Re: mysql replication vs. radrelay

2006-04-07 Thread Olaf Schäfer
> > Besides the man page for radrelay says "The functions of radrelay > > have been added to radiusd". I couldn't find any documentation about > It shouldn't say that in the 1.1.1 release. radrelay should still > be there. I know it's there and it's working great :) I'm only curious about t

Re: Problem with Cisco-AVPair

2006-04-07 Thread Antonio Matera
Hallo, sorry I had a bad configuration of my email client. I re-write my problem: I want to authenticate my users with different SSID on different VLAN. My objective is to authenticate an user only on a select SSID. With the wrong SSID the user shouldn't connect... I use PEAP-MS-CHAPv2 and the

Probleme with EAP/TTLS - PAP

2006-04-07 Thread Frederic Cerisier
Hello,I am trying to configure freeradius 1.0.5 with EAP/TTLS - PAP.But I had a problem at users authentification.My  windows client is SecureW2. It's configured with PAP method.I tried others authentications ( eap/ttls-md5 and eap/tls ), these authentications work correctly. Into my radius.conf fi

Re: Probleme with EAP/TTLS - PAP

2006-04-07 Thread Stefan Winter
Hi, > My users file is : > > "toto" Auth-Type := PAP, User-Password == "totoPAP" > Reply-Message = "Hello, %u" My guess is: don't set Auth-Type; PAP can easily be figured out by the server itself. Stefan -- Stefan WINTER RESTENA Foundation - Réseau Téléinformatique de l'Educati

Re: mysql replication vs. radrelay

2006-04-07 Thread Olaf Schäfer
Am Donnerstag, den 06.04.2006, 15:48 -0600 schrieb Guy Fraser: > Some prefer SQL replication, others suggest it is better to build it > into the management system. If you have lots of people managing > the accounts and you may need a different method, than someone No, fortunately I don't. > Can

Re: mysql replication vs. radrelay

2006-04-07 Thread Olaf Schäfer
> My last experience with MySQL master-master replication and FreeRADIUS was > that mysql corrupted my radacct table within 24 hours. This was 4-5 years That was exactly my concern. > > radrelay on the other hand is easy and works perfectly! That's right :) So I think I'm gonna use radrelay. r

Re: pre-proxy programme

2006-04-07 Thread Mark Supersonik
Sorry, I can't understand it If we want to look first if a WISP has enough prepaid, is not the more consistent way to look into our local MySQL and reject or forward the petition in the pre-proxy stage? It's innecessary forward the petition (in order to accept or reject from the reply) if

Re: RADIUS stops responding after a while

2006-04-07 Thread Stefan Winter
Hi! > I've just went to my radius server and found out that it doesn't want to > handle requests.. I restarted it in debug and it told me that SQL module is > unknown. (was working fine for 1 month) I restarted again in debug and now > it went OK and works fine, but this thing is not acceptable in

Re: Can Juniper router or firewall configured on Free radius

2006-04-07 Thread Bjørn Mork
Venu Gopal <[EMAIL PROTECTED]> writes: > Thanks a lot for the reply, > i got this link for configuring radius, but wonder is > there any modification to be done apart from cisco > devices. It would help if you said what type of Juniper system you are configuring FreeRADIUS for, and what services

Re: User in Multiple Groups

2006-04-07 Thread Phil Mayers
Scott Reed wrote: I did not usurp a thread, I reposted my own. Really? How odd: Message-ID: <[EMAIL PROTECTED]> From: "debik" <[EMAIL PROTECTED]> Subject: Re: Couldn't stop freeradius server!! From: "Scott Reed" <[EMAIL PROTECTED]> Date: Wed, 5 Apr 2006 07:25:29 -0500 Message-Id: <[EMAIL PROT

Re: mysql replication vs. radrelay

2006-04-07 Thread Nicolas Baradakis
Olaf Schäfer wrote: > I'm not sure which is the best way to replicate the accounting > information: using radrelay or mysql-replication, too? To replicate accounting records to one (central) database, I'd suggest to use radsqlrelay and the rlm_sql_log module. I'm using this mechanism in producti

Re: User in Multiple Groups

2006-04-07 Thread Scott Reed
OK, Phil, you got me. I thought all I did was copy the to address, but must have used a reply instead.  Sorry. Thanks for the code suggestions.  I understand what you see as the issue.  Makes sense.  I will experiment with what you suggest and see what I get. Scott Reed Owner NewWays

