Hy all,
I have a pair of questions about the values returned
by a module.
I would like to know which are the actions taken by
the FreeRadius server when the authenticate method
returns with:
- RLM_MODULE_FAIL
or
- RLM_MODULE_INVALID
Is the FR server behavior the same for both cases?
Does the
Jorgen Rosink wrote:
On 2/13/06, Norbert Wegener [EMAIL PROTECTED] wrote:
Alan DeKok wrote:
1.0.x doesn't support certificate chains. 1.1.0 does.
hm:
Script started on Mon Feb 13 19:34:45 2006
lnxad:/etc # radiusd -v
radiusd: FreeRADIUS Version 1.1.0, for host , built on Feb 13
Can you also include the changes for the bay dictionary which I send
2weeks ago?
Kind Regards,
J.
--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
+32 15/50.52.98
[EMAIL PROTECTED]
-
Always read the manual for the correct way to do things because the
Ryan Melendez wrote:
Is it possible to specify multiple lib and include directories with a
./configure option?
Yes, you can use multiple directories separated with spaces.
--with-rlm-sql-lib-dir=/path/to/mysql /other/path/to/mysql
--
Nicolas Baradakis
-
List info/subscribe/unsubscribe?
Peter Manckok wrote:
I would like to know which are the actions taken by
the FreeRadius server when the authenticate method
returns with:
- RLM_MODULE_FAIL
or
- RLM_MODULE_INVALID
Is the FR server behavior the same for both cases?
In authenticate section, yes.
It's different in
hi,
why does FREERADIUS accept the client ip-address as:
aaa.aaa.aaa.255/32 ??? (in clients.conf)
this doesn't have any meaning as source address.
what purpose does this serve?
--DilipSimha
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, 2006-02-14 at 15:56 +0530, DilipSimha.N.M wrote:
hi,
why does FREERADIUS accept the client ip-address as:
aaa.aaa.aaa.255/32 ??? (in clients.conf)
this doesn't have any meaning as source address.
Think of netmasks bigger than /24. 10.0.0.0/23 could have 10.0.0.255 as
a host
Of course it has meaning. If your host is on a /23 subnet, then the
middle .255 and .0 are perfectly valid hosts.
Rgds,
Guy
On 14/02/06, DilipSimha.N.M [EMAIL PROTECTED] wrote:
hi,
why does FREERADIUS accept the client ip-address as:
aaa.aaa.aaa.255/32 ??? (in clients.conf)
this doesn't
Hi All,
I am running my perl file on AccessResponse for our
VoIP Gatekeeper. I wanted to send carrier IP Address
from database to the GK to route the call using
h323-remote-address attribute.
But i don't know what will be the fromat to set
h323-remote-address value.
Please advice me to add this
Hi Guys
I have installed Radius server on a Red Hat machine.
Now I want to check the working of it.
Could you please tell me how to proceed??
Regards
Kuldeep
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
s.org] On Behalf Of [EMAIL PROTECTED]
Sent: Saturday,
DilipSimha.N.M wrote:
hi,
why does FREERADIUS accept the client ip-address as:
aaa.aaa.aaa.255/32 ??? (in clients.conf)
this doesn't have any meaning as source address.
Yes it does. That's a perfectly valid IP address.
what purpose does this serve?
Allowing use of valid IPs?
-
List
Hi all,
I contact to my vendor they asked me to send some data
in Cisco VSA(252) attribute.
Here is full working example they provide me to send
in AccessResponse packet:
Cisco VSA(252):
GWname/option//CalledID//CallerID/GWip:1720
I wanted to know how i can add these data in
AccessResponse
thanks guys , for the information.
--DilipSimha
Phil Mayers wrote:
DilipSimha.N.M wrote:
hi,
why does FREERADIUS accept the client ip-address as:
aaa.aaa.aaa.255/32 ??? (in clients.conf)
this doesn't have any meaning as source address.
Yes it does. That's a perfectly valid IP address.
Couldn't find any references to this exact problem, so apologises if it
actually has been talked about before.
I'm trying to parse the auth-detail log files for 802.1x EAP-PEAP and
trying to consolidate the inner authentication (from 127.0.0.1) with the
outer authentication (from the real
Have configured 2nd unit at new location same as working existing unit at
old location but can't get a user to authenticate. On boot I see numerous
entries in the radius log...
