"Charlie B" <[EMAIL PROTECTED]> wrote:
> I have checked the shared secret, and earlier in the debug you can see that
> it binds successfully.
To LDAP? That doesn't matter. The shared secret isn't used there.
> After which it attempt to authenticate the user with
> the credientials provided a
Norbert Wegener <[EMAIL PROTECTED]> wrote:
> rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=32, length=20
> rad_decode: Received Access-Accept packet from client 127.0.0.1 port
> 1812 with invalid signature (err=2)! (Shared secret is incorrect.)
That message would appear to be defi
"Elie Hani" <[EMAIL PROTECTED]> wrote:
> Well I'm trying to configure 2 pools of IPs, where these pools should be
> created?
In the server configuration? Using the ippool module?
> can it be done on the radius and this radius will take care of
> giving the IPs to the users? or should I config
"Marek Soha - intrak.sk" <[EMAIL PROTECTED]> wrote:
> Have you any idea to configure it with crypted passwords stored in the
> database and with cisco accesspoint clients autentification?
> Now im using EAP/PEAP in cisco ap to authorize windows xp client (PEAP
> required).
Please go back and rea
"Mircea Harapu" <[EMAIL PROTECTED]> wrote:
> The pam_radius_auth is sending User-Password without beeing encrypted .
If you know more about RADIUS than the people on this list, I'm
curious why you're asking questions about it.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.fre
Comments inline...
Phil Mayers wrote:
Paul Long wrote:
A man page (http://www.die.net/doc/linux/man/man5/users.5.html) for
the users file says, "Attribute := Value ... Always matches as a
check item..." So does that mean, no matter what the value is, it
will always
Well, the wording might
Paul Long wrote:
A man page (http://www.die.net/doc/linux/man/man5/users.5.html) for the
users file says, "Attribute := Value ... Always matches as a check
item..." So does that mean, no matter what the value is, it will always
Well, the wording might be a bit confusing.
FreeRadius works the
A man page (http://www.die.net/doc/linux/man/man5/users.5.html) for the
users file says, "Attribute := Value ... Always matches as a check
item..." So does that mean, no matter what the value is, it will always
match the attribute? I don't see that happening. As an experiment, I
have a supplica
Hoercher,
Thank you so much for your time. I really think that it is a problem
over my pppoe-server but it is something I cant change (its enbeded into
a system box). The configuration to radius autentication are very limited.
To solve the problem I made a script into my linux box that get in
On 7/21/06, Nataniel Klug <[EMAIL PROTECTED]> wrote:
I could not understand what you mean with this MIA. I will look for more
info into my PPPoE-Server.
Hi,
ok, sorry about that bit of levity. I meant "missing in action" in
respect of your not connected users. As I said, freeradius doesn't
kee
Sorry for being such a noob, but what type of auth should I use?
I'm going to go read the man to find out how to tell it to use crypted
passwords... unless anyone feels like giving me a pointer:) The howto I used
must have been a bad one.
Thanks
--
View this message in context:
http://www.nab
Hoercher,
I could not understand what you mean with this MIA. I will look for more
info into my PPPoE-Server.
Att,
Nataniel Klug
K. Hoercher escreveu:
There is no such thing as "user remains connected into my radius
server". It's the client's (here PPPoE Server?) responsibility to act
accor
All,
I see reference to setting DEFAULT in mysql database tables.
I need to set the default value of Acct-Interim-Interval = 60s for all
users. Can I just put this in my radreply table:
user attribute op value
---
DEFAULT, Acct-Interim-Interval, :=, 60
Wi
Hi,
Can anyone point me to some good tutorials for using Freeradius to
authenticate wireless users in a WISP environment?
Thanks,
Lisa Casey
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
There is no such thing as "user remains connected into my radius
server". It's the client's (here PPPoE Server?) responsibility to act
accordingly. In particular it should eventually update the accounting
if a "client"/user is MIA. That might be near to the problem you are
refering to.
Best regar
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
All rightNow authentication works fine.Many thanks to all ones which have given me these useful advicesHave a nice dayThanks AgainGiusy Venezia
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
unsubscribe
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely
for the use of the addressee(s). If you are not the intended recipient, please
notify the sender by e-mail and delete the original message.Global Edge
Software Ltd has taken every reasonable precaution t
Hi,
> I've been watching the logs and my question is why localhost takes part in
> the process.
Inner workings of FreeRADIUS. The "inner" authentication (within the EAP TLS
tunnel) counts as a new request, coming from localhost.
