On 3/15/07, Paul Goodman [EMAIL PROTECTED] wrote:
I am trying to compile the pam_radius-1.3.16 modules on a Solaris 10 system,
but when I run make, I get the following error:
gcc -Wall -fPIC -c pam_radius_auth.c -o pam_radius_auth.o
In file included from pam_radius_auth.h:23,
On 3/15/07, Chris Moody [EMAIL PROTECTED] wrote:
Greetings all,
I am trying to create an RPM of Freeradius 1.1.5 for a Fedora Core 6
install, and following the instructions in the Wiki, the build process
dies with this at the end:
c/include -Ilibeap -c rlm_eap.c -fPIC -DPIC -o
On Thu, 15 Mar 2007 12:17:11 -0500 Chris Moody [EMAIL PROTECTED]
tech.net wrote:
Greetings all,
I am trying to create an RPM of Freeradius 1.1.5 for a Fedora Core
6
install, and following the instructions in the Wiki, the build
process
dies with this at the end:
c/include -Ilibeap -c
An entry like this in your 'users' file should work:
DEFAULT NASIPAddress =~ 192.168.100.*
Auth-Type := Reject
I'm not sure '*' is the appropriate regular expression character
for freeradius, but you should be able to verify that pretty quickly
from the documentation. Operator
That did it, thank you!
Tomas Hoger wrote:
On 3/15/07, Paul Goodman [EMAIL PROTECTED] wrote:
I am trying to compile the pam_radius-1.3.16 modules on a Solaris 10 system,
but when I run make, I get the following error:
gcc -Wall -fPIC -c pam_radius_auth.c -o pam_radius_auth.o
In file
Sam Schultz wrote:
On Thu, 15 Mar 2007 10:57:29 -0500 joe vieira [EMAIL PROTECTED]
wrote:
Alan DeKok wrote:
joe vieira wrote:
i have eap-peap authentication working against our ad domain.
peachy
keen. what i would like to be able to do is, in our
Ah exactly my issue. libtool-ltdl was installed but libtool-ltdl-devel
wasn't. I dropped that in and away it went. Thanks!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Actually, I don't think this will help since the wireless controller IP
that freeradius sees is *not* in the 192.168.100.* range. This
controller uses LWAPP, so the IP ranges that the wireless networks use are
totally contained within the wireless infrastructure, which means that the
NAS IP is
DEFAULT check_items (ex: Realm == 'your_domain')
Autz-Type := your_ldap_instance (ex: ldap),
Auth-Type := module_instance_for_authentication
so i did what you recommended, which makes sense to do... i have
Autz-type := eap, and in debug mode i get this clearly an
I haven't yet downloaded Free Radius, but looks to be the solutions I'm
in search of. My question is this. We already have a db developed and
running that maintains all customers, usersnames, passwords, static wan
IP, ect. I would love to be able to have FreeRadius query my db for
those fields to
I'm not sure what that cli value is. Have you checked the radius
attributes page to see if it is standard? If you have any way to
pull that information to the radius server external of freeradius,
I suppose you could use the exec module. I doubt it would be
efficient at all, though.
Looks like
Sam Schultz wrote:
DEFAULT check_items (ex: Realm == 'your_domain')
Autz-Type := your_ldap_instance (ex: ldap),
Auth-Type := module_instance_for_authentication
so i did what you recommended, which makes sense to do... i have
Autz-type := eap, and in
I have
in radgroupcheck
GroupName Attribute op Value
14 daysSession-Terminate := 1209600 (Time for 14 days
from first connection)
in usergroup
GroupName UserName
14 daysaaa
in radcheck
UserName Attribute op
You have a table on Alan DeKok's site explaining what protocol/password
hashing combinations are possible and which are not:
http://deployingradius.com/documents/protocols/compatibility.html
Ivan Kalik
Kalik Informatika ISP
Dana 15/3/2007, Dariusz Dwornikowski [EMAIL PROTECTED] piše:
On
Operator works as expected.
***
Attribute += Value
Always matches as a check item, and adds the current attribute with value
to the list of configuration items.
As a reply item, it has an identical meaning, but the attribute is added
to the reply items.
***
It adds attribute to the list not add
reference the initial thread where i said i was authenticating off
of
active directories, using eap-peap. which i had previously
working just
fine.
Since i didn't specify an instance name in my eap.conf, it is
referenced
as 'eap' (which i did read, but was following your advice).
Once you
Ok, Thanks, I confused something, because it was working and i don't have
any external program, but now I will try to do one, Again Thanks Verry Verry
Much
Fabián
From: [EMAIL PROTECTED]
Reply-To: FreeRadius users mailing list
freeradius-users@lists.freeradius.org
To: FreeRadius
There is a sql.conf file where you can alter user and group sql queries
if you don't want to use suggested sql schema.
