James Lockie wrote:
A pointer to a howto would be much appreciated.
There is no how-to because there's nothing to do. If you have DHCP
already running, it will be used after the clients have been
authenticated via RADIUS.
The two processes are *completely* independent.
Alan DeKok.
-
orion wrote:
hi to all.
im using FR 2.0.0 with default config.
in debug mode i get
*rlm_acct_unique*: *WARNING*: *Attribute* *Client *-*IP*-*Address* was
not found in
request, unique ID MAY be inconsistent
Good point. The way that attribute is handled was changed in 2.0.
I've
This works by default. Just enter NAS details in clients.conf and
username and password in users file.
Ivan Kalik
Kalik Informatika ISP
Dana 11/1/2008, James Lockie [EMAIL PROTECTED] piše:
[EMAIL PROTECTED] wrote:
Yes.
Ivan Kalik
Kalik Informatika ISP
Dana 10/1/2008, [EMAIL PROTECTED]
Brian Wilson wrote:
I am running Freeradius 1.1.0
Please upgrade to at least 1.1.7. It solves a lot of security issues,
*and* helps with the problem you're seeing, too.
When I try to authenticate, the radius server receives about 7
Access-requests.
That's the way EAP works.
Norbert Wegener wrote:
In cvs from January 9th I noticed for the first time, that freeradius
complains about packets without Message-Authenticator and ignores them:
WARNING: Insecure packet from host 145.25.153.222: Packet does not
contain required Message-Authenticator attribute
How can
after replacing the rlm_acct_unique.c my debug tells :
rad_recv: Accounting-Request packet from host 192.168.2.225 port 1025,
id=94, length=137
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 48
NAS-Port-Type = Ethernet
User-Name = user
On Sat, 12 Jan 2008, Alan DeKok wrote:
The hints file contains the following lines, which seem to at least
somewhat work as the P is stripped and authentication succeeds.
Note that this updates the *request*, not the *reply*.
Ahh. Okay. Thanks, this helps understanding the problem
Alan DeKok wrote:
Norbert Wegener wrote:
In cvs from January 9th I noticed for the first time, that freeradius
complains about packets without Message-Authenticator and ignores them:
WARNING: Insecure packet from host 145.25.153.222: Packet does not
contain required Message-Authenticator
hi,
I'd like to add into this that if you upgrade
to 2.0 then the EAP is simpler and quicker - and
your LDAP wont get hit with each request. it'll
only get the bare required outside and then the
essential inner tunnel stuff.
alan
-
List info/subscribe/unsubscribe? See
hello
i am given a project of installing freeRADIUS 1.1.7 on fedora core 7.
i am unable to go next to the step radiusd -x
kindly tell me some method to install it
please help
i have installed fedora core 7 on VmWare 5.5 and that on windows xp.
do i need more than one computer to install this.
On 12/01/2008, adnan deura [EMAIL PROTECTED] wrote:
hello
i am given a project of installing freeRADIUS 1.1.7 on fedora core 7.
i am unable to go next to the step radiusd -x
kindly tell me some method to install it
please help
http://wiki.freeradius.org/Build#Building_RedHat_packages
Same
Thanks alan, I have tested and it definitely seems to be a problem, the
field is using a varchar(255) in sql I thought this was an issue but it is
not. Is there any way you could rebuild the sqlcounters for freeradius.net ?
have a compiled version already.
I have seen some mention about the
orion wrote:
after replacing the rlm_acct_unique.c my debug tells :
rad_recv: Accounting-Request packet from host 192.168.2.225
...Client-IP-Address INVALID-TOKEN
now it says INVALID-TOKEN.
OK. Grab the latest version from CVS. I've fixed a typo.
Alan DeKok.
-
List
Andreas Thienemann wrote:
About the := operator, is it only needed for Cleartext-Password? What
about Crypt-Password? There it seems to work with == as well as with
:=.
It's a hack to use '=='. Don't use it.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
David Wood wrote:
PATCH SUBMISSION - THREADING ISSUES
[...]
Firstly, for threading on FreeBSD you should just use -pthread (and not
use -lpthread). There are different threading libraries available on
FreeBSD; the OS does the correct thing if you just use -pthread.
-pthread vs
grabed the latest and installed.
now it says
rlm_acct_unique: Hashing 'NAS-Port = 9,Client-IP-Address =
192.168.2.225,NAS-IP-Address
= 192.168.2.225,Acct-Session-Id = 8160,User-Name = orioni'
rlm_acct_unique: Acct-Unique-Session-ID = 59cf7442060b83a6.
the Client-IP-Address is the same as
Alan DeKok wrote:
James Lockie wrote:
A pointer to a howto would be much appreciated.
There is no how-to because there's nothing to do. If you have DHCP
already running, it will be used after the clients have been
authenticated via RADIUS.
The two processes are *completely*
James Lockie wrote:
I don't want them independent. :-)
DHCP can give out an IP first but I don't want the default gateway to
work for THAT specific IP until the user has been authenticated with
radius.
Then you want a captive portal. This isn't a RADIUS problem.
Alan DeKok.
-
List
adnan deura wrote:
hello
i am given a project of installing freeRADIUS 1.1.7 on fedora core 7.
i am unable to go next to the step radiusd -x
radiusd is located in /usr/sbin so you can't just type radiusd unless
/usr/sbin is in your path, which it won't unless you're root.
Also, the radius
Alex Moen [EMAIL PROTECTED] writes:
Any advice would be welcome, and let me know if I need to send more
detail...
Sounds like its time to consider something else than Cisco. I can
recommend Juniper ERXes for broadband aggregation. And they certainly
work well with FreeRADIUS.
Oh, I hope the
Hi,
it this a bug or it should be like that ( Client-IP-Address same as
NAS-IP-Address. ) ?
what makes you think they would be different? the client is your
NAS, yes?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
I want to proxy requests to different radius servers matching the
Called-Id of the request instead of matching a realm attached to the
username.
Is this possible with freeradius?
Abel,
Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yes.
DEFAULT Called-Station-Id == someNAS, Proxy-To-Realm := somerealm
DEFAULT Called-Station-Id == anotherNAS, Proxy-To-Realm := anotherrealm
Ivan Kalik
Kalik Informatika ISP
Dana 12/1/2008, Abel Alejandro [EMAIL PROTECTED] piše:
Hello,
I want to proxy requests to different radius
23 matches
Mail list logo