On 8/25/06, Nick Larsen <[EMAIL PROTECTED]> wrote:
tls: certificate_file = "(null)"
You have to fill in this information. See the comment in eap.conf
above the pertinent line.
regards
K. Hoercher
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Subscribers,I'm currently setting up a wireless hotspot for a cafe, and am currently stuck with the EAP part in FreeRADIUS.I'm running "FreeRADIUS Version 1.1.1" on FreeBSD`uname -a` output:
FreeBSD radius02.01.net.nz 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Wed Nov 2 22:33:15 UTC 2005 [EMAIL P
On Thu, Aug 24, 2006 at 01:49:21PM -0400, Alan DeKok said:
> "Michael Check" <[EMAIL PROTECTED]> wrote:
> > In terms of accessing binaries or libs, would it have anything to do
> > with permissions? Is that possible?
>
> No. And it's annoying as hell, because the modules *can* use the
> radlog
> -Original Message-
> > --nt-response=%{mschap:NT-Response)"
> ^^^ You seem to have
> the wrong variety of bracket here!?? This may be the reason
> --nt-response is being set to nul, and hence the above error.
Score one for the eagle eyed gentl
Ok, I now have 1.1.3 working great.
However, my log files now have an extra (and repeated) error message
Thu Aug 24 16:50:33 2006 : Error: TLS_accept:error in SSLv3 read
client certificate A
Thu Aug 24 16:50:33 2006 : Error: rlm_eap: SSL error
error::lib(0):func(0):reason(0)
Thu Aug 2
On 24 Aug 2006, at 21:24, King, Michael wrote:
I'm building a new radius server. I'm copying an existing one.
I'm getting the following error from freeRADIUS when I run it -x
(FreeRADIUS 1.1.3)
Exec-Program: /usr/bin/ntlm_auth --request-nt-key --username=mking
--challenge=46b51a98d607a3a9 --
I followed the info in the Mac OS Read Me file, which is included in
the Docs folder I believe. I uncommented the references to rlm_eap
and rlm_sql, but see the Doc for more info on how to do that and where.
/L
Den 24/08/2006 kl. 17.04 skrev Michael Check:
On 8/24/06, Lasse <[EMAIL PROTEC
On 24 Aug 2006, at 21:53, King, Michael wrote:
Ok, I now have 1.1.3 working great.
However, my log files now have an extra (and repeated) error message
Thu Aug 24 16:50:33 2006 : Error: TLS_accept:error in SSLv3 read
client certificate A
Thu Aug 24 16:50:33 2006 : Error: rlm_eap: SSL erro
On 22/08/06, Alan DeKok <[EMAIL PROTECTED]> wrote:
i.e. put the attributes into perl hashes, and then make those perlhashes definitive for the new values of the attributes. This wouldinvolve throwing away the previous attributes entirely. So you wouldhave to be *very* careful about modifying th
I'm building a new radius server. I'm copying an existing one.
I'm getting the following error from freeRADIUS when I run it -x
(FreeRADIUS 1.1.3)
Exec-Program: /usr/bin/ntlm_auth --request-nt-key --username=mking
--challenge=46b51a98d607a3a9 --nt-response=
hex decode of failed! (only got 0 byt
James J J Hooper <[EMAIL PROTECTED]> wrote:
>* Write SSL errors to log file, rather than stderr.
>This closes bug #347.
>
> Which may explain the extra lines.
Yes.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/
Roberto Greiner <[EMAIL PROTECTED]> wrote:
> I need some basic info like how to configure linux to authenticate (and
> account) ssh users with radius, but I couldn't find a guide about it
See the SSH documentation. If it doesn't say it does RADIUS, then
it would appear that it doesn't do RADIUS
Fabio Pedretti <[EMAIL PROTECTED]> wrote:
> I have just upgraded to 1.1.3, but I get again the same error.
I thought I had fixed that in 1.1.3. Dang. I'll look into it.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
"Andrew" <[EMAIL PROTECTED]> wrote:
> Hi, I am trying to use wpa_supplicant with freeradius server. I am
> using FreeRadius server version 1.1.2. I read a wpa_supplicant
> document saying the FreeRadius server does not send MSChap-Success
> message at the end of a successful TTLS/MSCHAPV2 authenti
"=?ISO-8859-1?Q?Szabolcs_G=E9czi?=" <[EMAIL PROTECTED]> wrote:
> the relevant part of users.conf:
>
> "username" Auth-Type := EAP, User-Password == "password"
>
> Tunnel-Type:0 = VLAN,
> Tunnel-Medium-Type:0 = IEEE-802,
> Tunnel-Private-Group-Id:0 = 12
>
> what do I wrong?