Auth: Login incorrect: [route-trinopri-1/ascend] (from client mcpri1 port 0)
Auth: Login incorrect:
I get a TLS_accept error when the server reads the client certificate.
All used certificates (client, server) were generated by the same CA
(OpenSSL).
What can it be wrong?
Can someone show a log with a successful EAP-TLS authentication?
from the freeRADIUS
Has anyone reported that the FreeRADIUS cvs web interface is down ? If
this is a known issue I apologize, didn't find any posts on this list or
the developers list.
Thanks,
Craig
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Jonathan De Graeve [EMAIL PROTECTED] wrote:
Can you also include the changes for the bay dictionary which I send
2weeks ago?
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi, I have installed Radius and get the next eror
radiusd -X -A
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file:
/usr/local/etc/raddb/proxy.conf
Config: including file:
/usr/local/etc/raddb/clients.conf
Config: including file:
Hi Ed,
The entries that you see in the radius log
Auth: Login incorrect: [route-trinopri-1/ascend] (from client mcpri1 port 0)
Auth: Login incorrect: [dovbs-trinopri-1/ascend] (from client mcpri1 port 0)
Auth: Login incorrect: [route-trinopri-1/ascend] (from client mcpri1 port 0)
is only
Herman Swensson wrote:
tls: private_key_file = /usr/local/etc/raddb/certs/cert-srv.pem
tls: certificate_file = (null)
Note this, then:
rlm_eap_tls: Loading the certificate file as a chain
20360:error:0200100E:system library:fopen:Bad
address:bss_file.c:259:fopen('','r')
Set
I have more hints trouble on another radius server. I want to look for a
realm and strip it if it is there, else, send on the username untouched.
Using a config that Alan gave me a while back to do the opposite I
entered the below in my hints. Thought this would be easy but I am just
not
FreeRadius Accounting: Is it possible to implement accounting functionusing FreeRadius that would allow the guest users 30 minutes of low bandwith network connetivity (say 200 kps) every 72 hours. I'm using Chillispot as captive portal and Solaris9 as the OS.Just wondering if someone
I have more hints trouble on another radius server. I want to look for a
realm and strip it if it is there, else, send on the username untouched.
User-Name = [EMAIL PROTECTED]
try this
DEFAULT User-Name =~ ^([EMAIL PROTECTED])@camalott.com
User-Name := %{1}
-
List
I'm trying to understand how to send dynamic replies based on user.
If I authenticate via LDAP or some other mechanism, I can authorize via
the sql tables?
Is that right?
-Bob
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Robert Myers [EMAIL PROTECTED] wrote:
If I authenticate via LDAP or some other mechanism, I can authorize via
the sql tables?
Yes. All of the modules are completely independent of each other.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
So let me ask you this, this allows me to set specific replies for each
user.
How would I go about setting replies for groups of users, when I don't
know the specific usernames? Like if I'd want to assign a specific
reply based on an LDAP group?
-Bob
Alan DeKok wrote:
Robert Myers [EMAIL
Robert Myers [EMAIL PROTECTED] wrote:
How would I go about setting replies for groups of users, when I don't
know the specific usernames? Like if I'd want to assign a specific
reply based on an LDAP group?
You would read the documentation for the LDAP module, and see how to
use LDAP
The documentation is how I found out what questions to ask. :)
Thanks for the point in the right direction.
-Bob
Alan DeKok wrote:
Robert Myers [EMAIL PROTECTED] wrote:
How would I go about setting replies for groups of users, when I don't
know the specific usernames? Like if I'd want to
On Tuesday 07 February 2006 16:51, [EMAIL PROTECTED] wrote:
I been told that I need to configure ascend-data-filters to pass ADF's
to make port 25 work for our dialup users. Does he mean something like
this?
Ascend-Data-Filter = ip in forward destport = 25
Renaming destport to
[EMAIL PROTECTED] wrote:
I tried the below but my user still can't seem to connect to my mail
server. Am I missing something?
uname Auth-Type := Local, User-Password == xx, Simultaneous-Use := 2
Service-Type = Framed-User,
Framed-Protocol = MP,
Ascend-Data-Filter =
31 matches
Mail list logo