Ing. Alfonso Reyes wrote:
This is my first alias, the reason of this alias is because I have a
freeradius server on my server to provide authentication, everything was
working fine until I tried to set it up to use mysql, after I configure my
server to check the mysql database I'm getting the
On Thu, Sep 18, 2008 at 01:11:33PM -0400, Xiaochen Jing wrote:
Thanks Alan and Maxim,
So after Freeradius reads the username/password in SQL, how can we bind
username/password to a specific ippool?
It's a check item so this attribute goes in either radcheck or
radgroupcheck, depending on
freeradius 2.1.0 default mysql schema don't have nasidentifier table. And the
mysql query in dialup.conf also don't have nasidentifier value.
It is purposely left out the nasidentifier?
My work around is adding nasidentifier and it's value as below.
accounting_start_query = \
INSERT
On Mon, Sep 22, 2008 at 07:26:24PM +0100, [EMAIL PROTECTED] wrote:
Hi,
User-Name = \\raduser
^
ha. okay. with just a plain username you are safe,
but with this windows case, you are dealing with
\r - which is a special character. its
Hi everybody,
I'm using a self compiled version of FreeRADIUS 2.1.0 on a Linux x86
box running ubuntu 8.04 updated.
I've been able to succesfully install and configure the server and to
run some test using a D-Link access-point getting a regular Access-
Accept.
My troubles started when I
Hi,
I have configured FreeRadius on Centos 5.
It is configured properly and ready to process requests.
I get following output in log file:
Tue Sep 23 14:26:04 2008 : Info: Using deprecated naslist file. Support for
this will go away soon.
Tue Sep 23 14:26:04 2008 : Info: rlm_exec: Wait=yes
piston wrote:
freeradius 2.1.0 default mysql schema don't have nasidentifier table. And the
mysql query in dialup.conf also don't have nasidentifier value.
It is purposely left out the nasidentifier?
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Try putting your NAS in /usr/local/etc/raddb/clients.conf and making
sure you set the proper shared password.
Are you testing it locally or are you using a real access-point?
Lu
Il giorno 23/set/08, alle ore 14:22, Tomislav Goluza ha scritto:
Hi,
I have configured FreeRadius on Centos 5.
Luca Adamo wrote:
My troubles started when I decided to implement a new module. My module
has a structure similar to the sql module in fact it is used to query a
MySQL database. I have been able to make this module connect to the
database and to perform some operation on the reply packet
Tomislav Goluza wrote:
I get following output in log file:
When debugging, run the server in debug mode. This is in the FAQ,
README, INSTALL, and daily on this list.
I don't get any response after I send Access-Request.
What could be possible cause(s) for this?
Run the server in debug
Hi,
I put NAS in clients.conf and I checked the password.
I'm testing both, locally with NTRadPing Test Utility and with real access
point.
I don't get through.
Tomislav
2008/9/23 Luca Adamo [EMAIL PROTECTED]
Try putting your NAS in /usr/local/etc/raddb/clients.conf and making sure
you set
Il giorno 23/set/08, alle ore 14:36, Alan DeKok ha scritto:
Source code questions usually belong on freeradius-devel.
You don't need to edit the source code to change the SQL schema or
queries. Just change the SQL schema and queries in the configuration
files. That's why the queries are
Luca Adamo wrote:
I'm also trying to put the source code of that function from sql.c to my
module.
I would suggest *not* re-writing the SQL module.
Instead, look at rlm_sqlippool in git.freeradius.org. It leverages an
existing SQL module to do additional queries. It means that you don't
I am somewhat confused.
My RADIUS server forgot about some clients, all by itself, honest!
Users stopped being able to authenticate (I say users, we had one!), using
eduroam from Portugal, turns out that some time after September 5th, the RADIUS
server stopped recognising the JANET roaming
Dean, Barry wrote:
My RADIUS server forgot about some clients, all by itself, honest!
Nope. You have clients listed as *hostnames* rather than *addresses*.
Who ever controls DNS changed the mapping of hostname to address, so
the old address is no longer accepted.