1) It's not "users
"Michael Check" <[EMAIL PROTECTED]> wrote:
> In terms of accessing binaries or libs, would it have anything to do
> with permissions? Is that possible?
No. And it's annoying as hell, because the modules *can* use the
radlog() function, which is in the server core. But they can't seem
to use t
Me too.
I have also built a report generator, into the management system I
built.
I can provide snippets, but not the whole source until I get
authorization.
Here is a little snippet that allows the PHP output to be
automatically opened in a spreadsheet :
---begin---
// $output cont
"Hasan Ovuc" <[EMAIL PROTECTED]> wrote:
> Also, as another example, I've started the radius server with -X flag
> and got the following lines on the screen, and couldnt get an answer
> when I tried 1.3.6.1.4.1.3317.1.3.1, 1.3.6.1.2.1.67.1.1.1.1 or
> 1.3.6.1.2.1.67.2.1.1.1 :
What "following lines
"Fitzner Daniel" <[EMAIL PROTECTED]> wrote:
> All authentication requests are denied by the Freeradius-Server. It
> seems that Freeradius cannot read/decrypt the password sended by the
> IAS, because in logfile the password is like "\226\231\."=20
Run the server in debugging mode. It will t
"Elie Hani" <[EMAIL PROTECTED]> wrote:
> I ran the debug and I got no errors
Thare may be warnings about IP pools. Look for anything related to
pools.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subsc
"Velusamy, Vinodh" <[EMAIL PROTECTED]> wrote:
> modcall: entering group authenticate for request 1
> rlm_unix: [EMAIL PROTECTED]: invalid password
That would appear to be definitive, wouldn't it?
The question marks are only for the log messages. The username and
password send to rlm_unix are
"Marwan Sultan" <[EMAIL PROTECTED]> wrote:
> I checked the radcheck in mysql i found Simultaneous-Use =1
> (which is created by phpmyprepaid)
> but its not working ??
Is the server receiving accounting packets?
Alan DeKok.
--
http://deployingradius.com - The web site of the book
htt
I've also created a report generator - but mine does not require you to
input the IP address. It just authenticates the user, asks for the month
they want to display, and if they want a summary report or a detailed
report. It is actually an old ICRadius script (written in PHP) that I found
and mo
"Elizabeth Murray" <[EMAIL PROTECTED]> wrote:
> I've been trying to download your latest and greatest. The link is not
> working. Error message is
The link on the main web page works. I've just updated the link on
the "getting.html" page.
Alan DeKok.
--
http://deployingradius.com
--On Thursday, August 24, 2006 10:23:14 -0500 Elizabeth Murray
<[EMAIL PROTECTED]> wrote:
I've been trying to download your latest and greatest. The link is not
working. Error message is
550 /pub/radius/freeradius-1.1.2.tar.gz: No such file or directory
The same is true for the PGP Signa
On 8/24/06, Lasse <[EMAIL PROTECTED]> wrote:
I can't say for sure what the problem is, but 1.0.5 is the last one I
have been able to get running on Mac OS X.
Thanks Lasse, can you tell me a bit about your environment in which it
worked? (OSX version, DeveloperTools version, platform, etc.) D
"V.Kukushkin" <[EMAIL PROTECTED]> wrote:
> I want to disable login users with empty passwords
> So, the entry in my "users" file is:
> -
> DEFAULT User-Password !~ "^$"
Why use regular expressions? Why not just
DEFAULT User-Password == "", Auth-Type := Reject
"Ami Schieber" <[EMAIL PROTECTED]> wrote:
> Thanks for the pointers. All examples discuss unix groups and I need to
> avoid using those.
The examples I pointed you to do NOT discuss Unix groups. Go read
"man rlm_passwd".
Alan DeKok.
--
http://deployingradius.com - The web site of the
Hi,
I need a few tips onto radius authenticated ssh
I need some basic info like how to configure linux to authenticate (and
account) ssh users with radius, but I couldn't find a guide about it. I
have some experience both with Linux and freeradius, but not in using
them like I explained. Could so
I've been trying to download your latest and greatest. The link is not
working. Error message is
550 /pub/radius/freeradius-1.1.2.tar.gz: No such file or directory
The same is true for the PGP Signature
V. Elizabeth Murray, CNE5, CNE6, MCP
Information Technology Specialist V
Information Tec
I have just upgraded to 1.1.3, but I get again the same error.