Ivan Kalik
Kalik Informatika ISP
Dana 15/3/2007, Kelly Hamlin [EMAIL PROTECTED] piše:
I haven't yet downloaded Free Radius, but looks to be the solutions I'm
in search of. My
On 2007-03-15, at 21:31, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
You have a table on Alan DeKok's site explaining what protocol/
password
hashing combinations are possible and which are not:
http://deployingradius.com/documents/protocols/compatibility.html
Ivan Kalik
Kalik
Hi,
I am a newbie to Radius Protocol. I want to set the Message Authenticator
value to 0x00 in my Accounting Request. I have tried bzero but its not
working.
Please let me know if there is a way to do it?
Thanks Regards,
Regards,
-Archna
-
List info/subscribe/unsubscribe? See
It's impossible to put an Message-Authenticator in an accounting packet.
It has to do with the way the Accounting-Request packet is signed.
The MA is placed in the Access-Request packet as 16 zeroed bytes. The
HMAC-MD5 value is calculated over the entire packet and patched into the
MA's zeroed
Is it possible to put authenticator filed in Accounting Request message to
0x00?
Regards,
-Archna
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
ius.org] On Behalf Of Michael Lecuyer
Sent: Thursday, March 15, 2007 6:47 PM
To: FreeRadius users mailing list
Subject:
Lets say you achieve that with some packet sniffing software. You don't
have radius packet any more. You have garbage. What now?
Ivan Kalik
Kalik Informatika ISP
Dana 16/3/2007, Archna Mittal [EMAIL PROTECTED] piše:
Is it possible to put authenticator filed in Accounting Request message to
Archna Mittal wrote:
Is it possible to put authenticator filed in Accounting Request message to
0x00?
If you're using FreeRADIUS, the code works, and does the right thing.
If you're developing your own RADIUS software, then this is *not* the
appropriate list to ask generic RADIUS
Dariusz Dwornikowski wrote:
as i understand, I get Digest of a triple:
user:realm:password. This is MD5 hashed.
Then you don't have the passwords stored in MD5 hashed form. The MD5
hash includes *more* than just the password.
Please be specific in describing what you're doing. It
Matt Ashfield wrote:
I guess I was hoping for a link to an example of some sort. Because the user
who would be given access is not explicitly defined in the users file (the
users is defined in LDAP), I'm not sure how to setup a rule for that person.
By putting their username into an entry in
If your accounting-request is damaged then the server will reject it
since the signature will be altered. The server performs a signature
check on the Accounting-Request - basically resigning it and checking
that the resulting Accounting-Request authenticators are the same.
It's a trust
I require a php script to be written that I can run from cron.
The purpose of the script is to basically remove stale/locked accounting
records in the sql database.
Script will need to have variables defined at top of script for easy
changes. (I.E. mysql database,username,password and time
Peter Urban wrote:
i want to pass the username and password to an external program.
i already tried the following code but i didnt work:
DEFAULT Auth-Type ?= External
Exec-Program-Wait = /etc/raddb/mytestprogram %u %w,
Fall-Through = Yes
I found the %u placeholder in the
Thanks a lot for all the replies.
Actually my project requirement needs the authenticator field set to all
zero's. and moreover there is no secret as such with the radius server i.e.
the secret field is Null while calling rad_send. You may assume that my
project requires just the message in
Hi,
This */etc/freeradius/users* file works with Cisco Aironet:
(used for authentication on access points, a ssh connection gives enable
access directly)
normaluser Auth-Type := Local, User-Password == normaluser
superuser Auth-Type := Local, User-Password == superuser
Cisco-AVPair =
freeradius-1.1.5 : *** glibc detected *** double free or corruption
compile new perl and recompile 1.1.5 without the option experimental modules
==
Benjamin K. Eshun
- Message d'origine
De : adreas polyxronopoulos [EMAIL PROTECTED]
À :
HI,
I just want to settup my freeradius to work with Mysql, i have already
install everything and configure to, but when i tried to conected to the
web-based graphic dialup_admin page i see the message: Could not connect to
SQL database. Now i dont know what wrong.. If somebody can help
Hi, all
I am using rlm_sim_file module to perform the authorization
function, so I have to add sim_file before eap in the authorize{}
of radiusd.conf.
In general, the authorization function can set the Auth-Type
automatically, such as rlm_file or rlm_sql. But I find that the
rlm_sim_file
Hi,
I'm new to FreeRadius-/Users, Dev lists, Please any guide me where I
can direct all my emails regarding FreeRadius client c library.