Alan DeKok.
-
List
Thanks Alan,
I have the git master tar file, do you recommend I do a git diff to try and
find the differences or how best to proceed to narrow down the issue.
Thanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
My company has purchased several of the RSA Securid appliances to provide
OTP for our environment. The architecture calls for proxying from a
central freeRADIUS server (on RHEL 5) to the RSA Securid appliances.
I am new to the RADIUS protocol (1 week now), but I have my freeRADIUS
Charlie B wrote:
I have the git master tar file, do you recommend I do a git diff to try
and find the differences or how best to proceed to narrow down the issue.
Huh? Why would you do a git diff?
Please BUILD and RUN the server to see if the recent changes fixed it.
Wandering through
Yes. Your proxy need to be configured as a client on RSA radius server.
Ivan Kalik
Kalik Informatika ISP
Dana 23/9/2008, Chris Haskins [EMAIL PROTECTED] piše:
Hello,
My company has purchased several of the RSA Securid appliances to provide
OTP for our environment. The architecture calls for
[EMAIL PROTECTED] wrote:
Yes. Your proxy need to be configured as a client on RSA radius server.
And I believe the RADIUS server is disabled on the appliances by
default, at least it was on ours.
Arran
Ivan Kalik
Kalik Informatika ISP
Dana 23/9/2008, Chris Haskins [EMAIL PROTECTED]
Ah! Changed and seems to work now. I probably thought that using names would
make me immune to IP address changes..
My eduroam user will be very pleased if this works again.
Thanks.
---
Barry Dean
Networks Team
http://pcwww.liv.ac.uk/~bvd/
-Original Message-
From: [EMAIL
Hello,
Thank you for the input. Would I setup my freeRADIUS server as a
UNIX/Linux client, or a Communication Server, or other?
Thank you,
Chris
Arran Cudbard-Bell [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
09/23/2008 11:20 AM
Please respond to
FreeRadius users mailing list
Chris Haskins wrote:
Thank you for the input. Would I setup my freeRADIUS server as a
UNIX/Linux client, or a Communication Server, or other?
Perhaps the vendor you paid large sums of money to has
documentation? Otherwise, it's not good to expect us (who haven't
been paid for the RSA
Hi,
I'm wondering what would be the best method do to math on IP addresses. I
want to build my returned ip address based on the username and the NAS IP
address.
The NAS IP is simply a mapping from the source ip to a number Z
The layout of the username is: [EMAIL PROTECTED]
The resulting IP
I'm wondering what would be the best method do to math on IP addresses. I
want to build my returned ip address based on the username and the NAS IP
address.
The NAS IP is simply a mapping from the source ip to a number Z
The layout of the username is: [EMAIL PROTECTED]
The resulting IP address
Hi Alan,
Your point is well taken.
RSA does supply documentation on how to setup their device, but I do not
find anything specifically for accepting a freeRADIUS proxy running on
RHEL5. Since this forum supports freeRADIUS, I felt this was an
appropriate question.
Thank you,
Chris
Alan
And the reason is? i thought nasidentifier is quite important attribute. Anyway
thanks for reply.
- Original Message
From: Alan DeKok [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Tuesday, September 23, 2008 8:28:22 PM
Subject: Re:
Hi, I had a freeradius server working, but only when the password are saved
on the database on plain-text with out encryption, my question is about how
to save the instructions on the table radcheck and radgroupcheck to work
with Password encryption MD5.
My working free radius tables had
Chris Haskins wrote:
RSA does supply documentation on how to setup their device, but I do not
find anything specifically for accepting a freeRADIUS proxy running on
RHEL5.
Then I suggest asking them to update their documentation.
Since this forum supports freeRADIUS, I felt this was an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan DeKok wrote:
Chris Haskins wrote:
Thank you for the input. Would I setup my freeRADIUS server as a
UNIX/Linux client, or a Communication Server, or other?
Communication Server: But i'm not sure if you add it as an agent host or
if you add
If you are thinking of MySQL for this purpose, you could try using
stored procedures to create required IP combinations/pools.
