On Thu 23 Mar 2006 06:14, radhika putty wrote:
> Hi All,
>
> Does Free Radius support tagging of VLAN's
FreeRADIUS can send any reply attributes that you configure it to send.
--
Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
pgpiYm9TguEzo.pgp
Descripti
Hi all
I'm trying to use Simultaneous-Use to limit sessions connexions, but I havre
following message:
...
[/usr/local/etc/raddb/users]:217 WARNING! Check item "Simultaneous-Use"
?found in reply item list for user "jvuvant". ?This attribute MUST go on the
first line with the other check items
.
> It doesn't only happen when building an RPM. I installed from the tarball
> and the same thing happened. It worked when I manually created lib/ after
> the first failed attempt und tried it a second time (SuSE 8.2).
> Nicolas Baradakis sent me a patched Makefile, I will try that soon and
> report
Is it possible to use freeradius to dynamically allocate ip adrreses
from predefined pools.
I want to assign an ip address from a specific set of pools, which pool
to use is to be determined by the NAS Identifier & the Called-Station-Id
of the AccessRequest.
Also to throw another complication in,
Alan DeKok a écrit :
Bertrand Poulet <[EMAIL PROTECTED]> wrote:
why the user isn't found in file users of freeradius ?
the users file is below.
I wonder what or where in config files make that the same user
'someone' with the same users file is found in the first case (radtest
On Mar 22, 2006, at 10:15, Alan DeKok wrote:
jasonatx0001 <[EMAIL PROTECTED]> wrote:
Is it possible to dynamically install a new module ? i.e.
configure/make/install radius then compile a new module seperately
and move
its .so to the lib directory ?
Yes. That's the intent behind the de
Ashwin Gobind wrote:
Is it possible to use freeradius to dynamically allocate ip adrreses
from predefined pools.
I want to assign an ip address from a specific set of pools, which pool
to use is to be determined by the NAS Identifier & the Called-Station-Id
of the AccessRequest.
Yes. The modul
Bertrand Poulet wrote:
modcall[authorize]: module "suffix" returns noop for request 2
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
users: Matched entry DEFAULT at line 183
Line 183 is:
DEFAULTFramed-Protocol == PPP
Framed-Protocol = PPP,
JVUVANT Yahoo wrote:
Hi all
I'm trying to use Simultaneous-Use to limit sessions connexions, but I havre
following message:
...
[/usr/local/etc/raddb/users]:217 WARNING! Check item "Simultaneous-Use"
?found in reply item list for user "jvuvant". ?This attribute MUST go on the
first line wit
Stefan Winter wrote:
> > It doesn't only happen when building an RPM. I installed from the tarball
> > and the same thing happened. It worked when I manually created lib/ after
> > the first failed attempt und tried it a second time (SuSE 8.2).
> > Nicolas Baradakis sent me a patched Makefile, I w
Same problem exists on SUSE.
-Peter
On Thu 23 Mar 2006 09:28, Frank Büttner wrote:
> That is not possible, because I use rpmbuild. I it only possible to
> patch the sources. But what have changed?? 1.1.0 will work without any
> problems!!!
>
> Nicolas Baradakis schrieb:
> > Frank Büttner wrote:
>
On Thu 23 Mar 2006 11:46, Phil Mayers wrote:
> Ashwin Gobind wrote:
> > Is it possible to use freeradius to dynamically allocate ip adrreses
> > from predefined pools.
> >
> > I want to assign an ip address from a specific set of pools, which pool
> > to use is to be determined by the NAS Identifie
Hi,
> It's fixed in CVS, and version 1.1.2 will contain the fix.
then maybe 1.1.2 should be pushed out _soon_. The current version doesn't
install correctly on many platforms...
Greetings,
Stefan Winter
--
Stefan WINTER
RESTENA Foundation - Réseau Téléinformatique de l'Education Nationale e
Frank Büttner wrote:
> But what have changed?? 1.1.0 will work without any problems!!!
Almost all Makefiles were changed between 1.1.0 and 1.1.1. There was
a lot of libtool misuses, and it was causing serious warnings or
preventing some modules from beeing built correctly.
http://bugs.debian.org
Stefan Winter wrote:
> > It's fixed in CVS, and version 1.1.2 will contain the fix.
>
> then maybe 1.1.2 should be pushed out _soon_. The current version doesn't
> install correctly on many platforms...
>From what I read on the mailing list until now, the current version
*does* install on any sy
Before 1.1.1 all was ok, with rpmbuild.
Only since 1.1.1 it will fail.
I built it on and for Fedora Core 4.
Nicolas Baradakis schrieb:
> Stefan Winter wrote:
>
>>> It's fixed in CVS, and version 1.1.2 will contain the fix.
>> then maybe 1.1.2 should be pushed out _soon_. The current version doesn'
What if you run freeradius with ssl enable, is it
still going to show the authenticating user's password
while connecting to LDAP in debug mode or in log file?
