Hello Gurus,
I need to set up FR with SQL (Postgres) backend storing all
users/groups information except clients.conf.
Groups are mission-critical, because the same user can come from
different NASes (WiFi, Dial-Up, VPDN) and should get different
settings (IP addresses etc).
Access
hi shantunu
see my comments below..
On 6/5/07, shantanu choudhary [EMAIL PROTECTED] wrote:
hi all,
i m trying to get EAP-TLS working for free radius, but i m not able to
figure out how to handle all those certificates.
You need one CA , one server certificate and one client certificate,
Hi,
I was just trying to do the same thing - the device has to support the VLAN settings from Radius, otherwise you are screwed :-(
download the radius dictionary for powerconnect 3448 and look if the parameters are in here - in my case they were not and got
ignored as well...
Jan Schermer
Hi
That could be the solution for my problem, because I didn't find one
installed on the system. But where can I download this dictionary? :S
Am 06.06.2007 um 08:28 schrieb Jan Schermer / ET NETERA:
Hi,
I was just trying to do the same thing - the device has to support
the VLAN settings
On Tue, 5 Jun 2007 17:37:23 +0100 (BST) shantanu choudhary
[EMAIL PROTECTED] wrote:
If u know really gud online help
available please let me kno
Try
http://homepage.mac.com/andreaswolf/public/wpaeap.html
It won´t make you understand certificates. But it allows you to set up
a running solution.
Hello,
I need to proxy AA request from some users. Therfore, the proxy is based
on the string [EMAIL PROTECTED], and non only on the realm...
Do you have any suggestion in order to configure such feature?
thanks
_
MSN Messenger:
Why not you use huntgroups:
HGdial NAS-IP-Address == dial NAS IP
SQL-Group = dialup,
... other dial groups
HGWiFi NAS-IP-Address == WiFi NAS IP
SQL-Group = wifi,
... other wifi groups
etc.
Ivan Kalik
Kalik Informatika ISP
Dana
Hello Ivan,
Thanks for the reply.
I've tried that configuration too, but there was some problem (don't
remember exactly),
and finally decided to keep all the information in the database.
With best regards,
Andrew.
Why not you use huntgroups:
HGdial NAS-IP-Address == dial NAS
run radiusd -X and see if these crop up when you recieve accounting
update request. If your NAS is sending them as Start, not Update packets
you will need to fix it on the NAS.
Ivan Kalik
Kaliik Informatika ISP
Dana 6/6/2007, Jeff [EMAIL PROTECTED] piše:
to be quite honest not even sure.
Just so yoo know these are from another radius server.
Virtual isp
in specific coming from globalpops
If fom anohter radius server makes a difference in whats happening.
also i see stop and start packets in detail file, and when looking
at the radacct table I see all the accounting
To clarify...we are running version 1.4.1. I'll try the latest release
anyway.
Brian Dourty
System Administrator - Team Lead
Division of IT (formerly IAT Services)
University of Missouri - Columbia
573-882-1035
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
rg] On
hi,
Am using freeradius 1.1.6 on a fedora core 4 with mysql server installed and
up
i've created radius database but can't create tables because i can't find
the db_mysql.sql file neither in /doc/examples/ nor in
*src/modules/rlm_sql/drivers/rlm_sql_mysql/
*
i went through archives yet nothing
Problem with remote servers is only if packets are missing. If they are
(all) arriving it's no problem at all.
Accounting Stop packet should contain Acct-Stop-Time and
Acct-Session-Time. Run radiusd -X or radsniff and see what's in those
packets. Also have a look if the packets causing problems
Hello again all,
Thanks to the folks who responded to my earlier plea with regards to
authenticating many Cisco devices using radius. I'm trying to weigh
my options and see which direction I want to go.
One Idea I had after sending mail to the list was, have a sort of
catch-all line at the end
Hi
Has got Anybody a freeradius server working with multiple server
certificates?
I've tried the configuration explained below but freeradius returns error
messages.
Module: Instantiated eap (eap1)
eap: default_eap_type = tls
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
If the request cones from a device that isn't in your clents.conf it
will be rejected, so you needn't bother with all this. Server doesn't
accept packets from unknown devices. It's a basic security feature.
Ivan Kalik
Kalik Informatika ISP
Dana 6/6/2007, Brian Johnson [EMAIL PROTECTED] piše:
http://wiki.freeradius.org/MS-SQL_DDL_script
Ivan Kalik
Kalik Informatika ISP
Dana 6/6/2007, Carl aniams [EMAIL PROTECTED] piše:
hi,
Am using freeradius 1.1.6 on a fedora core 4 with mysql server installed and
up
i've created radius database but can't create tables because i can't find
the
Hi,
i would to configure my server radius for 802.1x authentication.
But when i modify my eap.conf file and then start radius i have this
error message:
rlm_eap: Failed to link EAP-Type/tls: rlm_eap_tls.so: cannot open
shared object file: No such file or directory
What's happen? How can i
Hi,
hi,
Am using freeradius 1.1.6 on a fedora core 4 with mysql server installed and
up
i've created radius database but can't create tables because i can't find
the db_mysql.sql file neither in /doc/examples/ nor in
*src/modules/rlm_sql/drivers/rlm_sql_mysql/
*
i went through archives
Apparently version numbers and I aren't getting along. It was 1.1.4. I
just grabbed the latest 1.1.6 code and compiled it. Same problem.
Here is the ldap portion of the debug output:
rlm_ldap: performing search in DC=edu, with filter
(|(sAMAccountName=dourtyb)(userPrincipalName=dourtyb))
Hi,
Hi,
i would to configure my server radius for 802.1x authentication.
But when i modify my eap.conf file and then start radius i have this
error message:
rlm_eap: Failed to link EAP-Type/tls: rlm_eap_tls.so: cannot open
shared object file: No such file or directory
What's happen?
hi all
thanks for support,
i have created certificates using openssl and scripts provided on link
http://www.alphacore.net/contrib/nantes-wireless/eap-tls-HOWTO.html
i have created root.der(this is self signed certificate) file and clt.pem and
using them with wpa_supplicant.
even when my server
Do you know the option to compile freeradius with ssl support??
Thanks.
Citando [EMAIL PROTECTED]:
Hi,
Hi,
i would to configure my server radius for 802.1x authentication.
But when i modify my eap.conf file and then start radius i have this
error message:
rlm_eap: Failed to link
Hi,
i have created certificates using openssl and scripts provided on link
http://www.alphacore.net/contrib/nantes-wireless/eap-tls-HOWTO.html
i have created root.der(this is self signed certificate) file and clt.pem and
using them with wpa_supplicant.
download the latest CVS version - eg
problem is when i start my server and client server is showing output :-
rad_recv: Access-Request packet from host 192.168.2.183:1026, id=2, length=177
Ignoring request from unknown client 192.168.2.183:1026
--- Walking the entire request list ---
Nothing to do. Sleeping until we see a request.
It doesn't work. When the user is member of SUSPENDED and has a static IP
address, rlm_sqlippool doesn't override the Framed-IP-Address.
This is the behavior I expect for all other cases/groups.
I had another problem with this configuration. A user can be member of
multiple groups. If he is
26 matches
Mail list logo