Stefan Winter
--
Stefan WINTER
Fondation RESTENA - Réseau Téléi
Thanks for the reply,I have checked the shared secret, and earlier in the debug you can see that it binds successfully. After which it attempt to authenticate the user with the credientials provided and fails, the only thing I can see is that it is changing the password provided into garbage and s
I want to use mysql with freeradius and a default entry in the users file.
Testing with radtest I get an Access-Accept which is ok.
But there is an additional information, which irritates me and I have no
idea, what it means.
In case of an incorrect shared secret - as far as I know - no
Access-Acc
Hello all,
I am with a very big problem. I have a system that uses PPPoE server
to authenticate my clients into an FreeRadius server. The server is
running ok but when something not expected happens in my clients (like a
enery blackout or something like that) the user remains connected i
Unsubscribe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi all, I've been watching the logs and my question is why localhost takes part in the process.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
> Thibault Le Meur wrote:
> > rad_recv: Access-Request packet from host 127.0.0.1:32801,
> id=0, length=217
> > User-Name = "misterc"
> > CHAP-Challenge = 0xa26932d73791f27d1314426f740ab34e
> > CHAP-Password = 0x002e07a2cc1f27e7fbd22e7bb3721a3986
>
> >
> > That means that yo
Mircea Harapu wrote:
PAP sends the following radius request:
User-Name = "Someuser"
User-Password = "somepassword"
HOWEVER, the User-Password field in a radius packet is defined by RFC to
be encrypted with the radius shared secret.
The pam_radius_auth is sending User-Password without beeing e
John Keimel wrote:
I have two Freeradius servers, one of which authenticates MAC addresses
for wireless, the other [EMAIL PROTECTED] for some other network
access.
I'd like to combine the two of them into one server. If the username
comes through without a realm (a MAC address) I'd like it to
dn: cn=Vito Cu,ou=utenti,dc=,dc=it
userPassword:: e1NIQX1TQ01UU1l5cVpESHcvSXhqRUJGWHdQQnFTTXM9
This is:
userPassword: {SHA}SCMTSYyqZDHw/IxjEBFXwPBqSMs=
You MUST have plaintext passwords in your LDAP directory to do CHAP.
Fri Jul 21 11:15:51 2006 : Debug: rlm_ldap: Adding userPassword as
Thibault Le Meur wrote:
rad_recv: Access-Request packet from host 127.0.0.1:32801, id=0, length=217
User-Name = "misterc"
CHAP-Challenge = 0xa26932d73791f27d1314426f740ab34e
CHAP-Password = 0x002e07a2cc1f27e7fbd22e7bb3721a3986
That means that your client is trying MS-CHAP, a
Well, after some changes in OpenLDAP config, this is the result:
So your first issue was openldap related...
Fri Jul 21 11:15:51 2006 : Debug: rlm_ldap: bind as
cn=Manager,dc=,dc=it/PASSWORD to 192.168.1.221:389
Fri Jul 21 11:15:51 2006 : Debug: rlm_ldap: waiting for bind result ...
Fri J
Well I'm trying to configure 2 pools of IPs, where these pools should be
created? can it be done on the radius and this radius will take care of
giving the IPs to the users? or should I configure a dhcp and relay it to
the radius?
I tried to configure on the radius , in the config file file, in th
Hi.
Thanks for a reply.
Have you any idea to configure it with crypted passwords stored in the
database and with cisco accesspoint clients autentification?
Now im using EAP/PEAP in cisco ap to authorize windows xp client (PEAP
required).
Thanks for any idea.
Alan, dňa 21. júla 2006 ste napísali
Welli The problem is you still haven't exactly explained what you are trying
to do with radius. Are you assigning the IP addresses from pools on radius or
pools on the patton?
Assuming that radius is assigning the pools, you simply need to create 2 of
them. (Read the radiusd.conf the comments e
On 7/20/06, Thibault Le Meur <[EMAIL PROTECTED]> wrote:
Well isn't it a pb of rights ? Is the anonymous user able to search theopenldap directory for users entries ?Yes, the anonymous user is able to search.
What is the result of a simple "ldapsearch" with the same ldap filter.ldapsearch -x -b "dc
Original Message
Subject: IP Pool management
From:[EMAIL PROTECTED]
Date:Fri, July 21, 2006 10:16 am
To: freeradius-users@lists.freeradius.org
--
Hi,
I am
35 matches
Mail list logo