Hi Everyone,I want to check an attribute against multiple value. But I couldn't do that. I'm using mysql with freeradius. I want my users belonging to Surfing group to have access from 9pm to 9am but on saturday they could access till 12pm.
The radgroupcheck able has following entries:-
Hi group,
I'm trying to figure out optimal configuration for our radius-proxy
farm. atm the farm is handling about 10-15 req/sec per device with the
following config (two servers, load-balanced using an slb)
thread pool {
start_servers = 20
max_servers = 120
min_spare_server
Hi,
I was wondering if there any Swiss based sysadmins or developers
listening; I be interested in a physical meeting (BE,ZH,LS or GE) to
exchange 802.1x experience and ideas. [I speak DE/FR too if that helps]
Thanks in advance,
Sean Boran
[s e a n AT b o r a n. c o m]
-
List info/subscrib
> you are saying that it is possible to put the "exec" module into this
> stage?
Well, under the heading "I'd rather teach you to fish than give you
a fish", you can determine this by looking at the source. If you
look at the bottom of src/modules/rlm_exec.c, you'll find:
module_t rlm_exec = {
On 10/27/06, Garber, Neal <[EMAIL PROTECTED]> wrote:
> Is there a way to execute a script with the original request
> attributes at the time of successul receipt of authentication reply
> from a home server when FreeRADIUS is used as a proxy? We require to
> execute an auxilary action on success
> Is there a way to execute a script with the original request
> attributes at the time of successul receipt of authentication reply
> from a home server when FreeRADIUS is used as a proxy? We require to
> execute an auxilary action on successful authentication, but currently
> have only found way
> -Original Message-> But while using radtest tool with the same logon credentials> as above it rejects the user and here is the log message.Please paste the entire debug log. It looks like you missed a few bits
in the cut and paste.
Mike,
Here is the entire debug log. In the users file
Thanks for your time Alan, i'll look again upon all this stuff!Alan DeKok <[EMAIL PROTECTED]> wrote: Vasea Marii <[EMAIL PROTECTED]>wrote:> Actually the situation is a little bit more complicated! The route> is send as you said in Access-Accept but because there are more than> one possible route a
Dear list,
Is there a way to execute a script with the original request
attributes at the time of successul receipt of authentication reply
from a home server when FreeRADIUS is used as a proxy? We require to
execute an auxilary action on successful authentication, but currently
have only found
Message: 2Date: Fri, 27 Oct 2006 09:22:39 +0100From: [EMAIL PROTECTED]Subject: Re: FR with AD authentication not working
To: FreeRadius users mailing list Message-ID: <
[EMAIL PROTECTED]>Content-Type: text/plain; charset=us-asciihi,remove the System auth
Nataniel Klug <[EMAIL PROTECTED]> wrote:
> I am having a problem: sometimes my freeradius
> get a little crazy and close some connections and other times it just
> says that the client is still connected and block the client to use
> (becouse of max login set to 1) like in this two situatios:
Vasea Marii <[EMAIL PROTECTED]> wrote:
> Actually the situation is a little bit more complicated! The route
> is send as you said in Access-Accept but because there are more than
> one possible route and congestions are possible, when i recieve
> account-stop with the cause: route overloaded, i sen
Lenir Santiago <[EMAIL PROTECTED]> wrote:
> I've been looking for the past two days all over the web regarding
> this subject. Sorry if this question has been posted before. With
> rlm_sql im able to store NAS clients on a SQL table. I want to do
> the same but with ldap.
It's not possible. If
> Why the command "radiusd -A" work fine and not
> "/etc/init.d/raduisd start" ???
When you run 'radiusd -A' (I suppose you're root), you are running the
radius Server as Root.
When you run /etc/init.d/radiusd start, it switches to the 'radiusd' user
identity (in FC5).
So it is possible that yo
Hi Jonatahan,
Thanks for the quick response. It worked first time.
Regards,
Sean
http://swarmhotspots.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Let's see if we can get this solved...
> -Original Message-
> Here's the full log:
> Waking up in 6 seconds...
> rad_recv: Access-Request packet from host 10.104.254.73:1645,
This is NOT the full log. The full log would have started with the line
/path/to/radiusd -X
Some important s
hi everybody, i have a problem with radius module for PAM. When i compile the source of pam_radius-1.3.16.tar, i got a lot of erros. I applied patch's available in the list, but the problems persists.In the HP-UX enviroments the messages are:
begin [root] patch_pam_radius> make
Hi guys,I've been looking for the past two days all over the web regarding this subject. Sorry if this question has been posted before. With rlm_sql im able to store NAS clients on a SQL table. I want to do the same but with ldap. is there a way that rlm_ldap can lookup NAS clients from my ldap ser
Hi,
I have a Freeradius on a fedora core 5 with a backend mysql.
