Hi,
I attached a copy of the file rlm_ldap.c of radius 1.1.0
yes, your patched version is clearly borked - as you can see from
this snippet.
int vals_count;
int vals_idx;
char *ptr;
char *value;
TLDAP_RADIUS
Hi !
See post_proxy_authorize in proxy.conf.
Yes, post_proxy_authorize = yes was the solution and some hacking in the
user file.
See also postproxy_users, which is I think what you want.
This file/function postproxy_users wasn't documented, maybe someone can do
that for the 1.1.1
Hi everyone,
I have all my NAS in the same subnet and would like to add the whole
range in the list of NAS, not every single IP.
It seems it works when doing this in clients.conf, but not in the Mysql
NAS table.
Is this a bug or have I done something wrong?
Clients.conf:
client 10.230.0.0/24 {
It works with me
J.
--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
+32 15/50.52.98
[EMAIL PROTECTED]
-
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
-
i am seeing problems with login in to the network using freeradius. the errors
that i am
seeing are duplicate entry errors. i have attached a copy of the radius.log
file. i have
cleared the database of all open sessions and that did not help. i am not sure
what else
to do. i also
Hi
I'm using FreeRadius (0.9.3) with our Cisco wireless APs, and I'd like to save
the SSID as part of the accounting record. It comes in as a Cisco-AVPair, as in
the log below, so I've turned on cisco_vsa_hack. Because the attribute comes in
as
Cisco-AVPair = ssid=name
I'm expecting to get a
I want freeRADIUS to assign IP address to
authenticated users, so Ive done thefollowing configuration
ippool
main_pool {
# range-start,range-stop: The start and end ip
# addresses for the ip pool
range-start = 81.174.17.35
range-stop = 81.174.17.63
..
..
#
I have some problem with my FreeRADIUS server: it's connect to the MySQL
very slow :(
What i do:
1.
$ cd /usr/local/etc/rc.d/ ./radiusd.sh restart
Stopping radiusd.
Waiting for PIDS: 30273.
Starting radiusd.
Thu Mar 9 17:51:52 2006 : Info: Starting - reading configuration files ...
2.
In log
Hi, I have FF 1.0.1 andI what to put two
diferent default realm's biscose I have two diferents companys withvery
domains names. ex: gric.
proxy.conf ex:
realm example.com
{
type =
radius
authhost =
LOCAL
accthost = LOCAL}
realm NULL
{
type =
radius
authhost =
LOCAL
accthost =
doesn't anyone also have this problem?
André Lemos wrote:
freeradius 1.1.0 doesn't seem to cope with reloads as well as it did
with freeradius 1.0.5.
On the version 1.1.0 after about 2/3 reloads, I get the following on
the logs:
Tue Feb 25 16:23:22 2003 : Info: rlm_eap_tls: Loading the
Are you using version 1.1.0?
I used other versions before but never tried to put the list of NAS in
the database.
Thanks
David
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
On Behalf Of Jonathan De Graeve
Sent: 09 March 2006 13:21
To: FreeRadius users mailing
Hi,
I do proxy RADIUS correctly. so a radius account can be connected by
different NAS'es. Each NAS is owned by a Hotspot Operator. I have different
costs of roaming service depending on the Hotspot Operator.
How can I controll the NAS of a hotspot Operator (not is valid the
nasipaddress) ?
Using 1.0.5
J.
--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]
-Oorspronkelijk bericht-
Van: freeradius-users-
[EMAIL PROTECTED]
[mailto:freeradius-users-
[EMAIL PROTECTED] Namens
David
Roze
Verzonden: donderdag 9
preprocess returns ok for request 40
radius_xlat:
'/var/log/freeradius/radacct/10.0.1.21/auth-detail-20060309'
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/freeradius/radacct/10.0.1.21/auth-detail-2
0060309
modcall[authorize]: module auth_log
On Thu 09 Mar 2006 00:50, Alex M wrote:
What is the variable for NAS MAC address, so that I can setup the rule fot
mysql to log the MAC address of the NAS when the client sends request
Look in your detail file. If the NAS is sending an attribute which contains
the MAC address you will see it
On Thu 09 Mar 2006 05:18, hkdio wrote:
I wanna know is it possible to have Http to radius translation feature
The conecpt like that, when user login to server/firewall, server will send
the radius request to radius server. Than Radius server will try to login a
http page by basic
Hello,
how did you patch?
What I did is that I took the rlm_ldap.c from FR 1.1.0 and replaced
the content of the function ldap_pairget with the code shown on
http://bugs.freeradius.org/showattachment.cgi?attach_id=112. Then I
execute the './configure' and 'make' commands
Natalia.
On 3/9/06,
hkdio [EMAIL PROTECTED] wrote:
The conecpt like that, when user login to server/firewall, server will send
the radius request to radius server. Than Radius server will try to login a
http page by basic authentication (eg: http://user:[EMAIL PROTECTED]), if
success, it will reply certain string
Caines, Max [EMAIL PROTECTED] wrote:
I'm using FreeRadius (0.9.3)
Oh dear, you *really* should upgrade. See
http://www.freeradius.org/security.html.
