Thanks Kirk for the response ...
I was asking because I didn't know about Login-Time and that solves my
problem ...
But I didn't understanding your solution ... Checking for holidays would
be nice ...
but how would I implement that ? how would this script be called at the
arrival of the request's
On Wed, 2008-09-03 at 23:47 -0500, Marcelo Freitas wrote:
> Hello,
>
> I'm researching to switch my WISP authentication to a RADIUS style ...
>
> I was reading the docs and found a solution for almost all my
> requirements ... besides one ...
> I have an access plan that is based on nights and we
Kirk Wallace wrote:
> ... I don't know enough to know
> what in the freeradius -X output below might indicate a problem. If
> someone sees a problem, please let me know or where to look for more
> help. I am using mschap-v2.
Look at the packet received by the server. There's no MS-CHAPv2
attrib
Marcelo Freitas wrote:
> I have an access plan that is based on nights and weekends ... So on
> this plan I would just authorize based on this criteria ... I know that
> some variables comes with the request, like, date and time of the
> request (or I could even use the server's date and time) but
Ljupco Vangelski wrote:
> The question is whether I can use sql in check items at all?
Not like that.
> (1) For one attribute (Reply-Message), the runtime variable is converted
> into it's runtime value, for the other one (Filter-Id) it just returns
> the text.
The Reply-Message attribute is
Adrian Cowham wrote:
> I stumbled onto some unexpected behavior with freeRADIUS and I'm curious
> if it's a mis-configuration or a defect. The first thing I did was
> comment out all places where radutmp and sradutmp were being used. I
> don't use those files so I figured I'd free up some resources
Chris Moss wrote:
> We are running version 1.1.3. We do have thousands of users in the
> passwd file, could that have something to do with it?
Maybe. Did you enable "cache" in the "unix" module? If so, have you
disabled it?
> Is there a way to
> tell the radius server that if it can't authen
Thomas LAVIGNE wrote:
> I edited the dictionary because they want that the reply exactly match
> this string "Redback-Subscriber-Profile-Name"
No. The names are local, and aren't sent in the packet.
> The Attribute 91 is present on the first part of the dictionary as
> "Red-Profile-name" and i
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello, quite a while ago I got freeradius working with PoPToP using this
link as a guide:
http://poptop.sourceforge.net/dox/radius_mysql.html
except I didn't use SQL, just a users list for my user account
passwords. I tried to move this to a new Ubuntu install but I am having
trouble getting it t
prefix again?
http://lists.freeradius.org/pipermail/freeradius-users/2008-September/msg00039.html
Ivan Kalik
Kalik Informatika ISP
Dana 3/9/2008, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> piše:
>
>Hi,
>
>having read scores of posts to this and other lists I am almost there, many
>of you have hel
hi,
2 things.
1) you already have a radiusd running . which is why it
had errors right at the end.. but, before that
2) the user you are trying to run radiusd as does not
have the right to create files in the raddb/certs
directory. please ensure that, if configured to
run as 'radiusd', that yo
>I edited the dictionary because they want that the reply exactly match
>this string "Redback-Subscriber-Profile-Name"
VSAs are sent encoded as attribute number not their names (so "matching
that string" doesn't make sense). You can rename the attribute, let's
say 91, in your server's dictionary t
alan!!
and install the new version and the probe, probe with radtest and I get
this:
Sending Access-Request of id 236 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "testing123"
NAS-IP-Address = 10.30.1.104
NAS-Port = 1812
rad_recv: Access-Accept packet f
>Is there a way to
>tell the radius server that if it can't authenticate to deny it.
The user attempt with "invalid" shell was rejected:
Wed Sep 3 08:33:48 2008 : Auth: rlm_unix: [username]: invalid shell
[*one Oak United Methodist:/home/loumc:/bin/false*
Wed Sep 3 08:33:48 2008 : Auth: Login inc
Hi,
> ouch!!
> ok, change the version and started again :S
so long as you clear out your older freeradius
install (eg delete the raddb directory) then when you install
2.0.5 is will automatically make the correct (demo) certs
for you when first run
alan
-
List info/subscribe/unsubscribe? S
ouch!!
ok, change the version and started again :S
Like thank you very much!
--
--
Silvero Martin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> Well, I have progressed a bit in the installation of RADIUS EAP TLS.
> what I did was install the version FreeRADIUS-1.0.4.tar.gz on my server,
whoa. stop there.
today is the 3rd of sept 2008. the current release of
FreeRADIUS is 2.0.5
the last 1.x release was 1.1.7
so the question os wh
Good morning everyone!
