Dear group,
you obviously still know my old thread:
http://lists.freeradius.org/mailman/htdig/freeradius-users/2008-July/msg00091.html
I am using still freeradius 1.1.7
Well, the problem was not the foreign server which had the problems. It is kind
of embarrassing to say: The reason was my acce
What is working: I can use the "[EMAIL PROTECTED]" from a foreign enterprise to login and
use the WLAN. No problem here. But the other way round doesn´t work. I asked a collegue from one of
those foreign enterprises to test the login with "[EMAIL PROTECTED]"
He gave me the following error mes
paul smith wrote:
> Its a RADIUS appliance with a nice GUI, but I think FreeRADIUS offers
> all the features that it does.
Pretty much, yes. It has other features (captive portal, etc.), but
those may not be critical in your site.
> Does anyone have any experience of it? Or a comparison betwee
Hi
>Is the "outside central server" configured to forward mydomain.com to
>your server?
>Check if you see his failed attempt on your own server at all. If it
>isn't there, the request was rejected earlier in the proxy chain.
It definitely is configured to proxy the request to my server.
(We are
Hi,
It definitely is configured to proxy the request to my server.
(We are not the first ones having this service, there are more than 100 I think that
already have this. So I trust those peaple managing the "outside central
server" when they say it it configured...)
Well in this case: as
Hello,
I would like to ask client to provide certificate during TTLS.
I saw in eap.conf that I have to set EAP-TLS-Require-Client-Cert = Yes
in the contol items for a request.
Does this mean that I have to set this in my users file for the user
entry that interests me? Could you provide a litt
Cristian Novac wrote:
> I would like to ask client to provide certificate during TTLS.
> I saw in eap.conf that I have to set EAP-TLS-Require-Client-Cert = Yes
> in the contol items for a request.
> Does this mean that I have to set this in my users file for the user
> entry that interests me? Cou
I tried to insert accounting requests in oracle db, but the following error
occurs when i try to start the radius server : rlm_sql_oracle.so: cannot
open shared object file: No such file or directory
Module: Linked to module rlm_sql
Module: Instantiating sql
sql {
driver = "rlm_sql_or
andreiv wrote:
> I tried to insert accounting requests in oracle db, but the following error
> occurs when i try to start the radius server : rlm_sql_oracle.so: cannot
> open shared object file: No such file or directory
See the FAQ.
Also, ensure that you have the correct Oracle libaries and
Thanks again, Alan.
Radius is now running and working fine.
I tested it using radtest
"radtest fpohl localhost 1812 "
and I got an OK result
"rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=162,
length=20"
My question is now regarding users.
The user fpohl is a regular Un
Frederick William Borges Pohl wrote:
> The user fpohl is a regular Unix user I created with useradd but it does not
> belong to the same group as radiusd.
There is NO relationship between the group membership of users, and
the group that the RADIUS server runs as. They are completely
independe
hi,
I'd follow eg the FAQ
http://wiki.freeradius.org/FAQ
eg How do I use Login-Time for groups, not for users?
DEFAULT Group == "daysonly", Login-Time := "0800-2000"
DEFAULT Group == "weekdays", Login-Time := "Wk0800-2000"
of course, you dont care about timesso justhave eg
DEFAULT Group
Hi all,
I have just recently migrated from 1.1.7 to 2.0.5. In 1.1.7 I had the
postauth sql logging turned on to log successful and failed auth attempts.
I not able to find where I would add it in 2.0.5 to enable this feature. I
see the sql statement in the dialup.conf config file but I am unsure
Jeff Crowe wrote:
> I have just recently migrated from 1.1.7 to 2.0.5. In 1.1.7 I had the
> postauth sql logging turned on to log successful and failed auth attempts.
> I not able to find where I would add it in 2.0.5 to enable this feature.
Read radiusd.conf, especially the last few lines. It
Alan,
iptables -L -n output shows
Chain INPUT (policy ACCEPT)
target prot opt sourcedestination
Chain OUTPUT (policy ACCEPT)
target prot opt sourcedestination
Chain FORWARD (policy ACCEPT)
target prot opt sourcedestination
tcpdump shows nothing when I am
Thanks again, Alan.
Radius is now running and working fine.
I tested it using radtest
"radtest fpohl localhost 1812 "
and I got an OK result
"rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=162,
length=20"
My question is now regarding users.
The user fpohl is a regular Un
Hi,
> However, ifconfig shows eth0 has the wrong IP address. It looks like it
> grabbed a DHCP address from my Windows DHCP server. When I look at eth0
> connection properties on the task bar it shows 172.16.3.4. In
> /etc/hosts, under System Administration Network Configuration, and on
> my D
I am having a problem configuring management users for Cisco WLC. Here's
my basic users file:
DEFAULT Service-Type = NAS-Prompt-User,
cisco-avpair += "shell:priv-lvl=2",
Fall-Through = 1
test User-Password == ""
Service-Type = Ad
for example mi have this problem:
when I run radiusd-X -x strip me this mistake even if the PATH're ok. what
is?
