Thanks Stefan I thought it was like you said but wasn't sure. Now I'll try to find which part of the code do it 2006/7/21, Stefan Winter <
[EMAIL PROTECTED]>:Hi,> I've been watching the logs and my question is why localhost takes part in
> the process.Inner workings of FreeRADIUS. The "inner" authe
hi, all
I need some help from group.
I want to start free radius that only has EAP utilities.
no proxy,nothing else then diff.. eap types.
Which files can i take from free radius that i can independently use for
eap / wireless authentication.
In short my free-radius has only files replated to e
Elie Hani wrote:
Hi;
I want to bind the FreeRadius to the DHCP, is there a way to do that?
What do you mean?
Do you mean - I want FreeRadius to assign IPs, and DHCP to hand them
out? In which case, no there is no way to do that. You could *make*
something that did it, e.g. using ISC DHC
Hi all,
I'm new to this list. I have spent hours searching
Google but still cant not find the solution for my
problem so I decide it's time for the first post.
I follow instructions from
http://www.linuxjournal.com/article/8017 with the
following configuration (instead of WLAN, I'm going to
secur
What I mean is the following:
I have a patton RAS, when a dial up user connects to this server, he should
get a faked IP and he will be redirected to a site where he should enter all
the necessary information.
First of all, I have configured the FreeRadius and it's working great with
this RAS, bu
Hello everyone,
Guys please i need a help, I have my freebsd 6.1 internet gateway up and
running
We need to share this internet connection release based on auth and time.
Means. whoever will surf the web and he is on our LAN, a web (or whatever)
authintication
required for the user to browse
I am attempting to configure FreeRadius to use our LDAP directory for
authentication and have made the necessary modifications to radiusd.conf,
but get the following error when starting radiusd with:
# /usr/local/sbin/radiusd -X -A
--- start of text ---
...
...
radiusd: entering modules setup
Mo
Thai Duong <[EMAIL PROTECTED]> wrote:
> This setup never works as expected. WinXP kept
> complaining "Unable to join to the network". I could
> not figure out what was the problem. There were no
> clue in freeradiusd's logfile and ethereal's dumpfile.
Read the debug log to see what's going on.
"Elie Hani" <[EMAIL PROTECTED]> wrote:
> I have a patton RAS, when a dial up user connects to this server, he should
> get a faked IP and he will be redirected to a site where he should enter all
> the necessary information.
Sounds like a captive portal to me.
> So I have to configure a DHCP s
Hello,
I have installed Freeradius 1.1.2 in FreeBSD 6.0. Everything is running
well except log_badlogins script. When I run log_badlogins scripts it
gives me the error
ERROR: Date::Manip unable to determine TimeZone.
at /usr/local/lib/perl5/site_perl/5.8.7/Date/Manip.pm line 3635
Date
Roger Thomas <[EMAIL PROTECTED]> wrote:
> # ./configure
> creating cache ./config.cache
...
> checking for ldap_init in -lldap_r... no
That's why the LDAP module isn't building. There's some additional
dependency that the configure script isn't finding.
See if there's a "config.log" file in
Okay, thanks now it works quite well with the mschap module :-)
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Im Auftrag von Phil Mayers
Gesendet: Montag, 24. Juli 2006 12:28
An: FreeRadius users mailing list
Betreff: Re: AW: Since 2 Month noone any idea how
As a matter of fact, for the first login, the users will have an IP from a
certain pool X, once the informations are entered, and after redialing, the
users will get the new IP from the second pool Y.
All I want to know is if it's possible to bind the radius to a DHCP server,
if yes how it can be
Hi.
It's not compiling ok since you have:
configure: warning: silently not building rlm_ldap.
configure: warning: FAILURE: rlm_ldap requires: libldap_r.
If you have openladp well installed, try to put some environment variables into
the shell before running configure or use:
./configure --wi
unsubscribe
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely
for the use of the addressee(s). If you are not the intended recipient, please
notify the sender by e-mail and delete the original message.Global Edge
Software Ltd has taken every reasonable precaution to
Hi Alan,
--- Alan DeKok <[EMAIL PROTECTED]> wrote:
>
> Read the debug log to see what's going on.
>
> You *do* have the Microsoft OID's in the
> certificates?
>
> Alan DeKok.
yes of course. I follow the instruction from
http://www.linuxjournal.com/node/8095/print to
generate certificate
Hello,
I'm trying to setup a System to authenticate WLAN users via EAP-TTLS with
md5 crypted passwords, stored in a sql database.
