Ljupco Vangelski wrote:
The question is whether I can use sql in check items at all?
Not like that.
(1) For one attribute (Reply-Message), the runtime variable is converted
into it's runtime value, for the other one (Filter-Id) it just returns
the text.
The Reply-Message attribute is
Marcelo Freitas wrote:
I have an access plan that is based on nights and weekends ... So on
this plan I would just authorize based on this criteria ... I know that
some variables comes with the request, like, date and time of the
request (or I could even use the server's date and time) but I'd
Kirk Wallace wrote:
... I don't know enough to know
what in the freeradius -X output below might indicate a problem. If
someone sees a problem, please let me know or where to look for more
help. I am using mschap-v2.
Look at the packet received by the server. There's no MS-CHAPv2
On Wed, 2008-09-03 at 23:47 -0500, Marcelo Freitas wrote:
Hello,
I'm researching to switch my WISP authentication to a RADIUS style ...
I was reading the docs and found a solution for almost all my
requirements ... besides one ...
I have an access plan that is based on nights and weekends
Thanks Kirk for the response ...
I was asking because I didn't know about Login-Time and that solves my
problem ...
But I didn't understanding your solution ... Checking for holidays would
be nice ...
but how would I implement that ? how would this script be called at the
arrival of the
Hi,
I am a newbie for FreeRadius. I need some information on freeradius
regarding my requirement for authentication and session control.
I want to setup the system like..
1 One centralized server running on a Linux machine for authentication.
2 Client Linux machine in the network which should
hello
can anyone tell me the difference between hotspot system and radius servers
in hotspot system client connecting directly to the ap then when they want to
connect
explorer open a page that ask username and password
i ask this question becauser still i cant understant the certificates,
am i
[EMAIL PROTECTED] wrote:
As I understand it the prefix realm should match my PCs output of
PC12345\NAME and create a Stripped-User-Name with just the NAME in it.
If the realm is already defined. Realms are usually used for
proxying, where there are a small number of essentially static
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Praveen Kumar wrote:
I am a newbie for FreeRadius. I need some information on freeradius
regarding my requirement for authentication and session control.
I don't think RADIUS can do that. I'm not even sure LDAP can do that.
3 Once authenticated, the user should be allowed the single-sign
Hi all,
i've installed freeradius-2.0.5 on Red-Hat 5.0 and i want to configure my
radius server to replicate (i think NOT to proxy...waht is the different?)
only accounting packets to another radius server based on apn name (NOT for
user realm); always based on apn name attribute i want to assign
Hi,
I don't necessarily want to use realms, it just says in the documentation
that is the way it should be done.
If there is a simpler way, I'm happy to use it, as I said before this is
the last part of the puzzle and I just want to roll it out.
So should I create a realm called DEFAULT, or is
oh ok!
but the user whit i trying to run radiusd is root, why say that? is posible?
thanks you!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
No, cache was not enabled. Just a thought on the denying, I thought
maybe it just couldn't get a good result one way or the other so it
would just allow it. Any other thoughts on would could be causing this
issue? Like I said this only seems to be happening on dsl customers that
constantly try
On Thu, 2008-09-04 at 07:59 +0200, Alan DeKok wrote:
... snip
Look at the packet received by the server. There's no MS-CHAPv2
attributes in it. So you're *not* doing MS-CHAPv2.
Fix PPP to send MS-CHAPv2 attributes when it's supposed to be doing
MS-CHAPv2 authentication.
Alan
Chris Moss wrote:
No, cache was not enabled.
Then your OS is buggy.
Just a thought on the denying, I thought
maybe it just couldn't get a good result one way or the other so it
would just allow it.
Absolutely not.
Any other thoughts on would could be causing this
issue?
As I
On Thu, 2008-09-04 at 01:35 -0500, Marcelo Freitas wrote:
Thanks Kirk for the response ...
I was asking because I didn't know about Login-Time and that solves my
problem ...
But I didn't understanding your solution ... Checking for holidays would
be nice ...
but how would I implement
[EMAIL PROTECTED] wrote:
So should I create a realm called DEFAULT, or is DEFAULT a parameter to be
used with a realm ?
Read raddb/proxy.conf. Look for DEFAULT.
prefix is before suffix, I assumed that it would match first.
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Piero Santi wrote:
i've installed freeradius-2.0.5 on Red-Hat 5.0 and i want to configure
my radius server to replicate (i think NOT to proxy...waht is the
different?) only accounting packets to another radius server based on
apn name (NOT for user realm); always based on apn name attribute i
I would love some help getting freeradius to authenticate from my windows 2003
server.