It's work fine 20 days.
But i have stopped it (/etc/init.d.radiusd stop) and use radiusd -A commande for
testing another login for mysql. An since this change the serveur radius can
connect to serveur mysql on debug mode (rdiusd -X)
[EMAIL PROTECTED]
wrote on 10/27/2006 02:54:52 PM:
> Did you notice the response from ntlm_auth:
>
> Exec-Program: /usr/bin/ntlm_auth --request-nt-key
--username=sstruyf
> --challenge=decc4450c3b83d2c --nt-
> response=1af36673f68f926b4cc76bf8cd9f440d0c36396981ad345
> Exec-Program o
OK it works fine now with this in the users file:
Robert Auth-Type = LDAP
service-Type = NAS-Prompt-User,
cisco-avpair = "shell:priv-lvl=1"
but it is said in radius.conf not to use Auth-Type = LDAP.
so is there an other solution to add this attributes in reply.
Thomas
> Message du 27/10/06 à
Did you notice the response from ntlm_auth:
Exec-Program: /usr/bin/ntlm_auth --request-nt-key
--username=sstruyf --challenge=decc4450c3b83d2c
--nt-response=1af36673f68f926b4cc76bf8cd9f440d0c36396981ad345
Exec-Program
output: Logon failure (0xc06d)
This indicates an invalid user
Sri, ¿it never works ? ¿how did you
build your radius ? ¿what's your platform and mysql version ? ¿sis you
remember to have mysql-devel (mysql headers) available when you build freeradius
?, it seems to me that the driver is not working.
In the message below "driver
rlm_sql_mysq" is
a typo (should
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> -Oorspronkelijk bericht-
> Van: freeradius-users-
> [EMAIL PROTECTED]
> [mailto:freeradius-users-
> [EMAIL PROTECTED] Namens Sean
> Verzonden: vrijdag 27 oktober 2006 14:20
> Aan: freeradius-users@lists.freeradius.org
> Onderwerp: Open acc
Hi,
I want to grant access to any user or password on my backup server. I
found DEFAULT Auth-Type := Accept in the FAQ, however it gives no hint
as to where to put the code. I've been trying various parts of
raddb.conf with no success.
Any help appreciated as usual.
Sean Bracken
-
List info/su
Here's the full log:
Waking up in 6 seconds...
rad_recv: Access-Request packet from
host 10.104.254.73:1645, id=67, length=259
User-Name
= "KMT-EU.KMTG.NET\\sstruyf"
Framed-MTU
= 1400
Called-Station-Id
= "0016.469b.7cd0"
Calling-Station-Id
= "0011.851a.cc37"
Hello all,
I am using FreeRadius to authenticate my PPPoE clients. This is the
version I am using:
[EMAIL PROTECTED] radius]# radiusd -v
radiusd: FreeRADIUS Version 1.1.0, for host , built on Feb 20 2006 at
08:14:50
Copyright (C) 2000-2003 The FreeRADIUS server project.
My system u
[EMAIL PROTECTED] wrote:
All,
I finally got it working, but not yet as i want.
The trick that made it work is settings auth-type := MSCHAPv2 for the
You should not do that, and should not *have* to do that.
Most likely you have not put the mschap module in the authorize section,
*or* you ha
[Apologies, I may have sent this before from the wrong mail-box]
Hello
I am running the Blastwave packaging of Freeradius 1.0.1 on Solaris
8, sparc.
This interfaces with MySQL version 4.0.18-log, built from source.
The RADIUS server inexplicably terminates with no core dump or logge
All,
I finally got it working, but not yet
as i want.
The trick that made it work is settings
auth-type := MSCHAPv2 for the user(s) and i also started radiusd as root(changed
the rights without success to radiusd, but once everything is working i
will try to run again with radiusd user)
If i conn
hi,
remove the System authentication line from your users file.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I'm trying to authenticate and authorize Cisco routers administrators But not the autorization (privilege level). so not when i add "aaa authorization exec default group radiusvrf if-authenticated" to the cisco router to be able to manage privileges with radius.
to make it work, i think i
FreeRADIUS 1.1.3 bug - Accounting requests reemission by FreeRADIUS
In file "main\request_list.c", function "refresh_request".
In the case of an accounting request (request->proxy->code ==
PW_ACCOUNTING_REQUEST), FreeRADIUS adds to the proxied packet the
attribute "Acct-Delay-Time" (or updates
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> Has anyone experimented with using Active Directory as a database for
> Static IP Addressing?
Yes, just assign a static ip in the AD dial-in properties for that user and
adapt the ldap.attrmap accordingly, this works perfectly. There is no need to
34 matches
Mail list logo