how to make freeradius support RFC 3576 ?

2006-10-03 Thread zengkh
- Original Message - From: zengkh To: freeradius-users@lists.freeradius.org Sent: Tuesday, October 03, 2006 3:44 PM Subject: how to make freeradius support RFC 3576 ? i have a question about howto makefreeradiussupport RFC 3576 - Dynamic Authorization Extensions to

Re: multiple MAC in calling-station-id

2006-10-03 Thread Collen Blijenberg
Hmm, yes that i did and worked like a charm, now the problem continues... i updated my radius from users file to the mysql backend..! it some what works, but there are problems with duplicate users... in the mysql table 'radcheck' i have entered the following: UserName Attribute

Accepting any login attempt

2006-10-03 Thread John Williams
I need our radius servers to accept any login attempt regardless of what the username is or the password. Is there a way of doing this? I know I can set our radius to accept any password sent but the user has to exist. We are taking over the users from a company that has gone bust.

Problem With Make

2006-10-03 Thread Abel Monzon
Hi List... I still have problem at the time to Make: this is the last's line: server:~/freeradius-1.1.3# make. -rpath /usr/local/lib rlm_perl.lo rlm_perl.c /root/freeradius-1.1.3/src/lib/libradius.la \`perl -MExtUtils::Embed -e ldopts` -lnsl -lresolv -lpthread *** Warning: Linking

WPA problem

2006-10-03 Thread Giuseppina Venezia
Hello all, I've chillispot + freeradius (with openldap), with chillispot in proxy mode. I use WPA Enterprise and when I try to connect a client using WPA the client can't connect but apparently freeradius give no error. (without WPA all work perfectly). I attach you full log of freeradius and

Re: how to make freeradius support RFC 3576 ?

2006-10-03 Thread Alan DeKok
zengkh [EMAIL PROTECTED] wrote: i have a question about how to make freeradius support RFC 3576 - Dynamic Authorization Extensions to Remote Authentication Dial In User Service , thanks. BS: I can not write code to implement. http://www.freeradius.org/business/ Alan DeKok. --

Re: Accepting any login attempt

2006-10-03 Thread Alan DeKok
John Williams [EMAIL PROTECTED] wrote: I need our radius servers to accept any login attempt regardless of what the username is or the password. Is there a way of doing this? Auth-Type := Accept. But it won't work for MS-CHAP or wireless authentication. I know I can set our radius to

Switch dies

2006-10-03 Thread Jack Daniels
Hello everyone, just a dumb question. My switch is configured for vmps and freeradius and I'm playing with dynamic assignation of vlans. Vmps, when instructs the switch to place a client in a determined vlan, if that vlan doesn't exist in the switch, the switch just blocks access and

Re: WPA problem

2006-10-03 Thread Alan DeKok
Giuseppina Venezia [EMAIL PROTECTED] wrote: I attach you full log of freeradius and chillispot, Is it really that hard to read the logs? chilli.c: 2547: 0 (Success) Received packet with spoofed source!!! radius.c: 1608: 0 (Success) Received unknown radius packet 11!chilli.c: 3267: 0

Design question

2006-10-03 Thread Torkel Mathisen
Hi We have a very simple freeradius setup today. We use freeradius 1.0.5 with PEAP/MS-CHAPv2 and users file. My boss has asked be about making this configuration a bit more flexible and easier to admin. He also wants some new features. The keywords are hotspot, web-frontend and possibly

Re: how to make freeradius support RFC 3576 ?

2006-10-03 Thread Peter Nixon
i have a question about how to make freeradius support RFC 3576 - Dynamic Authorization Extensions to Remote Authentication Dial In User Service , thanks. BS: I can not write code to implement. Which features do you need? How soon? And what is your budget? Cheers -- Peter Nixon

Re: WPA problem

2006-10-03 Thread Giuseppina Venezia
2006/10/3, Alan DeKok [EMAIL PROTECTED]: Is it really that hard to read the logs? chilli.c: 2547: 0 (Success) Received packet with spoofed source!!! radius.c: 1608: 0 (Success) Received unknown radius packet 11!chilli.c: 3267: 0 (Success) radius_proxy_ind() failed!chilli.c: 2544: 0

Re: Switch dies

2006-10-03 Thread Peter Nixon
On Tue 03 Oct 2006 17:01, Jack Daniels wrote: Hello everyone, just a dumb question. My switch is configured for vmps and freeradius and I'm playing with dynamic assignation of vlans. Vmps, when instructs the switch to place a client in a determined vlan, if that vlan doesn't exist in the

Re: Design question

2006-10-03 Thread Jan Mulders
Perhaps a simpler method of doing 'smartcards' like you're referring to is to make single-use username/passwords printed on small cards (which can be done within chillispot I believe), which the consultants just pick up from reception, enter in the details, and get a prepaid hour or whatever.

