The answer why I have several password for a same radius account is easy.
I have two or more hotspot models (Nomadix, Mikrotik, Gemtek...) and I want
to active successfully MAC authentication method of these kind od devices.
While one hotspot accept blank password (see some previous entries
I made a mistake!!
the correct 'op' attribute is '+=' instead of '==' or ':='
*
[EMAIL PROTECTED] wrote:
I use freeradius-1.1.0. Where is any problem an account has two or
more
entries in radcheck table???
I use :
11:22:33:44:55:66
Hi everyone,
Here is my problem, I think I configured everything but the detail
file is never created for accounting. I also use a mysql data base
for accounting only and nothing is appended to the table radacct
either. It is like accounting does not work at all. Here are some
parts of
I try to use FreeRADIUS for building 801.1X EAP-TLS authorization. I
want to use only computer certificates (not user ones) on WinXP. such
certificates contains FQDN of client in `commonName' field.
But WinXP/SP2 sent `User-Name' in such case as `host/FQDN'. And
checking of commonName
Hi,
sorry if I come up with this question here, since it is not a problem of
freeradius by itself, but maybe someone could help me
I want to use freeradius also for authenticating our network-admins when
they login to our network-devices (e.g. Cisco boxes)
Authentication/Authorizsation works
Ok, I am going insane.
This is the story:
I have two IDENTICAL servers, HP DL320, Intel P4
I have Fedora Core 5 installed on both with IDENTICAL packages.
I downloaded, extracted the freeradius-1.1.1.tar.gz and proceeded to
configure with the exact same configure statement.
I installed
Hello,
as I have noticed there is no possibility to check the subject
and issuer of the client certificate. My idea is to use EAP-TLS authN,
but allow only some of certificates issued by concrete CA. Two options
which are available in EAP-TLS config are not suitable for me. I don't
want to
Michal Prochazka wrote:
I'm open for every remark and enhancement of this patch.
IMHO, it is very breakable script: it compare only strings (issuer
name, subject, etc), which can be forged easily. IMHO, we need to check
sha1/md5 signatures of CA certificates, not strings.
--
// Lev
Michal Prochazka wrote:
I'm open for every remark and enhancement of this patch.
BTW, here is `CA_file' parameter in `tls' module, so CA certificate
know to us. And we can check this CA without any external script
--
// Lev Serebryakov
-
List info/subscribe/unsubscribe? See
IMHO, it is very breakable script: it compare only strings (issuer
name, subject, etc), which can be forged easily. IMHO, we need to check
sha1/md5 signatures of CA certificates, not strings.
I don't agree with you. Freeradius checks that the certificate is issued
by one of the CA defined
BTW, here is `CA_file' parameter in `tls' module, so CA certificate
know to us. And we can check this CA without any external script
I don't understand what are you meaning with this? This patch doesn't
check the CA. The check script is run after the successuf TLS
authentication.
--
Michal Prochazka wrote:
I don't agree with you. Freeradius checks that the certificate is issued
by one of the CA defined in config of EAP-TLS. And then this script
compare the subject, you cannot forged it. And of course this patch can
be easily enhanced to export sha1/md5 signatures.
Oh,
Configure probably isn't finding the mysql libraries and/or header files
and isn't compiling the rlm_sql module properly. I'm not sure why this
is happening if everything is identical like you say, but its my bet.
Look in your freeradius-1.1.1/lib/ directory for the rlm_sql module
files. If
Shawn Hamman wrote:
Ok, I am going insane.
This is the story:
I have two IDENTICAL servers, HP DL320, Intel P4
I have Fedora Core 5 installed on both with IDENTICAL packages.
I downloaded, extracted the freeradius-1.1.1.tar.gz and proceeded to
configure with the exact same configure
It is difficult to see what your machine is doing since you are giving
us bits and pieces of the problem and out of order.
Damian Porter wrote:
thanks for all you input so far, and i am still looking, trying to use
the hint and huntgroup file for a work around so success yet. By the way
i
Is your NAS sending accounting records?
--
Mike Ockenga
-Original Message-
From:
[EMAIL PROTECTED]
us.org
[mailto:[EMAIL PROTECTED]
freeradius.org] On Behalf Of Axel Seguin
Sent: Friday, May 12, 2006 3:08 AM
To: FreeRadius users mailing list
Subject: No detail file created
Michal Prochazka wrote:
I'm open for every remark and enhancement of this patch.
Have you considered instead having the eap-tls module add a
server-private config attribute e.g.
EAP-TLS-Client-Cert-Subject
EAP-TLS-Client-Cert-Issuer
...which would be a bit more general. If you wanted to
Hello all,
i have allready freeradius installed and working well, but i can see resentlly its became very slow to replay the DataBase wich is MySQL, could any one send me the formal configuration file for one freeradius witch is allreay running well and acting good with MySql Database?
best
Yasir Elhaggaz wrote:
Hello all,
i have allready freeradius installed and working well, but i can see
resentlly its became very slow to replay the DataBase wich is MySQL,
could any one send me the formal configuration file for one freeradius
witch is allreay running well and acting
Shawn Hamman wrote:
(gdb) bt
#0 0x00d789c9 in lt_dlsym (handle=0x88de758, symbol=0x88dd158
rlm_sql_mysql) at ltdl.c:3330
#1 0x00fb65fa in rlm_sql_instantiate (conf=0x88307e0, instance=0x88dcb40)
at rlm_sql.c:696
#2 0x0805303b in find_module_instance (instname=0x88339c8 sql) at
Hello all
I am new to RADIUS. I am using Cisco IP IP gw as NAS and RADIUS. I have
few doubts regarding the interaction between CISCO and RADIUS
Whenever the request for authentication comes, for all authenticated
users I wish to send some extra details like
Billing model, credit time etc. If I
On 5/12/06, Jeremy ohara [EMAIL PROTECTED]
wrote:
Hi there
i been able to get the radius to working. but the problem i'm
having is. when i try to do a test login it keeps being rejected. i've setup
groups, etc and using dialupadmin for administration. i've attached the
radiusd.conf and
Hi there i kinda get what you mean.ive tried
both clear and crypt and both send up the same way. i reset the password
before try a login test and both failedi've
attached the admin.conf file from dialupadmincan
y ou see any problmes in itjeremy
-Original Message-
From: YvesDM
23 matches
Mail list logo