Hello,
I'm using Freeradius 1.1.17 version with Cisco's BBSM. With MySqL database
too. I've storing username, passwords in mysql db. For now, authentication
is OK. I want to check MAC address of users while they are authenticating.
Inmy radcheck table:
| id | UserName| Attribute | op
On Jan 24, 2008 3:14 PM, Marinko Tarlac <[EMAIL PROTECTED]> wrote:
> I saw that freeradius project has his own chat channel but what about
> forum? I read all emails in this list and some of these mails should be
> available on some kind of forum so we can share experience.
>
> What do you think?
It is solved now. I deleted FR .4 and migrated to .7 with fresh clean
install. I didn't use the old files.
Thanks
[EMAIL PROTECTED] wrote:
Hi,
Please don't be angry. I'm trying to fix this issue because it works
perfectly on FR1.1.7
if you've copied the config files direct from 1.1.
Andrew D Kirch wrote:
> When I connect a client to freeradius the client authenticates, gets an
> accept/accept, but does not get an IP address. I've tried it with the
> Group and Pool-Name directives in each client's block, and I've tried it
> with them in a DEFAULT by themselves. Neither has ha
There is a history of this mailing list, but searching something is a
nightmare.
Imho forum would be great for that.
Sent from my BlackBerry® wireless device
-Original Message-
From: Marinko Tarlac <[EMAIL PROTECTED]>
Date: Thu, 24 Jan 2008 22:14:23
To:FreeRadius users mailing list
S
Thanks Alan,
Looking into it more what I really need to do is take a list of
existing usernames and proxy them to an external server, but allow
other usernames with the same format to be handled by a virtual server
in the FreeRADIUS box.
The list can be in a database or a text file or hard-coded i
I saw that freeradius project has his own chat channel but what about
forum? I read all emails in this list and some of these mails should be
available on some kind of forum so we can share experience.
What do you think?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/us
Hi,
I'm the guy that's trying to kinda duplicate eduroam, if you
remember - I had an outdated server and Alan recommended I update to
v2.0.1, which I have now done.
I've gotten this working (after updating my server and building
freeradius packages for it) - in 2.0.1, when I uncommented th
It's all in black and white:
# for different users. The Pool-Name attribute is a *check* item not
# a reply item.
#
# Example:
# radiusd.conf: ippool students { [...] }
# users file : DEFAULT Group == students, Pool-Name := "students"
#
Y
Alan DeKok wrote:
Andrew D Kirch wrote:
When I connect a client to freeradius the client authenticates, gets an
accept/accept, but does not get an IP address. I've tried it with the
Group and Pool-Name directives in each client's block, and I've tried it
with them in a DEFAULT by themselves.
On Thursday 24 January 2008 13:10:09 Alan DeKok wrote:
> And with all of the information you posted, you didn't include the
> most important, which is requested in the FAQ, README, INSTALL, "man"
> page, and daily on this list: radiusd -X.
>
> Is there some other place in the documentation wher
wiki.freeradius.org
a little bit slow actualy.
On 24/01/2008, German Anguiano Bayardo <[EMAIL PROTECTED]> wrote:
>
>
> Hi guys. I'm a beginner with the Radius protocol. I've been using Linux
> for a while now, so I hope it doesn't take me too long to catch the idea.
>
> Sorry in advance if a mak
German Anguiano Bayardo wrote:
> They say the only missing part is a Radius Server where to authenticate the
> users. The steps are as follows:
> 1.- The user uses his laptop to access Internet, open the web browser and get
> a Welcome Page, where they have to login
> 2-. When they give user an p
Hi guys. I'm a beginner with the Radius protocol. I've been using Linux for a
while now, so I hope it doesn't take me too long to catch the idea.
Sorry in advance if a make some stupid questions. Ok, here I go.
I'm in a new job. My boss told me that they attempted to setup a Hotspot for
free
When I connect a client to freeradius the client authenticates, gets an
accept/accept, but does not get an IP address. I've tried it with the
Group and Pool-Name directives in each client's block, and I've tried it
with them in a DEFAULT by themselves. Neither has handed out an IP address.
Syst
hi to all.
created the certificates with the default config files in FR 2.0.1 with
./bootstrap
created the client certificate with
make client
the import of the ca.pem and server.crt in winxp is OK.
they link with each-other ok ( ca->server )
the import of client.p12 is ok but it doesnt have a
Tomasz Zieleniewski wrote:
> I didn't set it explicit. I don't know what caused setting Auth-Type to
> Local!!
> But I found my error. The problem was in ldap
> I didn't have Auth-Type Set in radius and I used old config from docs
> directory which didn't have set_auth_type parameter.
OK.
>
Markus Moeller wrote:
> That was the only way I could get it to work. If I use update control
> anybody can login, whereas in my setup only a user who exits in ldap get
> AUth-Type set to LDAP all other users have an empty value and therefore
> can not authenticate.
