Hello Edvin,
Thanks for responding.
mysql was installed from the linux Enterprise 4 cd by selecting the
mysql devel,server and client options.
--Monsur
On 6/1/06, Seferovic Edvin [EMAIL PROTECTED] wrote:
Hi,
how did you installed it? From an RPM ? or have you compiled and installed
it from
hello all
i am using cisco ipipgw and free radius. for a single call i get 2
records. one for each leg. now i want to supress one of the leg mostly
outbound. i cant use gw-accounting suppress as both the legs are voip. i
even tried voice class aaa accounting suppress outbound leg but still no
I will be out of the office starting 02/06/2006 and will not return until
12/12/2008.
Please send personal messages to [EMAIL PROTECTED]
For all business related matters, please contact Jeremy Forrester at
[EMAIL PROTECTED]
Cheers,
Lawrence
Privileged/Confidential information may be
Hello, i'm pretty new to the freeradius world, so please forgive me if i
don't use the correct terms.
Here is my situation:
1 AP with a freeradius auth backend used to gain access to the inner
network. All works fine, i've setup both clients and server to use
EAP-TLS.
Now the question:
I need to
Hello Sir,
I went through the radiusd.conf file. I am not getting the exact purpose of
the ippool main_pool{
rangesatrt = 192.168.1.1
Hi
I'd like to make a public hotspot management system with chillispot and
freeradius.
I saw in the freeradius source that the NAS are identified from the ip
address, and the secret is determined from it.
My problem is that there can be hotspots on dynamic ip addresses.
The solution I found
range-start = 192.168.1.1
range-stop = 192.168.1.200
netmask = 255.255.255.255
cache-size = 56
session-db = ${raddbdir}/db.ippool
ip-index = ${raddbdir}/db.ipindex
override = yes
My question is :
- What can a malicious user can do with the secret? Can it alter accounting
and other things? (chillispot uses chap auth-type)
one is spell it out and try rumble it so he forms a new word from it
- Is there a way of maintaining a per hotspot secret with dynamic ip
addresses?
most APs provide a feature wherein you can block certain MAC addr and/or IP
addr not to authenticate from that particular AP.
check its manual. check huntgroup to separate groups.
no need to change the environment. cascading or non-cascading should work
out right.
goodluck
-Original
that simply means you need to call them from Accounting and Post-Auth module
section of radius conf see more of Pool-Name attribute as well
Hello Vertito,
Thanks for your information.But I did not get the meaning of the attributes
in the below sentence,
dont forget to call them from conf and
[STATE] Backend State : RECEIVE - TIMEOUT[WARNING] Timeout waiting for the authenticator to begin the EAP conversation.This usually happens when the RADIUS server is misconfigured, the authenticatorcan't talk to the RADIUS server, or the username provided is invalid.
vertito wrote:
My question is :
- What can a malicious user can do with the secret? Can it alter accounting
and other things? (chillispot uses chap auth-type)
one is spell it out and try rumble it so he forms a new word from it
Is it a real security problem? I will be using accounting for
Title: rlm_eap_mschapv2: out of memory
Can someone please tell me how I might fix this?
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 20
rlm_eap: EAP Identity
rlm_eap: processing type mschapv2
rlm_eap_mschapv2: out of memory
rlm_eap:
Hi,
I have questions concerning authentication method. Is
it possible to force radius to authenticate off of
ldap AND also from a local database? Example, say a
user is connected to radius, first his user
id/password will be authenticated against ldap and if
the supplied credential is correct,
Hello all
I have following doubts regarding access reply query
1. how do I send multiple attributes using the radreply
E.g billing model, credit time etc
2. I have written a function in MySQL to return me the credit time. How
do I include this function in my radreply query.
Vignesh
-
List
Ryan Melendez [EMAIL PROTECTED] wrote:
Can someone please tell me how I might fix this?
...
rlm_eap_mschapv2: out of memory
rlm_eap: Default EAP type mschapv2 failed in initiate
From looking at the source, it happens when a call to pairmake()
fails. I'd guess that the MS-CHAP-Challenge
sophana [EMAIL PROTECTED] wrote:
I saw in the freeradius source that the NAS are identified from the ip
address, and the secret is determined from it.
That's how RADIUS works.
My problem is that there can be hotspots on dynamic ip addresses.
The solution I found actually is to have an
fvt3 [EMAIL PROTECTED] wrote:
I have questions concerning authentication method. Is
it possible to force radius to authenticate off of
ldap AND also from a local database? Example, say a
user is connected to radius, first his user
id/password will be authenticated against ldap and if
the
Alan DeKok wrote:
My problem is that there can be hotspots on dynamic ip addresses.
The solution I found actually is to have an unique secret shared with
all hotspots.
So the secret is known by everybody.
Or, make the hotspots NOT have dynamic IP's. There's no reason why
Thank You Alan,
The microsoft dictionary was commented out in
/usr/local/share/freeradius/dictionary.
Ryan
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:freeradius-users-
[EMAIL PROTECTED] On Behalf Of Alan
DeKok
Sent: Friday, June 02, 2006 10:16 AM
To: FreeRadius users
Am having a strange problem after my supplicant get authenticated to
my active directory. My supplicant trying to get authenticated to
active directory or validating identity every 60 mins, which disturbs
wireless connection that bother me a lot. Is this normal or can i set
the timer to
Alan DeKok wrote:
Shane [EMAIL PROTECTED] wrote:
Read radiusd.conf, and look for /etc/passwd. Odds are that you
enabled caching of /etc/passw. There's a reason it's not enabled by
default, it doesn't work on FreeBSD. Which is explicitly documented.
No, that isn't the cause as I have the
22 matches
Mail list logo