-KB
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
check your settings in .../conf/admin.conf
#
# can be one of mysql,pg where:
# mysq: MySQL database (port 3306)
# pg: PostgreSQL database (port 5432)
#
sql_type: mysql
sql_server: localhost
sql_port: 3306
sql_username: dialup_admin
sql_password: XX
sql_database: radius
sql_accounting_table:
Hello,
When running 'radiusd -X' (version 1.1.5) it ends with a
segmentation fault. I did not make any changes to the default
configuration files, just tried to execute the steps in section 2 of
the 'INSTALL' file.
Here is the output of 'radiusd -X':
---
Starting
Thanks for all help,
this last tip is very good. I need exactly this
Jean
Alexander Serkin wrote:
we did this that way:
1. modified usergroup table to (it's oracle):
Name Null?Type
--
ID NOT NULL NUMBER(38)
I have a situation where I have a wireless controller that services
multiple wireless networks (vlans). When the controller contacts the
RADIUS server with an authentication request, it does so with the IP
address of the controller as the client address. The problem is I have a
guest network
Dear guys
I have solve the problem of checkrad for simultenous login i have
face many problem first time but finaly i got solution and i have modifiy my
script for my nas
i have freeradius-1.1.0 with MSSQL2000 with cisco 3700 NAS
i want to share my solution with all freeradius
Hi all,
I'm using the RHEL build of freeradius 1.0.1. I'm trying to do
something that might seem totally stupid, so let me know if i am (no
need to flame). I'm new to freeradius so bear with me a bit.
i have eap-peap authentication working against our ad domain. peachy
keen. what i
On Thu, 15 Mar 2007 10:16:14 -0500 joe vieira [EMAIL PROTECTED]
wrote:
Hi all,
I'm using the RHEL build of freeradius 1.0.1. I'm trying to do
You really should upgrade that. If I recall correctly, there were
some nasty bugs in the early 1.0.x builds.
something that might seem totally
lishuai zhao wrote:
Hi, all
I am using rlm_sim_file module to perform the authorization
function, so I have to add sim_file before eap in the authorize{}
of radiusd.conf.
In general, the authorization function can set the Auth-Type
automatically, such as rlm_file or rlm_sql. But I
Dariusz Dwornikowski wrote:
Hi.
My problem is such, that we store our passwords in Md5 in database,
when authorization request comes from ser, i get digest attributes.
I issue:
Digest authentication and MD5 hashed passwords are incompatible.
It won't work.
And in Database I
joe vieira wrote:
i have eap-peap authentication working against our ad domain. peachy
keen. what i would like to be able to do is, in our openldap
environment, store attributes for retrieval by radius, cisco stuff/
etc... i assume the way to do this would be to use the authorization
Alan DeKok wrote:
joe vieira wrote:
i have eap-peap authentication working against our ad domain. peachy
keen. what i would like to be able to do is, in our openldap
environment, store attributes for retrieval by radius, cisco stuff/
etc... i assume the way to do this would be to
On Thu, 15 Mar 2007 10:51:17 -0500 Alan DeKok
[EMAIL PROTECTED] wrote:
Sam Schultz wrote:
An entry like:
DEFAULT Realm == test, Autz-Type := sql-test
User-Name = %{User-Name}
Please read man users for the definition and meaning of
operators.
You want:
DEFAULT
I am trying to compile the pam_radius-1.3.16 modules on a Solaris 10 system,
but when I run make, I get the following error:
gcc -Wall -fPIC -c pam_radius_auth.c -o pam_radius_auth.o
In file included from pam_radius_auth.h:23,
from pam_radius_auth.c:63:
md5.h:21: error: syntax
On Thu, 15 Mar 2007 10:57:29 -0500 joe vieira [EMAIL PROTECTED]
wrote:
Alan DeKok wrote:
joe vieira wrote:
i have eap-peap authentication working against our ad domain.
peachy
keen. what i would like to be able to do is, in our openldap
environment, store attributes for retrieval
On 2007-03-15, at 16:55, Alan DeKok wrote:
Dariusz Dwornikowski wrote:
Hi.
My problem is such, that we store our passwords in Md5 in database,
when authorization request comes from ser, i get digest attributes.
I issue:
Digest authentication and MD5 hashed passwords are
Greetings all,
I am trying to create an RPM of Freeradius 1.1.5 for a Fedora Core 6
install, and following the instructions in the Wiki, the build process
dies with this at the end:
c/include -Ilibeap -c rlm_eap.c -fPIC -DPIC -o .libs/rlm_eap.o In file
included from rlm_eap.c:26:
51 matches
Mail list logo