to work and/or have I
>>not got this configuration correct.
>
>
> I think it may work in the CVS head.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http:
Tomasz Wolniewicz <[EMAIL PROTECTED]> wrote:
> I am not sure what you mean by that. Using NAS information is the only
> thing that came to our minds, that is we create a large hunt group
> containing all local NASes and add VLAN data only when this is hit. But
> we did not manage to make any compar
Joseph <[EMAIL PROTECTED]> wrote:
> Is there an easy way to see what password is being sent to FR when the pass
> is sent as Chap-Password ?
No. It's a one-way transformation.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yes I dont think its a NAS problem at all.
The garbled password you are seeing that I sent is the users actual
password. When that request comes from the nas and rlm_pap tries you auth
it, the password is showing up like that. if you look at what I posted you
will see it is a username/password
Is there an easy way to see what password is being sent to FR when the pass is sent as Chap-Password ?-- respectfully, Joseph
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi guys.
When building FreeRADIUS on Solaris, which compiler should i use ?
Has anyone built FR with the Sun compiler ?
Thanx
Paul
signature.asc
Description: This is a digitally signed message part
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The only files I know of that use the secret password are clients.conf
and proxy.conf. Make sure your clients.conf has an entry for your NAS
with the correct IP address and the correct secret. I don't think
you'll need to touch the proxy.conf file; its used for proxying RADIUS
requests that success
"Nick Marino" <[EMAIL PROTECTED]> wrote:
> Its more likely that the password is wrong but, I am sure that they are the
> same.
If the password is wrong, then you'll see the wrong password, rather
than ranbom binary nonsense.
> Shared secret has been the same in the nas for 3 years now and it h
Alan DeKok wrote:
> Can you not key off of the NAS information, and *not* add VLAN data,
> then?
>
>
I am not sure what you mean by that. Using NAS information is the only
thing that came to our minds, that is we create a large hunt group
containing all local NASes and add VLAN data only when th
Nick Marino - IT Solutions
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Tuesday, February 07, 2006 11:50 AM
Subject: Re: [radius] Re: Auth question
"Nick Marino" <[EMAIL PROTECTED]> wrote:
Only when NAS send the request to FR
Nick Marino - IT Solutions
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Tuesday, February 07, 2006 11:49 AM
Subject: Re: [radius] Re: Auth question
"Nick Marino" <[EMAIL PROTECTED]> wrote:
that could be possible, the only one
System hangs with Apache SSL mod_auth_radius sending authentication
information to a radius - mysql server.
Hi everyone,
I am having a problem with my apache web server hanging and am looking for
help. I have check the log files and am finding nothing to indicate the cause of
the system hang
=?ISO-8859-15?Q?Frank_B=FCttner?= <[EMAIL PROTECTED]> wrote:
> When a client try to log in with an valid certificate it works. But I
> get this error:
> TLS_accept:error in SSLv3 read client certificate A
Ignore it.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.or
Tomasz Wolniewicz <[EMAIL PROTECTED]> wrote:
> thanks, but it seems that when freeradius does the internal proxy to
> service the eap-ttls then the pre-proxy and post-proxy are not being
> entered, and this is where we would expect to put attr_filter.
Ah, OK.
Can you not key off of the NAS
"Mike O'Connor" <[EMAIL PROTECTED]> wrote:
> Do any one have any idea of how this could be made to work and/or have I
> not got this configuration correct.
I think it may work in the CVS head.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok napisał(a):
> Tomasz Wolniewicz <[EMAIL PROTECTED]> wrote:
>
>> Our university radius server sets VLAN information based on user
>> attributes form the LDAP directory.
>> This works fine when the system is used internally. However when our
>> user authenticates while visiting another
"Nick Marino" <[EMAIL PROTECTED]> wrote:
> Only when NAS send the request to FR does it generate that garbled password.
Then the shared secret is wrong.
Or, there's a bug in the server that mangles the password only for that NAS.
Which is more likely?
Alan DeKok.
-
List info/subscribe/
When a client try to log in with an valid certificate it works. But I
get this error:
TLS_accept:error in SSLv3 read client certificate A
Tue Feb 7 18:34:53 2006 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Tue Feb 7 18:34:53 2006 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Tue Feb 7
"Nick Marino" <[EMAIL PROTECTED]> wrote:
> that could be possible, the only one that is being included is the compat
> and freeradius and other than whats in the main dictionary file itself.
The dictionaries have nothing to do with the passwords or shared secrets.
> When I try to include the a
Tomasz Wolniewicz <[EMAIL PROTECTED]> wrote:
> Our university radius server sets VLAN information based on user
> attributes form the LDAP directory.