I'm using MySQL as the Backend and it works great when the passwords are
stored in cleartext or UNIX crypt. When i convert the password from crypt to
md5 and change pa
Sorry Alan, didn't mean to be antagonistic. Your were dead on about the solution.thx
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Quoting Alan DeKok <[EMAIL PROTECTED]>:
> That's why the LDAP module isn't building. There's some
> additional
> dependency that the configure script isn't finding.
>
> See if there's a "config.log" file in src/modules/rlm_ldap. If
> so,
> it should say what went wrong.
>
> Alan DeKok.
On Tue, Jul 25, 2006 at 05:13:41PM +0800, Roger Thomas said:
> # ls -l /usr/local/lib/libldap_r*
> lrwxrwxrwx1 root root 22 Jul 26 2004
> /usr/local/lib/libldap_r-2.2.so.7 -> libldap_r-2.2.so.7.0.6
> -rw-r--r--1 root root 2255178 Jul 26 2004
> /usr/local/lib/libld
Hi folks,
I noticed in the included raddb/proxy.conf file, the post_proxy_authorize
option notes that it's "deprecated and will be removed in the future". I'm
using that feature right now, so I'd like to find out if there's a better way
to handle the authorization step, or else if this option
Dear all,
does anyone here use *bubua with Freeradius?
I notice that when *bubua want to get the
Session-Timeout values, *bubua will send the following message to radius
servers(Here I use Freeradius):
rad_recv: Access-Request packet from host 59.64.180.238:33150,
id=57, length=
On Tue, 25 Jul 2006 at 13:46 (+0200), Elie Hani wrote:
EH> As a matter of fact, for the first login, the users will have an IP from a
EH> certain pool X, once the informations are entered, and after redialing, the
EH> users will get the new IP from the second pool Y.
EH>
EH> All I want to know is
Thai Duong <[EMAIL PROTECTED]> wrote:
> - The server replied with a Access-Challenge and then
> went to sleep.
That is exactly what happens when the certificate doesn't have the
proper OID's.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
"Christian Poessinger" <[EMAIL PROTECTED]> wrote:
> As I have to use the SQL attribute field with 'Crypt-Password' in it
Why? Why not just change that?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Roger Thomas <[EMAIL PROTECTED]> wrote:
> The following is output from config.log; it's about 200 lines. Sorry.
It's not linking with -lber for some reason. I think you have an
older version of LDAP. I know the server *used* to try -lber, too,
but that caused problems...
Try:
$ LIBS=-lber
Geoff Silver <[EMAIL PROTECTED]> wrote:
> I noticed in the included raddb/proxy.conf file, the
> post_proxy_authorize option notes that it's "deprecated and will be
> removed in the future". I'm using that feature right now, so I'd
> like to find out if there's a better way to handle the authoriza
[EMAIL PROTECTED] wrote:
> "Christian Poessinger" <[EMAIL PROTECTED]> wrote:
>> As I have to use the SQL attribute field with 'Crypt-Password' in it
>
> Why? Why not just change that?
>
> Alan DeKok.
Well, changing it to MD5-Password results in
-
rlm_sql (sql): No matching en
Hi Alan,
--- Alan DeKok <[EMAIL PROTECTED]> wrote:
>
> That is exactly what happens when the certificate
> doesn't have the
> proper OID's.
>
> Alan DeKok.
I can be sure the client certificate has the Enhanced
Key Usage showing Client Authentication
(1.3.6.1.5.5.7.3.2). I have no way to ve
Hi,
> My question is how to make the radius server accept the request which do
> not contain the password and reply the Session-Timeout to the *b2bua?
I have not the faintest idea about *b2bua (WTF?) but if you just want to
accept everyone without any checks for your *b2bua NASes, you can achiev
Okay,this morning i was happy that the xlat functions works now well and
changes host/Name to Name$ for example. The String host/Mane is only given
if a machine authenticates with the machine certificate. In my setup first
the computer authenticates and the after logon to the domain the user
authen
"Christian Poessinger" <[EMAIL PROTECTED]> wrote:
> Well, changing it to MD5-Password results in
In 1.1.x, use "User-Password"
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thai Duong <[EMAIL PROTECTED]> wrote:
> I can be sure the client certificate has the Enhanced
> Key Usage showing Client Authentication
> (1.3.6.1.5.5.7.3.2). I have no way to verify whether
> the server certificate contains proper OID
OpenSSL? It displays information about the certificate.
>
[EMAIL PROTECTED]
wrote:
> "Christian Poessinger" <[EMAIL PROTECTED]> wrote:
>> Well, changing it to MD5-Password results in
>
> In 1.1.x, use "User-Password"
Changed the content of the SQL Attribute field to 'User-Password' but I
still
get the same error.