--- Alan DeKok <[EMAIL PROTECTED]> wrote:
> fvt3 <[EMAIL PROTECTED]> wrote:
> > How do you hide password that is sent to LDAP so
> it
> >
Hello to the list
I've configured my PIX 6.3(5) to authenticate PPTP VPN by FreeRadius.
I've noticed that if a user login fails, PIX send a STOP Accounting
Packet and then a START packet: in this way I have serious problem to
track the simultaneous use of the users: I think it is not normal.
I kno
So I built 1.1.1 on Debian.
After a period of so many hours (variable) it stops responding.
(Sometimes 2hours, sometimes 16hours)
Now here's where it get's weird, (and makes me suspect it might not be
freeRADIUS at the root cause)
If I stop and restart the freeRADIUS service, it continues to ig
Hi guys,
I’m currently mulling over
two important things for us.
Before I state the problems
though, any input would certainly be appreciated and also that we have this
working at the moment, but it did require a schema change to support.
1: How would radius be
On Thu, 2006-03-23 at 09:24 -0500, King, Michael wrote:
> So I built 1.1.1 on Debian.
>
> After a period of so many hours (variable) it stops responding.
> (Sometimes 2hours, sometimes 16hours)
>
> Now here's where it get's weird, (and makes me suspect it might not be
> freeRADIUS at the root cau
Hi,
> I am seeing a similar problem on RedHat. I originally thought it was
> only happening when I sent a HUP signal, but it turns out this is not
> the case.
>
> However in my case all I have to do to fix it is restart the service (I
> do not need to reboot the entire operating system).
for the
yes it can. I simply built my module with gcc as a dynamic library. Just be
sure to use the same compiler flags that were used to build the freeradius
sever - for example I was experiencing problems until I added the NDEBUG
flag. After I built my module I just put the .so in the libs directory and
Hi all,
As suggested by Michael, I've recompiled Mysql with
--enable-thread-safe-client and now it works.
Thanks to Michael
Best regards,
-- Disclaimer
Ce message ainsi que les eventuelles pieces jointes constituent une
correspondance privee et confidenti
Ben Thompson <[EMAIL PROTECTED]> wrote:
> Could someone advise how to go about debugging this problem?
First I'd suggest editing the code so that it prints the SSL errors
to radius.log, rather than stderr:
http://bugs.freeradius.org/show_bug.cgi?id=347
That way the reason why SSL can't read
I cannot get the radtest to work and this seems to be an integral part of
continuing. I can now do a mysql –u radius –p radius and get into mysql.
Resetting the password and FLUS PRIVILEGES helped there.
I have created a user, atkinsd, on the radius database in radcheck.
If I do
its says that your shared secret is incorrect... I would
start their.. it may be a simple type.. check the
clients.conf
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Atkins, Dwane PSent: Thursday, March 23, 2006 12:24
PMTo: freeradius-users@lists.freeradius.orgSubject
I am using mod_auth_radius2 with Apache version 2.0.54. When I
attempt to authenticate, I see a successful attempt followed by 2
failed attempts, leaving me with a "401 Authorization Required"
message in the browser. Any ideas? I have tried increasing the
timeout. Here is the relevant portion
I dono, maybe it is some error in 1.1.1 ? Im still runnin 1.1.0 and didnt
have any problems like this yet
-Original Message-
From:
[EMAIL PROTECTED]
.org
[mailto:[EMAIL PROTECTED]
eeradius.org] On Behalf Of Vincent MARGUERIE
Sent: Thursday, March 23, 2006 12:29 PM
To: freeradius-users@lis
I have looked at the radius.log file and continue
to get this:
Thu Mar 23 12:47:48 2006 : Auth: rlm_unix:
[atkinsd]: invalid password
But I have it in radcheck and can prove it.
Does anyone know what is going on?
Thanks for all your help. Getting frustrated
and even time o
Well, I've searched everywhere, and I can't figure this out. I admit, I'm
new to all this.
I have built/installed freeradius 1.1.0. My openssl is version 0.9.6b-29.
I used the defaults everywhere, (ie ./configure, etc).
I created my own CA and my own server and client certificates using openss
"Atkins, Dwane P" <[EMAIL PROTECTED]> wrote:
> I have looked at the radius.log file
Don't. Run th eserver in debugging mode.
> Thu Mar 23 12:47:48 2006 : Auth: rlm_unix: [atkinsd]: invalid password
The Unix module says that the password is wrong, or the user doesn't
exist in /etc/passwd.
>
"Don Osburn" <[EMAIL PROTECTED]> wrote:
> I have built/installed freeradius 1.1.0. My openssl is version 0.9.6b-29.
I don't think that will work. Try 0.9.7 or later.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
le, o=zhone.com/abc123 to
ldap-master.oak.zh
one.com:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: user cburks authenticated succesfully
modcall[authenticate]: module "ldap" returns ok for request 0
modcall: leaving group LDAP (returns ok) for request
quot; returns ok for request 0
modcall: leaving group LDAP (returns ok) for request 0
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 0
radius_xlat:
'/usr/local/freeradius/var/log/radius/radacct/172.16.15.251/reply-
detail-20060323'
r
José Berenguer wrote:
> Hello! In the file attrs I have:
> domain.es
> Reply-Message = "RADIUS OK"
>
> but it doesn't return me the message.
