> Le mercredi 30 janvier 2008, Sebastian Heil a écrit :
> > > Sebastian Heil wrote:
> > > ...
> > >
> > > > i added the following lines to the ldap-section:
> > >
> > > ...
> > >
> > > > rlm_ldap: could not start TLS Can't contact LDAP server
> > >
>
>
> It doesn't seem that your TLS is well ini
Hi,
I installed freeradius to manage the wifi network of our organization (17
wifi ap)
It works well when launched in command line (radiusd X), but I cant make
it work as a service,
Service radiusd start seems to work, but radius close immediately after,
so a status will say that radiu
Hello list,
Is there anyway that I could make radclient send a packet from a
diffrent src ipaddress on a multihomed host
--
Kind
Regards
Etienne Pretorius
Network Administrator
Kingsley Technologies
Email: [EMAIL PROTECTED]
Tel: 086 11 KTECH
Local Fax: 086 611 5001
International Fax: +27 21
Hi Etienne,
Use the configuration option:
bind_address = IP.ADD.RE.SS
Regards
--jm
On 30 Jan 2008, at 2:48 PM, Etienne Pretorius wrote:
Hello list,
Is there anyway that I could make radclient send a packet from a
diffrent src ipaddress on a multihomed host
--
Kind Regards
Etienne Pr
Hello,
I recently setup freeradius 1.1.7 to run a EAP-TLS authentication.
My clients run on windows xp pro sp2, with microsoft hotfixes to be
abble to use WPA2 and EAP.
Encryption is WPA2-AES.
All certificates (root and client) are installed in the computer storage
and in the user storage, as
Hello everyone,
I've got some problems with the new version of freeradius, but before I'm going
to open a new bugreport or post long debugtraces from "radiusd -X" I want to ask
here if someone else has made similar experiences.
I've set up a freeradius server version 1.1.7 in our club to authenti
I've just installed 2.0.1 on CentOS 5 with MySQL 5.x. I can get the
clients to authenticate and I see accounting requests come in, also I
see the accounting query as it should be updated to mysql, i.e.,
"expand: UPDATE radacct...". I also see the accounting response
returned to the client, but no a
On Jan 30, 2008 10:41 AM, Devinder Singh <[EMAIL PROTECTED]> wrote:
> Yes i can access mysql rom CLI
>
>
Did you try to create another mysql user account for dialupadmin and give
him the correct rights on the radius database?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/us
Stefan Puch wrote:
> Then some people came with their mobile devices which are running Windows
> Mobile
> 2003, Windows Mobile 5 (WM5) or Windows Mobile6 (WM6) and the problems began.
> The same EAP-TLS certificate which worked fine on a Windows XP machine doesn't
> work on e.g. Windows Mobile 6 P
I've done some more digging as to why the database only gets one
update..
With no detail or detail.work file, freeradius will wake up every 1
second to check for creation - when it gets updated, it puts it into the
database fine.
However it never deletes or changes the detail.work file - so when
UNCLASSIFIED
From:
[EMAIL PROTECTED]
g
[mailto:[EMAIL PROTECTED]
adius.org] On Behalf Of Nicolas
Sent: Thursday, 31 January 2008 03:04
To: freeradius-users@lists.freeradius.org
Subject: radiusd service do not start
Hi,
I installed freeradius to manage the wifi network of our organization
(
With attribute `User-Password' and op = `==' we get this:
rlm_sql (sql): Reserving sql socket id: 4
expand: SELECT id, username, attribute, value, op
FROM radcheck WHERE username = '%{SQL-User-Name}'
ORDER BY id ->
SELECT id, username, attrib
Can you post users entry in the database. it's quite likely that you
left == as the operator instead of using :=.