The LDAP module setting Auth-
On Wed 23 Jan 2008, Frank Büttner wrote:
> Hello,
> can it be, that the site is down?
Unfortunately apache is getting stuck for some reason. I am still trying to
figure out why. Sorry for the bumps.
--
Peter Nixon
http://peternixon.net/
-
List info/subscribe/unsubscribe? See http://www.freera
On Jan 24, 2008 9:59 AM, Alan DeKok <[EMAIL PROTECTED]> wrote:
> Tomasz Zieleniewski wrote:
> > Still something is wrong.
> >
> > I have the following authorize section:
> ...
>
> In which the default configuration has been massively changed.
>
> I'm not sure where else to document this: If you
Background:
When a user associated with the ssid Guest, the user will authenticate
against a FreeRadius server. If he has a university account, the FreeRadius
server will authenticate him via LDAP. If he does not have a university
account, the FreeRadius server will do the authentication with
Amr el-Saeed wrote:
i have OS RHEL5
yes, i'm sure
i added the option in the SPEC file and then build the RPM
and about the second issue , i didn't have a debugging kernel but i
got one and install it and boot with it and got the same output !!
made RPM file with ( rpmbuild -ta free
"Alan DeKok" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Markus Moeller wrote:
I am new to freeradius and try to authenticate users with pam and
authorize
with ldap groups. I try to find a minimal configuration but have some
problems forcing the Auth-Type to be PAM.
You a
Hi All,
I solved this problem using cert gen tools from 2.0.1 version of FreeRadius,
as advised by Alan.
Sending Access-Accept of id 108 to 10.40.0.114 port 1073
User-Name = "LDAPAFONE\\nsouleman"
MS-MPPE-Recv-Key =
0x98a6ba5cb9a9a972244128a592224d932a0350aaf8d4dda665a747
Dean, Barry wrote:
> I added this to the "authorize" section of radiusd.conf just after
> "preprocess" and before "auth_log" and it gives the error:
>
> radiusd.conf[1810]: ERROR: Unknown attribute reject
> radiusd.conf[1808]: Failed to parse "update" subsection.
> radiusd.conf[1788]: Errors pars
Mike O'Connor wrote:
> The documentation does not mention these options so I assume that you
> mean it would need writing ?
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> "man unlang". Look for "case-insensitive". In this case, you would
> delete that "users" file entry, and use "unlang"
> authorize {
> ...
> if ("%{User-Name}" =~ /special/i) {
> update reply {
> Reply-Message = "Cannot use this user account"
>
Look at the freeradius dictionaries. All of those.
Ivan Kalik
Kalik Informatika ISP
Dana 24/1/2008, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> piše:
> > Is it possible to extract (to filter) different field in a ldap entry on
>> the base of the "nas" ip address?
>
>ok i've found out this old threa
Hi Alan
The documentation does not mention these options so I assume that you
mean it would need writing ?
One option is to add more filtering operators. e.g. "-~", meaning
"regex match, and remove". Or perhaps a better way, is to add a
"filter" section:
filter request { # filter
Hi,
> i have OS RHEL5
it looks like it didnt build with the required debug parts - once
again, as you are using the SPEC for your distro they could have other
things that mess it up - I can only help if you build
from the source and leave package management stuff alone.
alan
-
List info/subscribe
> Is it possible to extract (to filter) different field in a ldap entry on
> the base of the "nas" ip address?
ok i've found out this old thread
http://lists.cistron.nl/pipermail/freeradius-users/2004-December/039132.html
and it was realy usefull, but i still have problem to make the rule in
us
>rad_recv: Access-Request packet from host 192.168.1.7:1119, id=0, length=44
>User-Name = "fred"
>User-Password = "wilma"
> Processing the authorize section of radiusd.conf
>modcall: entering group authorize for request 0
> modcall[authorize]: module "preprocess" returns ok for re
hi,
turn on the SQL debug logging in FreeRADIUS and see
what the output of the SQl was
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Unsubscribe.
Thanks,
Attention:
Any non-official business related views, opinions and other information
presented in this electronic mail
are solely those of the sender/author.
Burgan Bank does not endorse or accept responsibility for their opinions. If
you are not the addressed
indicated in t
Tomasz Zieleniewski wrote:
> Still something is wrong.
>
> I have the following authorize section:
...
In which the default configuration has been massively changed.
I'm not sure where else to document this: If you are not clear on how
the server works, then DO NOT CHANGE THE DEFAULT CONFIGU
i have OS RHEL5
Amr el-Saeed wrote:
Hi Alan,
yes, i'm sure
i added the option in the SPEC file and then build the RPM
and about the second issue , i didn't have a debugging kernel but i
got one and install it and boot with it and got the same output !!
and ideas ??
thanks for help
(gdb)
Hi
Still something is wrong.
I have the following authorize section:
authorize {
preprocess
auth_req_log
suffix
sql
ldap
}
I tried such authenticate sections:
authenticate {
37 matches
Mail list logo