>
>
>
>
> Tue Aug 5 11:00:31 2008 : Error: rlm_eap: SSL error error:06065064:digital
> envelope routines:EVP_DecryptFinal_ex:bad decrypt
> Tue Aug 5 11:00:31 2008 : Error: rlm_eap_tl
: ERROR: Failed to open socket: cannot bind socket: Address already in use
hello! when ejecute radiusd -X -x :
Wed Aug 6 16:53:31 2008 : Error: ERROR: Failed to open socket: cannot bind
socket: Address already in use
Wed Aug 6 16:53:31 2008 : Error: /usr/local/etc/raddb/radiusd.conf[236]:
Error
Thanks again, Alan.
Radius is now running and working fine.
I tested it using radtest
"radtest fpohl localhost 1812 "
and I got an OK result
"rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=162,
length=20"
My question is now regarding users.
The user fpohl is a regular U
Been using Freeradius for years..
Quad core Xeon server
New Server setup UBUNTU 8.04
Mysql 5.0.51
Running newest version of freeradius
Have dual mysql databases running .. One has all the user data and the other
gets all the accounting.
The server takes about 20-30 seconds to start.. Where on th
Thanks Alan,
It does seem to be freeradius underneath on closer inspection.
An interesting question comes from this, if they have added additional
modules are they required by the freeradius license to opensource the code
for these modules as they are compiled with the server?
On Wed, Aug 6, 2008
Hi all!
I have been trying to read up on MAC authentication and implementing
that into a sql database. The MAC authentication with a userfile was no
problem. But i
hit the wall when i wanted to use a database instead of text file. Is
there any good HOWTO's out there on this one?
The configur
Hi,
test User-Password == ""
Service-Type := Administrative-User,
cisco-avpair += "shell:priv-lvl=15"
operator changed from = to :=
man 5 users
Attribute = Value
Not allowed as a check item for RADIUS protocol
attributes. It is allowed
Hi,
Another radius server is running there already. find and kill.
kind regards
Pshem
2008/8/7 Martin Silvero <[EMAIL PROTECTED]>:
> : ERROR: Failed to open socket: cannot bind socket: Address already in use
> hello! when ejecute radiusd -X -x :
>
>
> Wed Aug 6 16:53:31 2008 : Error: ERROR: Fa
On Wed, Aug 06, 2008 at 05:18:51PM -0400, Cris Boisvert wrote:
> Been using Freeradius for years..
>
> Have dual mysql databases running .. One has all the user data and the other
> gets all the accounting.
>
> The server takes about 20-30 seconds to start.. Where on the previous
> servers old P3
Hi Alan,
Thanks, I was able to build freeradius 2.0.5 on Solaris 10. However,
server is not running, and I see below error when I run "radiusd -X".
Here is the output.
FYI - i have built openssl v 0.9.8h at /usr/local/ssl prior to
./configure, make, and make install.
Thanks for your further help
Frederick William Borges Pohl wrote:
Stop posting the same message again and again and again.
Your questions were answered already. If you didn't see the answers,
go look at the archives on the web.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/use
Rafiqul Ahsan wrote:
> Thanks, I was able to build freeradius 2.0.5 on Solaris 10. However,
> server is not running, and I see below error when I run "radiusd -X".
> Here is the output.
...
> make_cert_command = "/usr/local/etc/raddb/certs/bootstrap"
>}
> Exec-Program output:
It's tryi
Kjell Bruheim wrote:
> I have been trying to read up on MAC authentication and implementing
> that into a sql database. The MAC authentication with a userfile was no
> problem. But i
> hit the wall when i wanted to use a database instead of text file. Is
> there any good HOWTO's out there on this o
paul smith wrote:
> It does seem to be freeradius underneath on closer inspection.
How can you tell?
> An interesting question comes from this, if they have added additional
> modules are they required by the freeradius license to opensource the
> code for these modules as they are compiled wit
I see below error when I execute bootstrap
bash-3.00# /usr/local/etc/raddb/certs/bootstrap
...
make: Nothing to be done for `ca'.
make: Nothing to be done for `server'.
make: `dh' is up to date.
/bin/sh: test: argument expected
make: *** [random] Error 1
hi ,
i have setup mysql database with free radius server.if you have any
quest from building to connecting then let me know.on which stage your are
...and what steps yuor are going to perform.hope you will get reply with in
couple of days and connceted to database.
best regards
yawar hadi
Alan DeKok skrev:
Kjell Bruheim wrote:
I have been trying to read up on MAC authentication and implementing
that into a sql database. The MAC authentication with a userfile was no
problem. But i
hit the wall when i wanted to use a database instead of text file. Is
there any good HOWTO's out t
have you connected freeradius server with mysql databsse ?
first ans this then we will move onword
On Thu, Aug 7, 2008 at 11:44 AM, Kjell Bruheim <[EMAIL PROTECTED]>wrote:
> Alan DeKok skrev:
>
>> Kjell Bruheim wrote:
>>
>>
>>> I have been trying to read up on MAC authentication and implementing
36 matches
Mail list logo