Fabio
"Fabio" wrote:
Install 1.1.2.
Alan DeKok.
My previous message (Thu Jun 1 15:21:59 CEST 2006):
Hi,
I am using freeradius 1.0.5, configured so that when a user fails the
password for X times, a mail is sent to a sysadmi
I can't say for sure what the problem is, but 1.0.5 is the last one I
have been able to get running on Mac OS X.
/L
Den 24/08/2006 kl. 15.51 skrev Stephen Gran:
On Thu, Aug 24, 2006 at 09:02:43AM -0500, Michael Check said:
On 8/23/06, Stephen Gran <[EMAIL PROTECTED]> wrote:
I _think_ that
Hi, I am trying to use wpa_supplicant with freeradius server. I am
using
FreeRadius server version 1.1.2. I read a wpa_supplicant document
saying
the FreeRadius server does not send MSChap-Success message at the end
of
a successful TTLS/MSCHAPV2 authentication. It only sends EAP-Success.
Is
On Thu, Aug 24, 2006 at 09:02:43AM -0500, Michael Check said:
> On 8/23/06, Stephen Gran <[EMAIL PROTECTED]> wrote:
> >I _think_ that it blows up in rlm_exec because it's the first module
> >that uses a symbol from the radiusd binary (as opposed to a library).
> >I also think this has something to
Hello,I have installed freeradius (1.1.2) on freebsd and would like to use for authorizing ieee-802.1x request coming from hp 2524 switch.But fails to start correctly.radiusd -sfxxyz -l stdout result:
/usr/local/etc/raddb/users[217]: Parse error (check) for entry Tunnel-Type:0: expecting '='Errors
On 8/23/06, Stephen Gran <[EMAIL PROTECTED]> wrote:
I _think_ that it blows up in rlm_exec because it's the first module
that uses a symbol from the radiusd binary (as opposed to a library).
I also think this has something to do with the mystery that is OS X's
linker namespaces. Beyond that, I'm
You have to modify
src/modules/rlm_sql/conf.h
src/modules/rlm_sql/rlm_sql.c
src/modules/rlm_sql/drivers/rlm_sql_mysql/sql_mysql.c
/etc/raddb/sql.conf
.. and forget about RFC :-)
--
regards,
Vladimir
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Allan,
I understand from the mail archive and the source code that
i need to use the paircreate and pairadd functions to add
the value pairs to the radius packet and use the Rad_send
library call to send the accounting packets.
Can i use the above approach to send the accounting response
I World like to have a copy too.
Carlos Rosero S.
Programmer / IT
www.uaa.edu
787-834-9595 x2203
[EMAIL PROTECTED]
CONFIDENTIALITY NOTICE:
The information contained in this e-mail message, including any attachments,
is for the sole use of the intended recipient(s). It is covered by the
Electro
Hi everyone, I'm trying to configure mysql to work together with the freeradius but I'm getting the following error show below, can someone help me to resolve this issue, thanks in advance. rlm_sql (sql): Could not link driver rlm_sql_mysql: rlm_sql_mysql.so: cannot open shared object file: No
hey Phil, hey list,
Phil Mayers sagte:
> Michael Messner wrote:
>>> Use the "ldap" module to query AD and add attributes to the reply
>>> dynamically. For example:
>>>
>>> DEFAULTLdap-Group == "cn=students,dc=domain,dc=com"
>>> Filter-Id = "Enterasys:version=1:mgmt=su:policy=userrole"
>>>
- I copied all mib directory into /usr/share/snmp/mibs/ and added the
following lines to my original snmpd.conf :
dlmod /usr/share/snmp/mibs/RADIUS-ACC-SERVER-MIB.txt
dlmod /usr/share/snmp/mibs/RADIUS-AUTH-SERVER-MIB.txt
dlmod /usr/share/snmp/mibs/GNOME-PRODUCT-RADIUSD-MIB
dlmod /usr/share/snmp/
"cftest"
User-Password = "1234567890"
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Identifier = "r"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: modu
> hi> yes i want to use freeradius to authenticate and authorize logins for> our servers, switches, DBs,,> but i have only one linux server which will be free> radius server and all the servers and the PCs are windows, the switches
> and routers are D-link and Nortell.>
On 8/24/06, Peter Nixon <[E
FreeBSD 6.1 with FR 1.1.2
I'm trying to detect user that has attribute Service=REAL and search through
different LDAP tree as below config in users file.