Re: User in Multiple Groups

2006-04-07 Thread Scott Reed
OK, Phil, you got me. I thought all I did was copy the to address, but must have used a reply instead. Sorry. Thanks for the code suggestions. I understand what you see as the issue. Makes sense. I will experiment with what you suggest and see what I get. Scott Reed Owner NewWays Wirele

Auth-Type = System not working

2006-04-07 Thread Andreas Lund
Hello, What kind of magic tricks are needed to get Auth-Type = System to work? Running FreeRADIUS Version 1.0.4 on SuSE 10 with MD5 and shadow passwords, using the following 'users' file: DEFAULT Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Port-Limi

RE: Auth-Type = System not working

2006-04-07 Thread Gunther
Have you tried: Auth-Type := System > -Original Message- > From: Andreas Lund > Sent: Friday, April 07, 2006 9:37 AM > Subject: Auth-Type = System not working > > Hello, > > What kind of magic tricks are needed to get Auth-Type = > System to work? > > Running FreeRADIUS Version 1.0.4

Re: Can Juniper router or firewall configured on Free radius

2006-04-07 Thread Venu Gopal
Hey Ori, It works for juniper netscreen too...i found the dictionary file in the radius and configured for basic authentication from the server. thanks for all the help and support from your side. Have a great weekend. Need to do more tweaking on netscreen to set it up for privileges. Regards Ven

RE: Auth-Type = System not working

2006-04-07 Thread Andreas Lund
Fri, 7 Apr 2006 09:54:54 -0400, "Gunther" <[EMAIL PROTECTED]> wrote: > Have you tried: Auth-Type := System Umm no, this is not how it appears in 'man 5 users', but let me check... *clicketyclick* Still no go :-/ -Andreas. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list

Re: Auth-Type = System not working

2006-04-07 Thread Alan DeKok
Andreas Lund <[EMAIL PROTECTED]> wrote: > I get this in my radius log: > Fri Apr 7 14:39:01 2006 : Auth: rlm_unix: [###]: invalid password Does the RADIUS server have permission to read /etc/passwd? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: pre-proxy programme

2006-04-07 Thread Alan DeKok
"Mark Supersonik" <[EMAIL PROTECTED]> wrote: > If we want to look first if a WISP has enough prepaid, is not the more > consistent way to look into our local MySQL and reject or forward the > petition in the pre-proxy stage? Did you read and understand my previous two messages? > We are try

sql hangs, was (conflicts/duplicates need)

2006-04-07 Thread Duane Cox
Here is the debug of a packet, there is nothing special about this packet. This packet hits the radius server every 30 seconds to test availability, for monitoring purposes. What hangs is the release of the rlm_sql ... (using sql_unixodbc) Ready to process requests. rad_recv: Access-Request packe

SNMP

2006-04-07 Thread DESETech - German P. Santillan
HI: I put in my radiusd.conf the line below: snmp = yes But when I query (walk) OID 1.3.6.1.2.1.67 I have no answer Any ideas? Thanks in advance and sorry for my poor English Regards Germán P. Santillán Administrador de Redes Responsable Dpto. Técnico DESETech Argentina S.A. San Martín 133

MS-CHAP authenticating (should fail)

2006-04-07 Thread Iain Sims
I've a FR and LDAP server configured that seems to be performing nicely except for one small issue where an 'Auth-Type := Reject' in my users file seems to have little affect. In brief, I want users not caught by the following users file: *** START *** DEFAULT Ldap-Group == "disabled", Auth-Type

Re: mysql replication vs. radrelay

2006-04-07 Thread Peter Nixon
> > Not yet! That's what I'm looking for. I've already started to do > something in this direction regarding ip-pools. Where can I find your > parser? ok. I just committed a new version of sqlippool to the 1.1.x branch. Haven't committed any docs yet so you are kind of on your own until we get ar

automated response

2006-04-07 Thread Olaf Becker
I am not in the office and have no access to my e-mails. I will be back from holidays till the 22nd of April 2006. Thank you for your understanding that your e-mail will be answered after my return to the office. This e-mail will not be forwarded. Best regards Olaf Becker - List info/subscribe

Re: MS-CHAP authenticating (should fail)