As for the rest of your message, I recall issues with cisco_vsa_hack
in older versions of the server. Maybe a newer version works better.
Carlo Prestopino [EMAIL PROTECTED] wrote:
Once started, I get back an error from radiusd :
rlm_ippool: Failed to open file /etc/raddb/db.ippool: Permission denied
Try setting the file permissions so that the radius server has
read/write access.
It seems that the problem is due lack of
Victor Melnichenko [EMAIL PROTECTED] wrote:
Why FreeRADIUS connect to the MySQL at about 75 seconds?
DNS issues?
Alan Dekok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
=?ISO-8859-1?Q?Andr=E9_Lemos?= [EMAIL PROTECTED] wrote:
doesn't anyone also have this problem?
It works in my tests.
Hmm... the code prints the SSL errors to stderr. They're lost when
running in daemon mode. Yuck.
I *suspect* that the files aren't readable by the server after a
HUP.
Hello! If I want to assign a VLAN for group the syntax it would be:
DEFAULT Ldap-Group == STUDENT
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID = 81
but if I want to assign VLAN for domain:
DEFAULT Realm == aeiou.com
Tunnel-Type = VLAN,
--
Message: 6
Date: Thu, 9 Mar 2006 13:17:48 -0500
From: King, Michael [EMAIL PROTECTED]
Subject: Machine Authecitation with PEAP
Has anyone gotten Machine Authentication with PEAP working?
Yes
radius_xlat: '/usr/bin/ntlm_auth --request-nt-key
Vasco Santos [EMAIL PROTECTED] wrote:
If the login failed (password or username) in radius1.company.com the
request need to go to radius2.company.com.
The server doesn't really support this right now. You could do it
with source code patches.
Alan DeKok.
-
List
-Original Message-
[mailto:[EMAIL PROTECTED]
adius.org] On Behalf Of james
Sent: Thursday, March 09, 2006 3:06 PM
From my experience this means the credentials the machine is sending
are
wrong or your version of samba is too old - get 3.0.21c (or at least
3.0.21a)
Regards,
http://www.freeradius.org/cgi-bin/cvsweb.cgi/radiusd/
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Mar 8, 2006, at 11:33 AM, Alan wrote:
I uninstalled the sunfreeware package and installed the package
directly
from MySQL.com (mysql-standard-4.0.26-sun-solaris2.9-
sparc-64bit.pkg). I
receive one error in config.log. Am I missing something here?
configure:988: gcc -o conftest -g -O2
No, that's just CVSWEB, due to webbots that ignore 'robots.txt' and
cane the server
recursing through 80+ simultaneous CVS diffs via CVSWEB.
Disabled the CGI while working out a way to better throttle it's use.
CVS is unaffected.
-Chris
On Mar 9, 2006, at 3:47 PM, Thor Spruyt wrote:
In addition to this I have done a manual compile (non-package) and have
a better back trace perhaps:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1211832640 (LWP 6331)]
0xb7a74ca2 in Perl_hv_clear_placeholders ()
from
--
Message: 6
Date: Thu, 9 Mar 2006 13:17:48 -0500
From: King, Michael [EMAIL PROTECTED]
Subject: Machine Authecitation with PEAP
Has anyone gotten Machine Authentication with PEAP working?
Yes
radius_xlat: '/usr/bin/ntlm_auth --request-nt-key
--On 09 March 2006 23:20 + James J J Hooper [EMAIL PROTECTED]
wrote:
--
Message: 6
Date: Thu, 9 Mar 2006 13:17:48 -0500
From: King, Michael [EMAIL PROTECTED]
Subject: Machine Authecitation with PEAP
Has anyone gotten Machine Authentication with PEAP
-Original Message-
If it helps, this the ntlm command (which i think you have correct):
/usr/bin/ntlm_auth --request-nt-key --username=cse-mpr$
--challenge=4de0a9c09623ab12
--nt-response=d4b9516b28ba1760f8d31f8ac2b257d74a2439b9e104a102
- are you passing the domain correctly? (i
Thank you for this mailing list. I am trying to install Freeradius on
a FC4 device. I am also trying to use the MySql database function. I am
having problems getting a good install. So, as usual, I have a few questions
for you all.
Is there a good document that I can follow that
With FC4 you can either use the existing RPM (yum
install ) or the new 1.1.0 FreeRadius source code and compile
it.
It actually compiles without any problems on FC4. The
installation path (make install) is a bit different from the RPM (/etc/raddb)
path as the binaries/libraries (I
Forgot one more thing:
You have to create the MySQL tables with the
db_mysql.sql file e.g.FC4:
/usr/share/doc/freeradius-1.0.4/db_mysql.sql
Or download the source code, install it
(./freeradius-1.1.0/src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql).
Use phpMyAdmin and this file to
36 matches
Mail list logo