Ivan Kalik
Kalik Informatika ISP
Dana 30/1/2008, "Andrew Long" <[EMAIL PROTECTED]> piše:
>When I have (radcheck) attribute `User-Password', authentication
>succeeds but we see the fo
Thanks Liran
On 30/01/2008, Liran Tal <[EMAIL PROTECTED]> wrote:
>
>
> On Jan 30, 2008 10:42 AM, Devinder Singh <[EMAIL PROTECTED]> wrote:
>
> > I have hard times with Dial Up Admin
> >
> > Shoud i proceed with daloradius
> >
> > do i install in in srv/www folder
> > like dial up
> >
> >
> >
>
> Y
SnahaD00 wrote: > When I issue command freeradius -x i got this: > rlm_eap_tls:
Loading the certificate file as a chain > rlm_eap: SSL error
error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt The
password you put in the configuration file is not the same as the password use
On Wednesday 30 January 2008 15:31:51 Andrew Long wrote:
> If I change the attribute to `Cleartext-Password', authentication
> fails and I see:
>
> rlm_pap: WARNING! No "known good" password found for the user.
> Authentication may fail because of this.
> ++[pap] returns noop
> rad_check_password
When I have (radcheck) attribute `User-Password', authentication
succeeds but we see the following:
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
rad_check_password: Found Auth-Type CHAP
!!!
!
You could, as an account with sudo privs (administrator), from Terminal,
type:
sudo chown nobody /opt/local/etc/raddb/certs/server.pem
or
sudo chown -R nobody /opt/local/etc/raddb
to change the ownership of that entire directory to nobody.
HOWEVER:
Nobody is not a secure system account. I w
Very simple setup - 1 server - novell suse enterprise 10.0, 1 nas -
Lucent TNT, 700 or so users - all dialup. Would like to use a mysql
database to store usernames and passwords and use the freeradius
dialupdamin web tool for management of users. NAS is currently
authenticating against a remote f
Hi,
I know that this post may not contain all of the required information,
this is just to get things going while I investigate further.
I have had a problem with FreeRADIUS segfaulting intermittently for a
number of months which makes it hard to gather the required
information. The only thi
Good afternoon,
When setting user/group to "nobody" in radiusd.conf, I get some
permissions problems with loading the certs and just wanted to know
how to properly set them to avoid this:
rlm_eap: SSL error error:0200100D:system library:fopen:Permission denied
rlm_eap_tls: Error reading cer
>
>rlm_pap: WARNING! No "known good" password found for the user. Authentication
>m ay fail because of this.
>
So, where is your password stored?
Ivan Kalik
Kaliik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
How do you want it to authenticate? Is there a username/password pair
somewhere of test/test or just you did expect it to work that way out of
the box for some reason?
I think it did what it was supposed to - it checked a bunch of different
authentication methods and didn't find a username/pas
Hi,
When I first run the free Radius using the command
"radtest test test localhost 0 testing123" i found the following errors.
Please help
rad_recv: Access-Request packet from host 127.0.0.1 port 32775, id=80,
length=56
User-Name = "test"
User-Password = "test"
NA
Hi Andrew,
in mysql.conf, there should be another file included:
$INCLUDE sql/${database}/dialup.conf
So, in your case that would be $INCLUDE sql/mysql/dialup.conf
There you should find several accounting queries.
JB
Andrew Long (30.01.2008 15:49):
I expected to see some traffic too soon, now
Hello,
I am in the process of configuring FreeRADIUS 2.0.1. For some realms we
proxy the authentication request to three other servers (svr-1, svr-2,
svr-3). However, what we wanted was to, in effect, round-robin two of
the servers (svr1 and svr-2), and then only use the third server (svr-3)
if th
Stefan Puch wrote on 30.01.2008 11:13:
> Hello everyone,
>
> I've got some problems with the new version of freeradius, but before I'm
> going
> to open a new bugreport or post long debugtraces from "radiusd -X" I want to
> ask
> here if someone else has made similar experiences.
>
> I've set
; I tried the latest snapshot freeradius-server-snapshot-20080130.tar.bz2
but
> this has the same problem.