On Tue, Sep 23, 2008 at 6:37 PM, [EMAIL PROTECTED] wrote:
I'm wondering what would be the best method do to math on IP addresses. I
want to build my returned ip
the content of that VSA is
sip-incoming-ip=200.X.X.X
I think that it's not needed to add this VSA to the dicctionary. the
main issue is that after it sends de accounting plugging it sends
anothe access-request.
I would appreciate any help.
Josexato
2008/9/21 [EMAIL PROTECTED]:
What is this?
I think that it's not needed to add this VSA to the dicctionary. the
main issue is that after it sends de accounting plugging it sends
anothe access-request.
That would be your Cisco device. Nothing to do with freeradius. Debug
your sip server to see what is it doing.
Ivan Kalik
Kalik
Thanks for your help Alan, now it works.
Right now I'm having another issue, but first I will check the mail archives
before I send another alias.
Thanks for your help.
Have a great day.
-Original Message-
From:
[EMAIL PROTECTED]
radius.org
[mailto:[EMAIL PROTECTED]
What freeradius version is this?
Ivan Kalik
Kalik Informatika ISP
Dana 23/9/2008, Oscar Trejo [EMAIL PROTECTED] piše:
Hi, I had a freeradius server working, but only when the password are saved
on the database on plain-text with out encryption, my question is about how
to save the instructions
Hi team.
I'm having some issues with the configuration of the radius server, I'm
getting the following: Error Initializing Modules.
The thing is that my radius server has no issues with the configuration
(eap.conf), and the instalation was succesful with mysql.
I've checked the database looking
Hi Alan,
Where can I find tarball for freeradius-server-2.1.1? I'm going the rpm
build so I can run the test. I didnt' see it on the ftp site.
thx
Please BUILD and RUN the server to see if the recent changes fixed it.
Wandering through the source code won't help unless you know what
http://github.com/alandekok/freeradius-server/tree/master
Ivan Kalik
Kalik Informatika ISP
Dana 23/9/2008, Charlie B [EMAIL PROTECTED] piše:
Hi Alan,
Where can I find tarball for freeradius-server-2.1.1? I'm going the rpm
build so I can run the test. I didnt' see it on the ftp site.
thx
Hi,
I am using Active directory as datasource for radius. I am getting rlm_ldap:
object not found or got ambiguous search result. I have configured ldap
section as follows:
ldap {
server = 192.168.0.1
identity = cn=sjadmin,ou=WID,dc=ecrt,dc=local
Hello,
I have NASes sending me unstripped username in requests, and a database
with stripped usernames in it (which i use for accounting too).
So i tried setting up proxying (to local) on the desired realms to for
auth and accounting, the problem i face is that acounting is done both
with
The version of the freeradius is v 1.1.0
I hope these is what you ask me.
Thanks !!!
What freeradius version is this?
Ivan Kalik
Kalik Informatika ISP
Dana 23/9/2008, Oscar Trejo [EMAIL PROTECTED] piše:
Hi, I had a freeradius server working, but only when the password are
saved
on
Good Day,
I am making an attempt to setup sudo authentication on a Centos 5.2
server to work with pam_radius_auth. I rwant ldap to handle my
regular users (this works already) and I want my privileged users to
authenticate through radius when they use sudo. I put the below in
/etc/pam.d/sudo
Hi,
I'm using wired 802.1x to authenticate user using eap md5 and eap
peap. the problem rise when using peap, the radius attribute (tunnel
private group id) didn't pass to the switch. but if we use md5, the
server will pass the attribute. I suspect something missing on inner
tunnel config
hello Alexandre,
I solved this by ussing this conditional in the configuration file
that the database uses in my case
/etc/raddb/sql/postgresql/dialup.conf :
sql_user_name = %{%{Stripped-User-Name}:-%{%{User-Name}:-none}}
#sql_user_name = %{User-Name}
i hope this helps
regards
Josexato
44 matches
Mail list logo