The problem happened when both tree (DIALUP & LDAP) has user's entry with
same uid. So although first DEFAULT entry is not match when searc
how can I write in my db which pages are watched by a user?thank
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
It is working good without the sql backend.
I assume you are right there is a problem about sql driver.
I am searching it.
Tesekkurler...
> -Original Message-
> From:
> [EMAIL PROTECTED]
> radius.org
> [mailto:[EMAIL PROTECTED]
> sts.freeradius.org] On Behalf Of Peter Nixon
> Sent:
Alan,
Thanks for the pointers. All examples discuss unix groups and I need to avoid using those.
Can I create a file with several definitions like :
Finance = userA,userB,userC
Engineering = diffuserA,diffuserB,diffuserC
and somewhere else have another definition like:
Finance:
Reply-Messag
Title: IAS acting as Proxy
Hi folks,
we have the following scenario:
Radius-Client (Checkpoint-Firewall NGX) -> IAS-Agent (Windows 2K3) acting as Proxy -> Freeradius-Server (1.0.2)
All authentication requests are denied by the Freeradius-Server. It seems that Freeradius cannot read/decr
Hi all;
I have configured the ippools and the Radius is working great with no
errors, but when I perform the dial up test, I couldn't get the IPs
pre-configured in the radiusd.conf;
Since I am using a Patton RAS, could it be the problem? Or do I have
something missing in the config?
I ran the de
Michael Messner wrote:
Use the "ldap" module to query AD and add attributes to the reply
dynamically. For example:
DEFAULTLdap-Group == "cn=students,dc=domain,dc=com"
Filter-Id = "Enterasys:version=1:mgmt=su:policy=userrole"
...or similar.
thanks for your help, now I have configured t
On Thu 24 Aug 2006 11:07, affora deeb wrote:
> please would u help me to set up free radius step by step on linux and the
> confiuration as soon as possible
There is plenty of documentation, and you may ask "specific" questions on the
mailing list. If that is not enough for you then I suggest you
The filesystem you choose should not affect radiusd in anything but filesystem
performance. Maybe there is a problem with your sql drivers. Does radiusd
start ok if you disable the sql backend?
Regards
Peter
On Wed 23 Aug 2006 17:10, Hasan Ovuc wrote:
> I believe to solve my problem. I install
please would u help me to set up free radius step by step on linux and the confiuration as soon as possible
On 8/22/06, Nathan L. Cable <[EMAIL PROTECTED]> wrote:
Thank you very much for that! That was exactly the solution I was lookingfor. Now, I only have one instance of mschap, and the physica
Hi,
> I have installed up and running FreeRADIUS Version 1.0.2. The server is an
> Intel Pentium 4 Xeon 3.0 Ghz, 1GB DDR, HDD 120 SATA.
1.0.2? that would be a very old version. are you sure you
didnt mean 1.1.2 ?
> I need know how many ATPS (attemps per seconds) or haw many minutes per
> month
Hi Alan,
Ok maybe it wasn't clear enough. We have a web-application running on
Apache/tomcat and the client used for authentication is the mod_auth_radius
module. We want to test that there are no problems with users having special
characters, hence the garbage like username/password. We have a
i'd like to have a cope
On 8/24/06, Elie Hani <[EMAIL PROTECTED]> wrote:
I'd like to have a copy too.-Original Message-From: freeradius-users-bounces+ehani=
[EMAIL PROTECTED][mailto:[EMAIL PROTECTED]] OnBehalf Of Geoff Dornan
Sent: Thursday, August 24, 2006 8:53 AMTo: FreeRadius users mai
I'd like to have a copy too.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Geoff Dornan
Sent: Thursday, August 24, 2006 8:53 AM
To: FreeRadius users mailing list
Subject: RE: Report Generator
Yes that sounds great Sean, please make available
-Origi
Yes that sounds great Sean, please make available
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
org] On Behalf Of Sean
Sent: Wednesday, August 23, 2006 9:58 PM
To: freeradius-users@lists.freeradius.org
Subject: Report Generator
Hi,
Ive written a report generator in
59 matches
Mail list logo