---
modcall: leaving group auth
Hello to all, I am encountering a problem when I start
my radius server:
radiusd -X
Failed to link to module 'rlm_ldap': liblber-2.3.so.0:
cannot open shared object file: No such file or
directory
when I ldd rlm_ldap I receive the following:
linux-gate.so.1 => (0xe000)
libradius-1
Hello,
I'm new to freeradius and open source in general, so please bear with
me. I'm having a problem with the rlm_eap_tls.so module not compiling,
or installing, depending on whether I'm compiling from source, or
apt-geting the package. The complaint is that Openssl is missing,
however I h
"Lyle Tollefsen" <[EMAIL PROTECTED]> wrote:
> debian:/usr/src/freeradius-1.1.2/src/modules/rlm_eap/types/rlm_eap_tls#
> ./configure
Don't run "configure" from a sub-directory.
And since you're on debian, you can build the server using the
debian packaging scripts in the top-level "debian" di
Alright...I figured it out...I ran ldconfig and then
the missing file liblber was linked to rlm_ldap.
Hooray for beer
--- Damon McDougald <[EMAIL PROTECTED]> wrote:
> Hello to all, I am encountering a problem when I
> start
> my radius server:
> radiusd -X
>
> Failed to link to module 'rlm_
Damon McDougald <[EMAIL PROTECTED]> wrote:
> liblber-2.3.so.0 => not found
Your dynamic linker can't find that library. Update it's
configuration so that it can find the LDAP libraries, wherever you
installed them.
> Here is what I used to compile openldap:
> ./confiugre --disable-slap
"Christian Poessinger" <[EMAIL PROTECTED]> wrote:
> Changed the content of the SQL Attribute field to 'User-Password' but I
> still get the same error.
>
> ---
> modcall: leaving group authorize (returns ok) for request 4
> rad_check_password: Found Auth-Type PAP
> auth: type "PAP"
> Proc
[EMAIL PROTECTED]
wrote:
>
> Please read the EARLIER messages in the debug log. It's obvious
> that the password was NOT read from SQL, so authentication will not
> work.
>
> Get the server to read the password from SQL. Debug log WILL SAY
> when the appropriate user entry is matched.
>
Allan,
My guess is you were refering to the options pasted below. Do I simply
run "./configure --build=debian" ? They are a tad cryptic.
Host type:
--build=BUILD configure for building on BUILD [BUILD=HOST]
--host=HOST configure for HOST [guessed]
--target=TARGET
"Lyle Tollefsen" <[EMAIL PROTECTED]> wrote:
> My guess is you were refering to the options pasted below. Do I simply
> run "./configure --build=debian"
No. I mean there is a directory called "debian" included with the server.
That directory contains scripts to build a debian package of Fre
I have a new email address: [EMAIL PROTECTED]
And a new web site: http://deployingradius.com
There isn't much content there now (a blog), but it's pretty. I
plan on adding more content over time, including chapter exerpts, etc.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://
Oh, my have another question about Freeradius.
I see when the Freeradius receives whatever a request, Freeradius will
execute ONE SQL statement which is defined in the sql.conf.
My question is how to make Freeradius to execute TOW OR MORE SQL statement
when Freeradius receives a request.
I am ne
Thanks for your reply. I now know how to do it.
PS: *b2bua is short for Asterisk+b2bua. It is a prepaid billing solution for
VoIP system.
-Original Message-
From: Stefan Winter [mailto:[EMAIL PROTECTED]
Sent: 2006年7月26日 1:03
To: FreeRadius users mailing list
Subject: Re: How to reply Ses
I received warnings about the unavailability of mysql libraries when I ran
configure with
-- start of text ---
...
...
configure: warning: mysql libraries not found. Use --with-mysql-lib-dir=.
configure: warning: sql submodule 'mysql' disabled
configure: warning: silently not building rlm_sql_pos
王世彦 wrote:
> Oh, my have another question about Freeradius.
>
> I see when the Freeradius receives whatever a request, Freeradius will
> execute ONE SQL statement which is defined in the sql.conf.
>
> My question is how to make Freeradius to execute TOW OR MORE SQL statement
> when Freeradius rec
I have compiled and install freeradius but when I ran
# /usr/local/sbin/radiusd -X -A
I got these error messages:
...
...
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/usr/local
Thanks Michal,I will try this one, but still one more thing. To for the
Freeradius to talk to the DHCP, there's a place where I should configure the
DHCP's address. Where should I configure the DHCP address on the radius so
the last one will use the DHCP's Ips.
Thanks
Elie
-Original Message
50 matches
Mail list logo