> This works fine when the system is used internally. However when our
> user authenticates while visiting another institution, this VLAN
> informati
nikwan (sent by Nabble.com) wrote:
Hypothetically situation:
You have users logged into a NAS. the NAS goes down without warning
(power failure...) Users who where logged in now have sessions which are
not complete (acctstoptime is set to NULL). In my case Simultaneous
logins is disabled and n
Use sql radius accounting logging
modify the table to have a timestamp field
modify the server queries if neccessary
run an external script/process that checks for all acctstoptime=0 and
timestamp < (current_time - (expected_update_interval*2))
updates them all with acctstoptime = timestamp.
Ladies and gents... We have lift off. Thanks!
--joeyOn 2/6/06, Alan DeKok <[EMAIL PROTECTED]> wrote:
[EMAIL PROTECTED] wrote:> I've taken out the LDAP section in users - so it's exactly the same as the> default users file.>> ldap is now listed after mschap in authorize {}. Trying again,
Nick Marino - IT Solutions
- Original Message -
From: "futhwo" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Tuesday, February 07, 2006 9:57 AM
Subject: Re: [radius] Re: Auth question
Maybe you are not loading the right dictionary for your NAS?
On Feb 7, 2006, at 4:
if you cannot ping the NAS, probably it is
down.
however, when your NAS updates its accounting, radius will
no be aware to remove its stale sessions,
i believe, the time taken here depends on how your NAS
updates accounting packets to your RAS.
with my case it is from 2 minutes to 10 minutes,
Maybe you are not loading the right dictionary for your NAS?
On Feb 7, 2006, at 4:36 PM, Nick Marino wrote:
Nick Marino - IT Solutions
- Original Message - From: "Lewis Bergman" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list" [EMAIL PROTECTED]>
Sent: Tuesday, February 07, 2006
Title: Using STORED PROCEDURE with Freeradius
Hi,
For some reasons I've to use Stored procedure With Freeradius but I am getting following error from mysql:
Error: 1312 SQLSTATE: 0A000 (ER_SP_BADSELECT)
Message: PROCEDURE %s can't return a result set in the given context
You can cons
Nick Marino - IT Solutions
- Original Message -
From: "Lewis Bergman" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Tuesday, February 07, 2006 5:56 AM
Subject: [radius] Re: Auth question
Can anyone tell me why I am getting trashed passwords when attempting to
authent
A stale session in radacct could happen simply due to the loss of a
udp packet with the accounting information in it. RADIUS is totally
stateless and has no reliable mechanism for deciding if a user is
present or not.
If simultaneous use relies entirely upon the contents of radacct, it's
very vul
Thank you very much for your reply.
Let me phrase my question differently.
In particular, we have a problem that when a NAS goes down, we get a stale session in radacct. It stays there indefinitely.
How can we clean this up?
View this message in context: RE: NAS online/offline?
Sent from the Fr
We have the following problem arising form the eduroam project.
Our university radius server sets VLAN information based on user
attributes form the LDAP directory.
This works fine when the system is used internally. However when our
user authenticates while visiting another institution, this VLAN
Hypothetically situation:
You have users logged into a NAS. the NAS goes down without warning (power failure...) Users who where logged in now have sessions which are not complete (acctstoptime is set to NULL). In my case Simultaneous logins is disabled and need to be so. Therefore once the NAS is
Hi
Some time ago there was a question about rlm_ippool and if it was
possible to group them ie
ippool main_pool_1 {}
ippool main_pool_2 {}
accounting {
group main_pool {
main_pool_1
main_pool_2
}
sql
}
post-auth {
group main_pool {
main_pool_1
Can anyone tell me why I am getting trashed passwords when attempting to
authenticate?
Login incorrect: [nickm/d\313f`&\247+>4\203\360/\367]
Looks like your secrets in clients.conf don't match what your NAS has.
--
Lewis Bergman
Texas Communications
4309 Maple St.
Abilene, TX 79602-8044
Off. 32
what does radiusd.conf says about encryption lines?
it is not really trashes, it is encrypted.
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
.org] On Behalf Of Nick Marino
Sent: Tuesday, February 07, 2006 10:39 AM
To: freeradius-users@lists.freeradius.org
Subject:
Can anyone tell me why I am getting trashed passwords when attempting to
authenticate?
Login incorrect: [nickm/d\313f`&\247+>4\203\360/\367]
Nick Marino - IT Solutions
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hello list,
i'm using freeradius 1.1.0 with mysql 5.0.x and dialup_admin
i want to use the monthly counter function of the sqlcounter module.
I've added
"checkItem MaxMonthlySession MaxMonthlySession" to sql.attrmap
also added: MaxMonthlySession to user_edit.attrs
in the radiusd.conf
41 matches
Mail list logo