That's nice. Did you download it from CVS as instructed?
The bug was fixed about 15 minutes before I sent my email. The fix is
*not* in that snapshot. It *is* in CVS
Le mercredi 30 janvier 2008, Sebastian Heil a écrit :
> > Sebastian Heil wrote:
> > ...
> >
> > > i added the following lines to the ldap-section:
> >
> > ...
> >
> > > rlm_ldap: could not start TLS Can't contact LDAP server
> >
It doesn't seem that your TLS is well initiated. I don't think it is
I expected to see some traffic too soon, now it's coming...
but where are the accounting queries?
Andrew
On Jan 30, 2008 8:52 AM, Andrew Long <[EMAIL PROTECTED]> wrote:
> I've just installed 2.0.1 on CentOS 5 with MySQL 5.x. I can get the
> clients to authenticate and I see accounting requests c
What struck me was that you need more attributes, but maybe I missed them:
-cacertfile
-certfile
-keyfile
-Josiah
Sebastian Heil wrote:
Sebastian Heil wrote:
...
i added the following lines to the ldap-section:
...
rlm_ldap: could not start TLS Can't contact LDAP server
Oh. Now I'm embarrassed. Thanks and sorry! :)
-Josiah
Alan DeKok wrote:
# As of 2.0.0, FreeRADIUS supports a simple processing language
# in the "authorize", "authenticate", "accounting", etc. sections.
# See "man unlang" for details.
Alan DeKok.
-
List info/subscribe/
Jørn Kostøl wrote:
> I tried the latest snapshot freeradius-server-snapshot-20080130.tar.bz2 but
> this has the same problem.
That's nice. Did you download it from CVS as instructed?
The bug was fixed about 15 minutes before I sent my email. The fix is
*not* in that snapshot.
I tried the latest snapshot freeradius-server-snapshot-20080130.tar.bz2 but
this has the same problem.
-Opprinnelig melding-
Fra: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] På vegne
av Alan DeKok
Sendt: 30. januar 2008 10:35
Til: FreeRadius users mailing list
Emne: Re: memory
Stefan Puch wrote:
>> Then some people came with their mobile devices which are running Windows
>> Mobile 2003, Windows Mobile 5 (WM5) or Windows Mobile6 (WM6) and the
>> problems began. The same EAP-TLS certificate which worked fine on a Windows
>> XP machine doesn't work on e.g. Windows Mobile
> Sebastian Heil wrote:
> ...
> > i added the following lines to the ldap-section:
> ...
> > rlm_ldap: could not start TLS Can't contact LDAP server
>
> Maybe you need to check that there is an LDAP server listening on that
> port?
>
> Alan DeKok.
>
thanks for your fast answer, alan.
but i
Yes. Use VLANs and port based authentication and they won't be able to
do that. If they manually change IP address to a different VLAN
connection will become unusable.
Ivan Kalik
Kaliki Informatika ISP
Dana 29/1/2008, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> piše:
>Hi,
>
>I have a question.
>When
On Jan 30, 2008 10:42 AM, Devinder Singh <[EMAIL PROTECTED]> wrote:
> I have hard times with Dial Up Admin
>
> Shoud i proceed with daloradius
>
> do i install in in srv/www folder
> like dial up
>
>
Yes you install it wherever you usually place your web projects
on your distribution which is conf
Hi Liran
Do u have Yahoo IM or IRC channel to chat
Ok i will instal and configure daloradius
Will it work well with FreeRadius server
Where do i extract the tar file
i have srv/www folder
Thanks
Devinder
On 30/01/2008, Liran Tal <[EMAIL PROTECTED]> wrote:
>
> On Jan 30, 2008 10:15 AM, Devind
1. You are not sending login requests to this server, or at least they
are not getting there. Is server set up not to recieve auth requests
from the network (only local reqests)? Can you log into it from a
different machine?