I am running freeradius Version 2.0.5 on a VMware instance with CentOS 5.1.
I get the following error
No authenticate method (Auth-Type) configuration found for the request when
trying to authenticate a
Hi Alan,
it works fine!
The last questionwhat is the different between Proxy-To-Realm and
Replicate-To-Realm ?
Thanks,
Piero
2008/9/4 Alan DeKok [EMAIL PROTECTED]
Piero Santi wrote:
i've installed freeradius-2.0.5 on Red-Hat 5.0 and i want to configure
my radius server to replicate
OK, this makes a little more sense now, I added ..
realm DEFAULT {
}
to proxy.conf, I now get
rlm_realm: Looking up realm HOST for User-Name = HOST\NAME
rlm_realm: Found realm DEFAULT
rlm_realm: Adding Stripped-User-Name = NAME
rlm_realm: Adding Realm = DEFAULT
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = yes
ntlm_auth = /usr/bin/ntlm_auth --request-nt-key
--username=%{mschap:User-Name:-None} --domain=%{mschap:NT-Domain:-MYDOMAIN}
--challenge=%{mschap:Challenge:-00}
hello
can anyone tell me the difference between hotspot system and radius servers
in hotspot system client connecting directly to the ap then when they want to
connect
explorer open a page that ask username and password
.. which are then authenticated by radius server :-p
(OK, it can be done
I am installing a new server running freeradius 2.0.5 to replace a server
running 1.1.7.
In our unique situation I have until now been using the rlm_unix module in
multiple instances to read about 5 different passwd/shadow file combinations.
This was fine until 2.05 were the ability to
I mainly used Radius to monitor the amount
of traffic from each user because I am thinking about going to metered
accounts, but I think radius is mainly a means to manage logins. I am
guessing it may not be the most appropriate thing for much else.
Guess again!
Remote Authentication Dial In User
thanks for your help Ivan Kalik
you sad peap doesn't need client certificates but if you are using
self-signed certificates you need to import CA certificate to user
machines.what will i do for dont uses client certificates
i read all documents in deployingradius.com
i think i cant find
it is
On Thu, 2008-09-04 at 07:36 -0700, Kirk Wallace wrote:
On Thu, 2008-09-04 at 07:59 +0200, Alan DeKok wrote:
... snip
Look at the packet received by the server. There's no MS-CHAPv2
attributes in it. So you're *not* doing MS-CHAPv2.
Fix PPP to send MS-CHAPv2 attributes when it's
Piero Santi wrote:
The last questionwhat is the different between Proxy-To-Realm and
Replicate-To-Realm ?
Replicate-To-Realm doesn't work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I have a problem loading freeradius since i enabled sqlippool
i get the following message:
freeradius: symbol lookup error:
/usr/lib/freeradius/rlm_sqlippool-2.0.5.so: undefined symbol: sql_get_socket
here the result of an ldd against rlm_sqlippool:
ldd
Dear freeradius users,
I have a special scenario. Today I have many freeradius servers,
each one responsible for differente services.
Now I want to group this freeradius servers into one master server,
but I have users in many differente usergroups (one for each service).
How can I
Hello,
I want to setup sqlcounter to prevent users to login once they have
reached traffic quota.
So i added a new specific sqlcounter in
raddbb_dir/sql/mysql/counter.conf, and the name of that counter in the
authrorize section.
All is as follow:
#counter.conf#
sqlcounter bytesQuota {
Alexandre Chapellon wrote:
I have a problem loading freeradius since i enabled sqlippool
You need to enable the SQL module, too.
i get the following message:
freeradius: symbol lookup error:
/usr/lib/freeradius/rlm_sqlippool-2.0.5.so: undefined symbol: sql_get_socket
...
and none of the
Alexandre Chapellon wrote:
whenever i launch freeradius -X I get the folloawing error:
/etc/freeradius/users[205]: Parse error (check) for entry scott: Invalid
octet string 101 for attribute name Max-Traffic
The modules are initialized in *order*. The sqlcounter module creates
the
Mark Jones wrote:
In our unique situation I have until now been using the rlm_unix module
in multiple instances to read about 5 different passwd/shadow file
combinations. This was fine until 2.05 were the ability to specify the
path to those files has been removed. I know it is suppose to be
35 matches
Mail list logo