Hi !
Are you sure your certificate isn't already in PEM format?
How can I verify which format the certificate is in ?
# openssl x509 -in somecertificate.cer -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:4c:8a:74:b7:45:cd:7f:cd:47:71:b8:c0:f2:60:6a
This is the error I'm getting:radwho: Error reading /var/log/freeradius/radutmp: No such file or directoryradutmp indeed doesn't exist in /var/logDoes anyone know why is freeradius not creating the radutmp file?
Thanks.
-
List info/subscribe/unsubscribe? See
Hello to everyone.
I have a question regarding a configuration I am trying to achieve. I
have users stored in an ldap database. An example user entry looks
like this:
dn: uid=kzorba,ou=people,dc=company,dc=gr
cn: ZORBADELOS KONSTANTINOS
uid: kzorba
clearTextPwd: mypassword
radiusProfile:
Hello,
I have freeradius version 1.1.2 and a samba installation with version
3.0.23. My Samba works as a Windows NT 4.0 PDC.
Now I want that the radius sends authentication requests to the samba. So
that I can logon on on the radius server with my samba domain login.
What parameter in
This is Framed-IP-Address in radius dialect.
Thanks for explaining freeradius basic concepts. I understood, that to assign
IP to user I should use users freeradius file. But I couldn't configure it
correctly. Now I have only one line in this file
DEFAULT Auth-Type := MS-CHAP
I've add another
On Wed, Jun 28, 2006 at 11:56:27AM +0300, Kostas Zorbadelos wrote:
I have a few suspicions where the problem might be.
Is there a way to define the operator in the radius check attributes
of ldap (without using the generic radiusCheckItem attribute)?
--
Kostas Zorbadelos
[EMAIL PROTECTED]
Thanks for the guidance.
how can i use the post-auth section??
Regards Thanks
Mahesh S Kudva
-Original Message-
From: Phil Mayers [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Date: Tue, 27 Jun 2006 10:30:37 +0100
Subject:
On Wed, 28 Jun 2006, Kostas Zorbadelos wrote:
On Wed, Jun 28, 2006 at 11:56:27AM +0300, Kostas Zorbadelos wrote:
I have a few suspicions where the problem might be.
Is there a way to define the operator in the radius check attributes
of ldap (without using the generic radiusCheckItem
On Wed, 28 Jun 2006, Kostas Zorbadelos wrote:
Hello to everyone.
I have a question regarding a configuration I am trying to achieve. I
have users stored in an ldap database. An example user entry looks
like this:
dn: uid=kzorba,ou=people,dc=company,dc=gr
cn: ZORBADELOS KONSTANTINOS
uid:
Hi Mahesh,
This is *totally* independent of the authentication process. You
don't need to do anything to the RADIUS server to do this.
You need a DHCP server. When your client (the PC) is attached to a
particular subnet, it will request a DHCP address by sending a
broadcast to find a DHCP
On Wed, Jun 28, 2006 at 02:11:00PM +0300, Kostas Kalevras wrote:
On Wed, 28 Jun 2006, Kostas Zorbadelos wrote:
Hello to everyone.
I have a question regarding a configuration I am trying to achieve. I
have users stored in an ldap database. An example user entry looks
like this:
dn:
My greetings to the list.
The company I work is one of the largest ISPs in Greece. We are
evaluating the possibility to move away from our current radius
software (FUNK Radius now Juniper) in favour of freeradius.
We as technical people understand all the benefits of the move (and it
would also
- Any large installations that use freeradius effectively today
(commercial environments preffered). This would give us arguments in
favour of freeradius scalability and reliability
http://www.eduroam.org Non-commercial, sorry.
- Possibility to have commercial support
On Wed, Jun 28, 2006 at 02:09:15PM +0300, Kostas Kalevras wrote:
On Wed, Jun 28, 2006 at 11:56:27AM +0300, Kostas Zorbadelos wrote:
I have a few suspicions where the problem might be.
Is there a way to define the operator in the radius check attributes
of ldap (without using the generic
On Wed, 28 Jun 2006, Kostas Zorbadelos wrote:
On Wed, Jun 28, 2006 at 02:09:15PM +0300, Kostas Kalevras wrote:
On Wed, Jun 28, 2006 at 11:56:27AM +0300, Kostas Zorbadelos wrote:
I have a few suspicions where the problem might be.
Is there a way to define the operator in the radius check
On Wed, 28 Jun 2006, Kostas Zorbadelos wrote:
My greetings to the list.
The company I work is one of the largest ISPs in Greece. We are
evaluating the possibility to move away from our current radius
software (FUNK Radius now Juniper) in favour of freeradius.