2. Is this server restarting on it's own or are you doing that?
Ivan Kal
SnahaD00 wrote:
> When I issue command freeradius -x i got this:
> rlm_eap_tls: Loading the certificate file as a chain
> rlm_eap: SSL error error:06065064:digital envelope
> routines:EVP_DecryptFinal_ex:bad decrypt
The password you put in the configuration file is not the same as the
password
Wm. Josiah Erikson wrote:
> I'm not sure what the syntax rules for the authorize{} section of the
> config files are; I was unable to find any description in the docs of
> how one goes about figuring out how to write these conditional
> statements. What language is it?
$ man unlang
> It seems C
On Jan 30, 2008 10:15 AM, Devinder Singh <[EMAIL PROTECTED]> wrote:
> Hi Liran
> This is my log file i cant find any errors for cannot connect to sql
> database
>
>
If you don't find any connection attempts information then it means
that dialupadmin isn't initiating a connection due to one of the
Mike Zoeteweij wrote:
> Can anyone tell me what I'm doing wrong here?
Read eap.conf. Look for "Windows". See also the wiki.
> Sending Access-Challenge of id 3 to 192.168.100.5:4855
...
> Waking up in 6 seconds...
> --- Walking the entire request list ---
This *exact* behavior is explained
I have hard times with Dial Up Admin
Shoud i proceed with daloradius
do i install in in srv/www folder
like dial up
On 28/01/2008, liran tal <[EMAIL PROTECTED]> wrote:
>
>
> Hey Devinder,
>
> On Jan 28, 2008 4:35 AM, Devinder Singh <[EMAIL PROTECTED]> wrote:
>
> >
> > Hi
> >
> > I am using Dia
Sebastian Heil wrote:
...
> i added the following lines to the ldap-section:
...
> rlm_ldap: could not start TLS Can't contact LDAP server
Maybe you need to check that there is an LDAP server listening on that
port?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/
Yes i can access mysql rom CLI
On 30/01/2008, YvesDM <[EMAIL PROTECTED]> wrote:
>
> On Jan 30, 2008 10:15 AM, Devinder Singh <[EMAIL PROTECTED]> wrote:
>
> > Hi Liran
> > This is my log file i cant find any errors for cannot connect to sql
> > database
> >
> > Thanks
> > Devinder
> >
> >
> > 080
the certificate`s password in the eap.conf is wrong.
On 30/01/2008, SnahaD00 <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I really (desperatelly) need freeradius to work on my schools network - it's
> urgent.
>
> I've got server on Ubuntu 7.04. I setup freeradius accoring to some howtoos
> and tutorials
Jørn Kostøl wrote:
> Local auth and acct works fine, and proxying auth works. But as soon as
> I try to proxy accounting then Freeradius crashes.
The issue isn't proxying, but dealing with attributes that aren't in
the dictionaries. Bug #514 was recently filed about this.
The solution is in
On Jan 30, 2008 10:15 AM, Devinder Singh <[EMAIL PROTECTED]> wrote:
> Hi Liran
> This is my log file i cant find any errors for cannot connect to sql
> database
>
> Thanks
> Devinder
>
>
> 080124 14:48:58 mysqld ended
>
> 080124 14:48:58 mysqld started
> 080124 14:48:58 InnoDB: Started; log seq
Hi Liran
This is my log file i cant find any errors for cannot connect to sql
database
Thanks
Devinder
080124 14:48:58 mysqld ended
080124 14:48:58 mysqld started
080124 14:48:58 InnoDB: Started; log sequence number 0 43655
080124 14:48:58 [Note] /usr/sbin/mysqld: ready for connections.
Vers
Hello again,
> Sebastian Heil wrote:
> > Is there a way to deactivate the ldap.attrmap file?
>
> Edit the source code & re-compile.
>
Maybe i will try it... never done before... :-)
thanks anyway.
i have got another problem. since the authentication via ldap works now quite
ok, i would like
52 matches
Mail list logo