Well, I have progressed a bit in the installation of RADIUS EAP TLS.
what I did was install the version FreeRADIUS-1.0.4.tar.gz on my server,
configure the client (AP) and modules to work with eap tls, probe with
"radtest" and the response was:
Sending Access-Request of i
I made my own tool.
Sturgis, Grant wrote:
Greetings List,
I am curious what people have done to report on the RADIUS accounting
files. Are there packages out there that read and report on radacct
files? Connections, denies attempts, etc?
Thanks in advance,
Grant
--
Pardon
Alan DeKok напиша:
Ljupco Vangelski wrote:
I'm trying to allow a user to log in from few Calling-Station-Ids, but
to load them at run-time (read them from mysql table). For that I'm
trying to use sql statement in radcheck, but it doesn't seem to be working.
Here is a simplified example (mysq
Hello All,
I stumbled onto some unexpected behavior with freeRADIUS and I'm curious if
it's a mis-configuration or a defect. The first thing I did was comment out
all places where radutmp and sradutmp were being used. I don't use those
files so I figured I'd free up some resources by commenting th
Greetings List,
I am curious what people have done to report on the RADIUS accounting
files. Are there packages out there that read and report on radacct
files? Connections, denies attempts, etc?
Thanks in advance,
Grant
--
Pardon this rubbish:
This electronic message tran
Hi,
First, thanks Alan for your super quick response.
I edited the dictionary because they want that the reply exactly match
this string "Redback-Subscriber-Profile-Name"
The Attribute 91 is present on the first part of the dictionary as
"Red-Profile-name" and is not on the second part "new na
We are running version 1.1.3. We do have thousands of users in the
passwd file, could that have something to do with it? Is there a way to
tell the radius server that if it can't authenticate to deny it. I'm
wondering if the OS itself is getting overloaded causing this.
Chris Moss
Alan DeK
Thomas LAVIGNE wrote:
> I have a problem with a FreeRadius server. The guys at the other side
> says that the reply coming from my server is not correct.
> Have somebody any idea how to solve this :
Change the configuration on your server to send the correct reply?
> Maybe I have added the Redb
Hi,
having read scores of posts to this and other lists I am almost there, many
of you have helped already without knowing it.
I'm using FreeRADIUS Version 2.0.5, compiled with the eDir extension.
I can get it to work if I un-tick the box on XP that says "Automatically
use my Windows login name
Hi all,
I have a problem with a FreeRadius server. The guys at the other side
says that the reply coming from my server is not correct.
Have somebody any idea how to solve this :
Maybe I have added the Redback subscriber attribute at the wrong place
in the redback dictionary ?
I checked
Chris Moss wrote:
> Here is an example of a user who is turned off. This shows the invalid
> shell where it pulls out part of the passwd entry of another user. Note
> the username in this is all the same user.
>
> Wed Sep 3 08:33:34 2008 : Auth: rlm_unix: [username]: invalid password
The serve
I've added a RADIUS administration interface to the latest git tree.
It's experimental (i.e. VERY), and has little authentication or
authorization. It's purpose is to test the concepts, and to see if it's
what users want.
Server configuration: raddb/sites-available/control-socket
Client: r
Here is an example of a user who is turned off. This shows the invalid
shell where it pulls out part of the passwd entry of another user. Note
the username in this is all the same user.
Wed Sep 3 08:33:34 2008 : Auth: rlm_unix: [username]: invalid password
Wed Sep 3 08:33:34 2008 : Auth: Logi
Here is a debug of when it works:
rad_recv: Access-Request packet from host XXX.XXX.XXX.X:1812, id=113,
length=100
User-Name = "[EMAIL PROTECTED]"
User-Password = "0844"
NAS-Identifier = "redback"
Calling-Station-Id = "mdvi11100400714"
Service-Type = Framed-Us
Chris Moss wrote:
> We've been running Freeradius for a long time without any issues. We
> typically turn a customer off by changing the password in the passwd
> file. We use the passwd file for authentication. The issue is
> intermittent the customer is DSL so they will try to log in for a couple
We've been running Freeradius for a long time without any issues. We
typically turn a customer off by changing the password in the passwd
file. We use the passwd file for authentication. The issue is
intermittent the customer is DSL so they will try to log in for a couple
of hours constantly be
Michał Iwaszko wrote:
> Hello. Is it possible to pair users with clients? I wan't to
> authenticate users on one RADIUS server for different services and "set
> up permissions", that certain client (that the user is connecting to)
> can only authenticate users for example with certain Auth-Type, so
Hello. Is it possible to pair users with clients? I wan't to authenticate
users on one RADIUS server for different services and "set up permissions",
that certain client (that the user is connecting to) can only authenticate
users for example with certain Auth-Type, so it will not be possible to
ac
36 matches
Mail list logo
