-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello!!!
I want to send from my radius server several attributes to the client, but
I've been looking at the documenation. I can do that if my attribute-ID is
between 1 and 100 (I guess, maybe is it 256), but also the documentation
says that a new attribute has to have an ID greater than 3000.
Hi,
I am developing a RADIUS client for our embedded
product. I would like the Radius client implementation
to support the association of privilege level with
individual accounts, e.g. the account "normal_user"
has a privilege that allows read-only access while
account "admin_user" has a privilege
On Tuesday 25 April 2006 01:43, TS wrote:
> > What does debugging mode say?
>
> Exactly what you'd expect it to say if the realm isn't in proxy.conf:
>
> #
> rad_recv: Access-Request packet from host 127.0.0.1:33499, id=115,
> length=68 User-Name = "[EMAIL PROTECTED]"
> User-Password =
> Try this in your radiusd.conf:
>
> basedn = "ou=%{Huntgroup-Name},ou=radius,dc=mtaonline,dc=net"
>
> You will need to either rename your "dial" huntgroup to "people" to
> match your ldap structure or you can change the profile OU to be dial.
> Either way, this setup is working for me.
>
> Ben
Try this in your radiusd.conf:
basedn = "ou=%{Huntgroup-Name},ou=radius,dc=mtaonline,dc=net"
You will need to either rename your "dial" huntgroup to "people" to
match your ldap structure or you can change the profile OU to be dial.
Either way, this setup is working for me.
Ben
On Tue, 2006-04-2
Okay, i want radius to look at two trees in ldap, one tree for dial-up
one tree for dsl (so a user with a static ip in dsl gets a dynamic ip in
dial-up).
my huntgroup is like this:
dialip1
dialip2
dialip on local box for testing
dsl ip3
dsl ip4
dsl ip on local box for
"Mark D. Montgomery II" <[EMAIL PROTECTED]> wrote:
> Basically, we want ANYONE to be able to hit connect on the access point
> and get a WPA connection (with minimal tweaking to windows settings to
> make it work and without them having to enter their username and pass).
They still need a userna
These aren't lists to my knowledge. Each takes a single filename. If
you need multiple CA certificates, you can concatenate each of the PEM
files into a single file and use that as your CA_file.
--Mike
Sochacki, Kevin wrote:
Hi All,
In eap.conf under the tls section the comments for ‘
We are trying to setup a hotspot-type system on campus for easy
wireless access since we are planning to go all laptops in the near
future.
Right now, we are trying to get a braindead WPA setup working (couple
hundred students + wep key or passkey + 2 IT people = pain).
Basically, we want ANYONE
Santiago Balaguer García wrote:
> I have a freeradius 1.1.0 and a DB with all my users. I have two kinds
> of users:
> * users who can connect to all hotspots
> * user who can only connect to one or some hotspots.
> Actually I can use a script in Exec-Program-Wait property to
> differenciate, b
Hi All,
In eap.conf under the tls section the comments for ‘CA_file
=’ says it’s a list. Can someone tell me what the separator is? I’m
assuming it’s a space, I have looked around but have not found any reference.
Also, are the ‘private_key_file’ and ‘certificate_file’
parameters list t
"TS" <[EMAIL PROTECTED]> wrote:
> The object is to not to have to configure any realms as local.
That conflicts directly with your requirement to allow users to log
in as "user" or "[EMAIL PROTECTED]".
> If I have a user whose username is [EMAIL PROTECTED] I can easily specify
> arealm.com as l
quick, very short and uncomplete answer :)
*check tables:information which have to be checked from freeRADIUS, like
user & password
*reply tables:information which freeRADIUS sends back to your NAS (e.g.
IP-pool, data rate etc.)
*acct tables: here are the accounting information stored by freeRAD
[EMAIL PROTECTED] wrote:
> i have added
>
> DEFAULT EAP-TLS-Require-Client-Cert := Yes
>
> in the users file
>
> but the supplicant (windows XP) do not send the certificate ...
That configuration tells the server to reject the clinet UNLESS it
sends the certificate.
Francois-Xavier GAILLARD <[EMAIL PROTECTED]>wrote:
> Let's say I have 10 LNS, but I can only push 2 at a time using
> Tunnel-Server-Endpoint. Does anyone know of an easy way of dynamically
> assigning the Tunnel-Server-Endpoint ? (just the way ippool does for the
> Framed-IP-address)
Use an ext
=?iso-8859-1?B?U2FudGlhZ28gQmFsYWd1ZXIgR2FyY+1h?=
<[EMAIL PROTECTED]> wrote:
> I have a freeradius 1.1.0 and a DB with all my users. I have two kinds of
> users:
>* users who can connect to all hotspots
>* user who can only connect to one or some hotspots.
> Actually I can use a sc
"Philippe Bacquaert" <[EMAIL PROTECTED]> wrote:
> I'm searching how to make freeradius (when receiving a request
> from a radius client) request itself a dynamic IP address to a
> dhcp server and write it in the attribute Framed-IP-Address.
You write a scipt around dhclient, which might work. O
"Mario Casola" <[EMAIL PROTECTED]> wrote:
> Hello, I've installed freeradius and I've configured it to comunicate with
> mysql...all work fine, but I don't understand the meaning of the mysql
> database structure and all the possible values I can put in the database...if
> someone could illuminate
hi My authentifacation, with the users freeradius files, start and run perfectly. But now I would like to use Ldap. What is the configuration for it? Please Thanks a lot for your help.
Faites de Yahoo! votre page d'accueil sur le web pour retrouver directement vos services préf
Hello, I've installed freeradius and I've configured it to comunicate with
mysql...all work fine, but I don't understand the meaning of the mysql
database structure and all the possible values I can put in the database...if
someone could illuminate me.
Thanks in advance
-
List info/subscribe/unsu
hi
i have tested eap-tls authentication method and it works
i have tested peap authentication method and ot works
but i would like to FORCE the supplicant to send the certificate in the
peap authentication
i have added
DEFAULT EAP-TLS-Require
Hi Freeradius friends!
I am programming a proxyRadius (FreeRadius v1.88.2.3 in Debian) in order to
write a Session-Tiemout attribute with a value =3600 if the attribute
doesn't exist yet.
I have defined an instance of attr_rewirte called setSessionTimeout3600
with append=no, new_attribute=no,
Hi list,
I'm using freeradius 1.1.1 (debian Sarge) that has all user stored in a
MySQL database.
Let's say I have 10 LNS, but I can only push 2 at a time using
Tunnel-Server-Endpoint. Does anyone know of an easy way of dynamically
assigning the Tunnel-Server-Endpoint ? (just the way ippool doe
On 4/25/06, sumi thra <[EMAIL PROTECTED]> wrote:
On 4/25/06, Alan DeKok <
[EMAIL PROTECTED]> wrote:
"sumi thra" <[EMAIL PROTECTED]> wrote:> Please find my users file configuration & error message below
...> /var/etc/raddb/users[2]: Unexpected trailing comma in check item list for
> entry DEFAULT
I have a freeradius 1.1.0 and a DB with all my users. I have two kinds of
users:
* users who can connect to all hotspots
* user who can only connect to one or some hotspots.
Actually I can use a script in Exec-Program-Wait property to differenciate,
but I don't seem a very clean method.
How
My problem with the configuration above described is my RADIUS proxy doesn't
active fallover. It means the first entry falis, freeradius doesn't verify
the following entry of domain1. I test putting the label:
ldflag = fail_over
in the description os a realm entry. Whay can I do
27 matches
Mail list logo