RE: Accepting any login attempt

2006-10-03 Thread John Williams
I need our radius servers to accept any login attempt regardless of what the username is or the password. Is there a way of doing this? Auth-Type := Accept. But it won't work for MS-CHAP or wireless authentication. That’s going to be a bummer since near enough all users are

Re: Accepting any login attempt

2006-10-03 Thread William
On Tuesday 03 October 2006 09:18, John Williams wrote: I need our radius servers to accept any login attempt regardless of what the username is or the password. Is there a way of doing this? Yes. You can set a line in your users file like this: DEFAULT Auth-Type := Accept If you also have

Re: WPA problem

2006-10-03 Thread Alan DeKok
Giuseppina Venezia [EMAIL PROTECTED] wrote: I've read the log, but i didn't understand the source of the problem. Can you suggest me any solutions? http://wiki.freeradius.org/FAQ#The_NAS_seems_to_ignore_the_reply_of_the_radius_server Alan DeKok. -- http://deployingradius.com - The

Re: Accepting any login attempt

2006-10-03 Thread Alan DeKok
John Williams [EMAIL PROTECTED] wrote: That's going to be a bummer since near enough all users are going to be using MS-CHAP. I guess there isn't anyway of doing it then.. No. MS-CHAP requires that the server know the password. Alan DeKok. -- http://deployingradius.com - The web

UPDATED: dumb humble question about sqlippool

2006-10-03 Thread Guilherme Franco
Hello, I've installed Postgres with exactly the same configuration as Oracle's and Postgres works. The only point of failure using Oracle should be in radippool Framedipaddress which is VARCHAR in Oracle but is INET in Postgres. Could be a parsing error in rlm_sqlippool.c That's because xlat

Re: Accepting any login attempt

2006-10-03 Thread Peter Nixon
On Tue 03 Oct 2006 18:45, William wrote: On Tuesday 03 October 2006 09:18, John Williams wrote: I need our radius servers to accept any login attempt regardless of what the username is or the password. Is there a way of doing this? Yes. You can set a line in your users file like this:

Re: WPA problem

2006-10-03 Thread Giuseppina Venezia
Hi Alan, i've read the FAQ and i've launched freeradius with -i parameter with the IP (192.168.181.1) of the server where radius is running. But chilli still give the same error. http://wiki.freeradius.org/FAQ#The_NAS_seems_to_ignore_the_reply_of_the_radius_server Alan DeKok. --

Re: UPDATED: dumb humble question about sqlippool

2006-10-03 Thread Peter Nixon
On Tue 03 Oct 2006 19:29, Guilherme Franco wrote: Hello, I've installed Postgres with exactly the same configuration as Oracle's and Postgres works. Good. The only point of failure using Oracle should be in radippool Framedipaddress which is VARCHAR in Oracle but is INET in Postgres.

Re: UPDATED: dumb humble question about sqlippool

2006-10-03 Thread Guilherme Franco
Mr. Peter, Thanks, I was using sql_instance2{...} instead of sql sql_instance2{...} :) Everything is working nice now with this hybrid oracle/postgresql except when I'm proxying and sqlippool won't set an IP because of 255.255.255.254 answer from the proxy server. As we talked earlier,

Re: UPDATED: dumb humble question about sqlippool

2006-10-03 Thread Guilherme Franco
Nevermind the proxy issue, I've managed to circumvent it using attrs file Thanks On 10/3/06, Guilherme Franco [EMAIL PROTECTED] wrote: Mr. Peter, Thanks, I was using sql_instance2{...} instead of sql sql_instance2{...} :) Everything is working nice now with this hybrid oracle/postgresql

Re: only work with 5 users or clients

2006-10-03 Thread Tom Miller
Thank you so much for respond to my issues. I think you are right. I am missing something on the Cisco 7204 but I don't now what it is. I have captured debug log files from both radius and Cisco. Please let me know if you want me to post them. *Here is what I have for our cisco

Re: only work with 5 users or clients

2006-10-03 Thread Tom Miller
Here is a more details list of aaa for my Cisco 7204 configuration: aaa new-model aaa authentication login default local aaa authentication login console enable aaa authentication login telnet line aaa authentication login localauth local aaa authentication ppp default group radius local aaa

Re: only work with 5 users or clients

2006-10-03 Thread James Wakefield
Hi Tom, I see nothing that should cause the behaviour you're seeing, though bear in mind I'm not a VPDN expert. Could you post: * An Access-Request packet logged when your setup is working * The Access-Accept packet that corresponds with the above Access-Request * An Access-Request packet