We as technical people understand
Hello,
I have installed FreeRadius server on
Trixbox Server. My problem is mysql is not letting FreeRadius to login either locally
or remotely. I also insert proper entries in HOST and USERS tables. But it does
not work I always get ERROR 1045 (28000); Access Denied for user
By default, OpenSSL uses PEM format, so if you didn't specify a
certificate format of DER, then its a PEM encoded cert. If you look
at the cert in a text viewer/editor, you'll see lines that have ---
BEGIN CERTIFICATE--- and ---END CERTIFICATE--- if its PEM encoded.
--Mike
On Jun 28,
Wasif wrote:
I have installed FreeRadius server on Trixbox Server. My problem is
mysql is not letting FreeRadius to login either locally or remotely. I
also insert proper entries in HOST and USERS tables. But it does not
work I always get ERROR 1045 (28000); Access Denied for user
liran tal [EMAIL PROTECTED] wrote:
Does anyone know why is freeradius not creating the radutmp file?
The NAS isn't sending accounting packets.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Kostas Zorbadelos [EMAIL PROTECTED] wrote:
- Any large installations that use freeradius effectively today
(commercial environments preffered). This would give us arguments in
favour of freeradius scalability and reliability
Most commercial installations won't publicly say they're using
Using the same FR, authenticating wireless client sagainst the Active directory
using PEAP and TLS and now trying to authenticate the PPTP clients against the
Active directory thru Dlink FW. The first part works like charm...and the
second one i have issue with and here is the MSCHAP
Kartthik Raghunathan [EMAIL PROTECTED] wrote:
Using the same FR, authenticating wireless client sagainst the Active
directory using PEAP and TLS and now trying to authenticate the PPTP clients
against the Active directory thru Dlink FW. The first part works like
charm...and the second one i
I don't think it's because of that since I do have records on radacct table.On 6/28/06, Alan DeKok [EMAIL PROTECTED]
wrote:liran tal [EMAIL PROTECTED]
wrote: Does anyone know why is freeradius not creating the radutmp file?The NAS isn't sending accounting packets.Alan DeKok.-List
Hi,
I have a question on configuring freeradius to return
vlan attributes base on a user group membership or ou.
I have a windows client xp sp2 using peap mschap2 to
authenticate off radius. How do I set radius to
return a vlan id of 10 if the user belongs to the
student group and if the user
Hi,
I keep getting the following error when building freeRADIUS on SuSE 10 x64.
/usr/lib/libltdl.so: could not read symbols: File in wrong format
I have tried to configure with the flag --disable-ltdl-install and without
and get the same message each time. Is there something else I need to do
fvt3 wrote:
Hi,
I have a question on configuring freeradius to return
vlan attributes base on a user group membership or ou.
I have a windows client xp sp2 using peap mschap2 to
authenticate off radius. How do I set radius to
return a vlan id of 10 if the user belongs to the
student group and
I thought the ldap module wouldn't work with PEAP and AD unless you store the
LM and NT password hashes for each user in AD?! Because you can't get the
cleartext password back from AD...
I don't think that extending AD to store this info would be difficult, I just
think having those hashes
You will need to configure the LDAP module to fetch groups from ADs LDAP
server. See copious documentation or posts to the list. Broadly, once the
LDAP module is setup correctly:
DEFAULT NAS-Port-Type == Wireless-802.11, Ldap-Group == Students
Tunnel-Medium-Type = IEEE-802,
I never though about splitting the authentication and authorization between
ntlm and ldap.
I don't see why that wouldn't work, but I really have no idea.
But that would be pretty slick, coupled with some hacked wrt54g's to support
the vlans a pretty cheap enterprise level solution!
--
Hello !
By default, OpenSSL uses PEM format, so if you didn't specify a
certificate format of DER, then its a PEM encoded cert. If you look at
the cert in a text viewer/editor, you'll see lines that have --- BEGIN
CERTIFICATE--- and ---END CERTIFICATE--- if its PEM encoded.
The
Hello All.
I'm having a rather odd problem and can no longer afford to bang my head on
the desk.
I have Freeradius 1.1.1 working for winXP clients and Intermec CK30 bar code
scanners using EAP-TLS authentication. The issue I'm having is with win2k.
According to my radius log an
Are you suggesting that do not use MSCHAP module and
use ldap module to do group lookup? If you using LDAP
module, that would mean stripping the user name
because the user name will be in this format
domain\\username. Then in radius config file I
would have
ldap student {
}
ldap staff {
}
33 matches
Mail list logo