Hangjun He wrote:
>I have configured ntlm_auth in freeRADIUS talk to AD(user store). And
> It works well.
> Now I want to use ldap to get attribute from AD, It failed.
>
>It seems ldapsearch will search user's *display name*. And ntlm_auth
> will search user's *user logon name.*
>
>
Walter Gould wrote:
> Sorry to bother you guys again - I created new SSL certificates per
> your above instructions... After the certs were created, I then:
>
> 1. copied them to the /etc/raddb/certs directory
> 2. updated /etc/raddb/eap.conf with the certificate names & private key
> password
>
Mark Elkins wrote:
> .. which keeps personal changes to one place (sql.conf and files
> in /etc/raddb) and saves me from upsetting Alan DeKok's karma* - a bad
> thing to do.
The files are editable for a reason. If all you see is ASCII
"Class" attributes, add the following to the bottom of ra
Hi,
I have configured ntlm_auth in freeRADIUS talk to AD(user store). And It
works well.
Now I want to use ldap to get attribute from AD, It failed.
It seems ldapsearch will search user's display name. And ntlm_auth will
search user's user logon name.
If I set display n
Dear all
I have cisco SSLVPN gateway and i want to authenticate user
freeradius authentication server but i need more input from community what
type of control i can done with it ?? Is it possible to control some user
session or number of time to control is there anybody have
Thanks.
So key-file-password do not set in radiusd.conf/rlm_ldap section.
I still donot know how to configure key-password in Openldap, Where I can get
any document or Wiki ? Thanks.
John.
"Ranner, Frank MR" <[EMAIL PROTECTED]> 写道:
Yes. eap.conf is part of radiusd.conf.
But
Yes. eap.conf is part of radiusd.conf.
But I can not find a variable to set key-file-password in
rlm_ldap section.
# Lightweight Directory Access Protocol (LDAP)
ldap {
server = "ldap.your.domain"
# identity = "cn=admin,o
Hi,
Yes. eap.conf is part of radiusd.conf.
But I can not find a variable to set key-file-password in rlm_ldap section.
# Lightweight Directory Access Protocol (LDAP)
ldap {
server = "ldap.your.domain"
# identity = "cn=admin,o=My Org,c=UA"
# password = mypass
basedn = "o=
On Mon 29 Oct 2007, Hawkins, Michael wrote:
> Hi all,
>
> I am very familiar with Cisco Secure ACS for AAA of Cisco devices. I am
> considering using FreeRadius at another customer site instead of Cisco
> Secure ACS.
>
> Will I still be able to control command execution (authorization) etc
> via Fr
On Mon 29 Oct 2007, Hawkins, Michael wrote:
> Peter,
>
> Yes, I was comparing TACACS+ to RADIUS - my mistake.
>
> Any recommendations on the most appropriate web front end for FreeRadius
> when managing a Cisco network that is pointing at a FreeRadius AAA
> server?
It kind of depends on your backe
Alan DeKok wrote:
Walter Gould wrote:
I am following the document "FreeRADIUS Active Directory Integration
HOWTO" from the freeradius Wiki. I am having problems with creating
SSL certificates. When I follow the instructions at the bottom of this
doc and run the CA.all script, I see the fol
On Mon, 2007-10-29 at 16:45 +0200, Mark J Elkins wrote:
> My access provider is setting and sending me the "Class" attribute in an
> accounting record...
>
> I use MySQL to store such info in... and I'm using freeradius 1.1.6
Wisdom prevails.. (touching the dictionaries is probably a bad* thing
You can use CHAR() in the sql statement if you recieving Class attribute
ASCII encoded.
Ivan Kalik
Kalik Informatika ISP
Dana 29/10/2007, "Mark J Elkins" <[EMAIL PROTECTED]> piše:
>My access provider is setting and sending me the "Class" attribute in an
>accounting record...
>
>I use MySQL to s
Hi Mark,
The provider is obviously SAIX (ZA based ISP),
Looks like SAIX are sending it through as ASCII text, on my side?
Tue Sep 18 14:25:53 2007
Acct-Session-Id = "7/0/2/20.557_30429449"
Framed-Protocol = PPP
Framed-IP-Address = 41.242.121.175
User-Name = "[EMAI
My access provider is setting and sending me the "Class" attribute in an
accounting record...