Try adding a colon before the equals sign.
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt
Alan and all,
Thanks for your help.
Here is an issue that I cannot
get worked out. However, if I run the > mysql –u radius –p radius
command it will take me right to the radius database so it is working (right?)
sql: safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMN
I've got wireless equipment that can relay MS-CHAP-v2 requests to my
FreeRADIUS box from Windows XP clients. I see the radius box making
LDAP requests to the LDAP server (over SSL), binding as the anonymous
user, and searching for the target user. So far so good.
The problem is, our passwor
was successful
rlm_ldap: user cburks authenticated succesfully
modcall[authenticate]: module "ldap" returns ok for request 0
modcall: leaving group LDAP (returns ok) for request 0
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 0
radius
Norman Elton <[EMAIL PROTECTED]> wrote:
> Can FreeRadius extract the password out of the MS-CHAP-v2 request,
> and use it to bind against LDAP over SSL?
No. MS-CHAPv2 is designed to make that impossible.
> I would much rather not have to tackle Kerberos, as it looks much
> more complicated.
"Corey Burks" <[EMAIL PROTECTED]> wrote:
> In my radiusd.conf file I made the following changes and it is still logging
> my password clear text password
>
> log_auth = no
You will have to edit the source code to the detail module to make
it do what you want.
Alan DeKok.
-
List info/subscri
I've tried your recommendations but it does not work as expected:
using "Reject" as rlm_passwd's "authtype" (as you suggested), the user
is always rejected, even when the MAC is in the file and is actually
found:
modcall[authorize]: module "MAC-IP" returns ok for request 0
Furthermore, if I chang
just wonder if anybody can make or already have eap-ttls to radclient
just like jradius' radclient.
k-
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
kevin <[EMAIL PROTECTED]> wrote:
> just wonder if anybody can make or already have eap-ttls to radclient
> just like jradius' radclient.
eapol_test, from wpa_supplicant.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Thu, 2006-23-03 at 17:44 -0500, Alan DeKok wrote:
> "Corey Burks" <[EMAIL PROTECTED]> wrote:
> > In my radiusd.conf file I made the following changes and it is still logging
> > my password clear text password
> >
> > log_auth = no
>
> You will have to edit the source code to the detail modu
Guy Fraser <[EMAIL PROTECTED]> wrote:
> > You will have to edit the source code to the detail module to make
> > it do what you want.
> >
> Is that the way it is supposed to be, or is it on a todo list for it
> to be fixed?
Fixed to do what, and why?
No, I'm not being dumb, I'd like to se
Hi All (warning, big/verbose email below),
First of all, quick summary of setup:
- Stock Debian Sarge
- Clean freeradius 1.1.1 package downloaded yesterday. Built using standard
dpkg-buildpackage from source.
- Stock config files, with appropriate SQL bits uncommented for
freeradius-mysql to wo
Alan DeKok wrote:
> Guy Fraser <[EMAIL PROTECTED]> wrote:
>
>>> You will have to edit the source code to the detail module to make
>>>it do what you want.
>>>
>>
>>Is that the way it is supposed to be, or is it on a todo list for it
>>to be fixed?
>
> Fixed to do what, and why?
To not log pa
"Fenn Bailey" <[EMAIL PROTECTED]> wrote:
> So, generally, it works fine - However, I'm experiencing a problem where
> whenever an Access-Reject is sent, the response is VERY slow (ie: >30
> seconds). This happens if it's a formal Access-Reject via radgroupcheck or
> just wrong password or whatever
brainstorm wrote:
I've tried your recommendations but it does not work as expected:
using "Reject" as rlm_passwd's "authtype" (as you suggested), the user
is always rejected, even when the MAC is in the file and is actually
found:
Yes sorry, that was wrong. Clearly "authtype = Reject" will fail
Dear freeradius users,
I've try to with the previously version (freeradius 1.1.0) but I always
got the same problem (table radacct id empty after the connection is OK
for my client)..strange thing no ?
Is it due to the NAS (DWL-2000ap+) which doesn't give all the
informations...or something
On Mar 23, 2006, at 08:07, jasonatx0001 wrote:
yes it can. I simply built my module with gcc as a dynamic library.
Just be
sure to use the same compiler flags that were used to build the
freeradius
sever - for example I was experiencing problems until I added the
NDEBUG
flag. After I bui
I am pretty sure I have seen this before, but after searching the
archives, I can't find the solution. Anyway, under Solaris 9
(SPARC) I get the following during compilation:
Making static dynamic in rlm_eap...
make[6]: Entering directory
`/home/jheiden/freeradius-1.0.5/src/modules/rlm_eap'
gcc
Hello guys
This is Vignesh here. I have just started with Free Radius. I would like
to understand the working of Free Radius before I start experimenting
with it. We are planning to use Free Radius for developing a telecomm
billing solution both prepaid and postpaid. I am not sure where to start
fr
54 matches
Mail list logo