2006-04-07 Thread Alan DeKok
Iain Sims <[EMAIL PROTECTED]> wrote: > I've a FR and LDAP server configured that seems to be performing nicely > except for one small issue where an 'Auth-Type := Reject' in my users > file seems to have little affect. In brief, I want users not caught by > the following users file: ... > user

Re: SNMP

2006-04-07 Thread Kevin Bonner
On Friday 07 April 2006 11:43, DESETech - German P. Santillan wrote: > HI: > > I put in my radiusd.conf the line below: > > snmp = yes > > But when I query (walk) OID 1.3.6.1.2.1.67 I have no answer > > Any ideas? > > Thanks in advance and sorry for my poor English > > Regards > > > Germán P. Santi

RE: RADIUS stops responding after a while

2006-04-07 Thread Alex M
-Original Message- From: [EMAIL PROTECTED] .org [mailto:[EMAIL PROTECTED] eeradius.org] On Behalf Of Alan DeKok Sent: Friday, April 07, 2006 1:53 AM To: FreeRadius users mailing list Subject: Re: RADIUS stops responding after a while "Alex M" <[EMAIL PROTECTED]> wrote: > I've just went

Re: Auth-Type = System not working

2006-04-07 Thread monish ar
Its really simple, u probably need to set the fallthrough settings to yes for that particular user. If the fallthrough setting is not set or is set to no, ur user wont be authenticated... hope it helps     

RE: RADIUS stops responding after a while

2006-04-07 Thread Alex M
I'm using MySQL 4.1.7 and it is located on remote server (not even on the same subnet as the radius) -Original Message- From: [EMAIL PROTECTED] .org [mailto:[EMAIL PROTECTED] eeradius.org] On Behalf Of Stefan Winter Sent: Friday, April 07, 2006 5:22 AM To: FreeRadius users mailing list S

Re: User in Multiple Groups

2006-04-07 Thread Phil Mayers
Scott Reed wrote: OK, Phil, you got me. I thought all I did was copy the to address, but must have used a reply instead. Sorry. Grin - it was not my intention to "get" you. I'm certainly not the mailing list police. The only reason I mentioned it is that I (and I suspect many) people drop wh

Re: RADIUS stops responding after a while

2006-04-07 Thread Peter Nixon
On Fri 07 Apr 2006 20:57, Alex M wrote: > I'm using MySQL 4.1.7 and it is located on remote server (not even on the > same subnet as the radius) Do you have a statefull firewall (Checkpoint etc) between radius and the sql server? That can cause timeout problems accessing the database, although no

RE: RADIUS stops responding after a while

2006-04-07 Thread Alex M
Yea got one firewall in between... but if it is time out I assume it should just drop like couple requests and then work fine, but in my case it just stop responding for everything -Original Message- From: [EMAIL PROTECTED] .org [mailto:[EMAIL PROTECTED] eeradius.org] On Behalf Of Pet

Re: RADIUS stops responding after a while

2006-04-07 Thread Peter Nixon
Well, a statefull firewall that has forgotten the state will hang ALL sql connections that are open... -Peter On Fri 07 Apr 2006 21:59, Alex M wrote: > Yea got one firewall in between... but if it is time out I assume it should > just drop like couple requests and then work fine, but in my case

sql_log question

2006-04-07 Thread Miguel
hi, i have a reporting system, this will perform intensive calculations, agregate functions etc using accounting data, so i dont want to run this system in the same server where the account is stored, i plan to use the sql_log/sql-relay combo, however i do need that the account data be stored o

Re: Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)

2006-04-07 Thread Alan DeKok
Tyler MacDonald <[EMAIL PROTECTED]> wrote: > It appears that several other GPL apps have added a special clause > to their license that allows them to be linked against OpenSSL. > > Could this be done for freeradius/freeradius-postgresql as well? I have no objection to that. Debian sho

Re: Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)

2006-04-07 Thread Tyler MacDonald
Alan DeKok <[EMAIL PROTECTED]> wrote: > > It appears that several other GPL apps have added a special clause > > to their license that allows them to be linked against OpenSSL. > > > > Could this be done for freeradius/freeradius-postgresql as well? > > I have no objection to that. > > D

Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)

2006-04-07 Thread Tyler MacDonald
Greetings FreeRadius people, This discussion started on the postgresql's "pgsql-general" mailing list. The problem here is that the freeradius-postgresql package needs to link against libpgsql, which means that it may be indirectly linked against openssl. There is a conflict between OpenSS