I use MySQL to store such info in... and I'm using freeradius 1.1.6
in order to Capture the value - I modified all accounting "Insert"
statements to (as an example)
accounting_start_query = "INSERT
Peter,
Yes, I was comparing TACACS+ to RADIUS - my mistake.
Any recommendations on the most appropriate web front end for FreeRadius
when managing a Cisco network that is pointing at a FreeRadius AAA
server?
Mike Hawkins
Office: 212-208-3888
Mobile: 917-887-3614
-Original Message-
Fr
On Tue 16 Oct 2007, Dánial Olsen wrote:
> Hi,
>
> I'm hoping someone can assist me with my problem with assigning ip
> addresses with freeradius 1.1.6 on OpenBSD 4.1.
>
> I'm using freeradius to with an Ericsson CGSN and now I'm trying to
> assign ip addresses to my Mobile Stations.
> The problem i
On Tue 09 Oct 2007, satish patel wrote:
> I have CAR cisco radius server with MPLS attribites but
> there is no Accouting option for users so is it possible to replace CAS
> radius with freeradius server ??
Probably...
--
Peter Nixon
http://peternixon.net/
-
List info/subscribe
On Fri 05 Oct 2007, Walter Gould wrote:
> [EMAIL PROTECTED] wrote:
> > You are aware that this is not Cisco technical support?
>
> Yes - I am...smirk.
>
> > radius server attribute 4 a.b.c.d
> >
> > Ivan Kalik
> > Kalik Informatika ISP
>
> That didn't seem to work. For others that may run into th
Hi all,
I am very familiar with Cisco Secure ACS for AAA of Cisco devices. I am
considering using FreeRadius at another customer site instead of Cisco
Secure ACS.
Will I still be able to control command execution (authorization) etc
via FreeRadius? Or would I be restricted to authentication only?
On Thu 04 Oct 2007, Mal wrote:
> Dear all,
>
> I'm using the freeradius(freeradius-1.1.0-19
> ) on mobile network.
> GGSN contacts the radius server like below.
>
> 1.GGSN---Accounting Off request--->Radius
> 2.GGSN<--Accounting Off response---Radius
> 3.GGSN---Accounting On request--->Radius
> Aft
All,
We've had sporadic problems with our Wireless radius service hanging.
The occurrences tended to be spaced weeks apart, and consist of clusters
of hangs 4-12 hours apart over a few days. I had formed the hypothesis
that a particular client or type of client was triggering it - when they
reali
Hi
I don't think I was clear enough on what I meant. I have been using version
1.1.3, 1.1.4, 1.1.5, 1.1.6 and have never seen this problem before, with the
exact same configuration. This configuration have been working for 18 months or
so.
Wheter this is a SLES 10 SP1 problem or a problem wi
You already have. eap.conf is a part of radiusd.conf.
Ivan Kalik
Kalik Informatika ISP
Dana 29/10/2007, "Hangjun He" <[EMAIL PROTECTED]> piše:
>Hi,
>
> I use freeradius 1.1.6 and Openldap 2.3.32. And now It can authenticate
> success( freeRADIUS + Openldap with TLS TLS encrypt.)
>
> My que
On Thu 04 Oct 2007, [EMAIL PROTECTED] wrote:
> Hi Alan,
>
> > No. The standard is the RFC. The portmaster text is just
> > additional
> > text from the people building RADIUS systems.
> >
> > It is NOT vendor specific. Do NOT say it is vendor specific.
>
> Ok... I deserve a good slap for t
Hi,
> I'm having the exact same problem as described below, with Freeradius
> 1.7 hanging at 99 percent. Also using PEAP, MSCHAPV2, and eDir, and
> running 1.7 on a SLES 10 SP1.
> I have been using the same configuration since 1.3 without any problems
> problems, but since upgrading from 1.6 to 1.
I'm having the exact same problem as described below, with Freeradius
1.7 hanging at 99 percent. Also using PEAP, MSCHAPV2, and eDir, and
running 1.7 on a SLES 10 SP1.
I have been using the same configuration since 1.3 without any problems
problems, but since upgrading from 1.6 to 1.7 it's "crashed
27 matches
Mail list logo