>Thanks very much for the pointer. That looks like what I want, however,
>after following those instructions, when I run radiusd -X, I get this
>error:
>
>/usr/local/etc/raddb/users[50]: Parse error (check) for entry user:
>Unknown value ntlm_auth for attribute Auth-Type
>
>Errors reading /usr/l
Thanks very much for the pointer. That looks like what I want, however,
after following those instructions, when I run radiusd -X, I get this
error:
/usr/local/etc/raddb/users[50]: Parse error (check) for entry user:
Unknown value ntlm_auth for attribute Auth-Type
Errors reading /usr/local
>User-Name = "ROUTER\\Hege"
Create (local) ream ROUTER { } in proxy.conf.
>++[preprocess] returns ok
>++[chap] returns noop
>++[mschap] returns noop
>[suffix] No '@' in User-Name = "ROUTER\Hege", looking up realm NULL
>[suffix] No such realm "NULL"
>++[suffix] returns noop
>[eap] EAP pack
Tim Gustafson wrote:
> Ok, I've upgraded to FreeRADIUS 2.0.5 on a FreeBSD box (the FreeBSD ports is
> more up-to-date than the CentOS Yum repositories apparently).
>
> However, upon reading the documentation in modules/ldap, I see this:
...
> So, does this mean that you can't do MSCHAPv2 against
>And the matching shared secret for the server and pam_radius_auth.conf
..
>Using 'ssh [EMAIL PROTECTED]' password: testing
>
>rad_recv: Access-Request packet from host 127.0.0.1 port 26561, id=106,
>length=83
>User-Name =
>"steve"
>User-Password = "\010\n\r\177INCORRECT"
Updated manual:
http://deployingradius.com/documents/configuration/active_directory.html
Ivan Kalik
Kalik Informatika ISP
Dana 18/11/2008, "Danner, Mearl" <[EMAIL PROTECTED]> piše:
>http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
>worked for me.
>
>-Original Messag
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
worked for me.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
rg] On Behalf Of Mike Diggins
Sent: Tuesday, November 18, 2008 3:43 PM
To: FreeRadius users mailing list
Subject: Re: authenticating
I should have mentioned it's FreeRadius 2.1.1.
-Mike
On Tue, 18 Nov 2008, Mike Diggins wrote:
Folks, I have freeradius running on a fedora linux box. I want to use it for
authentication from an Apache web server using the radius interface. That
part is working, and I'm able to authenticat
See:
http://deployingradius.com/documents/protocols/oracles.html
Ken
On Tue, Nov 18, 2008 at 01:29:48PM -0800, Tim Gustafson wrote:
> Ok, I've upgraded to FreeRADIUS 2.0.5 on a FreeBSD box (the FreeBSD ports is
> more up-to-date than the CentOS Yum repositories apparently).
>
> However, upon r
Folks, I have freeradius running on a fedora linux box. I want to use it
for authentication from an Apache web server using the radius interface.
That part is working, and I'm able to authenticate web users only if they
have a local account on the freeradius server.
I want freeradius to auth
Ok, I've upgraded to FreeRADIUS 2.0.5 on a FreeBSD box (the FreeBSD ports is
more up-to-date than the CentOS Yum repositories apparently).
However, upon reading the documentation in modules/ldap, I see this:
# However, LDAP can be used for authentication ONLY when the
# Access-Request packet c
First of all let me say that I am using:
FreeRADIUS Version 2.2.0, for host i686-pc-linux-gnu.
I am trying to configure pam-radius-auth and freeRADIUS to allow
users to ssh into a box and radius will appropriately match their
permissions and etc.
I've come across a problem that I am unable to s
man unlang
Ken
On Tue, Nov 18, 2008 at 01:51:11PM +0100, Edgar Fu? wrote:
>> switch "%{Realm}" {
>>case "domain1" {
> I'm admittedly feeling totally stupid, but is this syntax documented
> anywhere?
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-
switch "%{Realm}" {
case "domain1" {
I'm admittedly feeling totally stupid, but is this syntax documented
anywhere?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Prasad Parab wrote:
> Hi Alan,
>
> Thanks for yot reply.
> Bassically i have wireless adapter which has a utility supporting
> peap-eapmd5 on Windows XP service pack 2. Is there any way to Know
> whether the supplicant is the problem in case of peap-eap-md5, as with
> the utility peap-eap-mschap
Hegedus Gabor wrote:
>...
and here is the first part of debug:
main {
prefix = "/usr/local"
localstatedir = "/usr/local/var"
logdir = "/usr/local/var/log/radius"
libdir = "/usr/local/lib"
radacctdir = "/usr/local/var/log/radius/radacct"
hostname_lookups = no
max_request_time
>>when I use the with-ntdomain-hack=no the result is :
>>
>
> Where is that line? You should enable it in mschap module. It shouldn't
> have any effect on EAP Identity.
I use it in preprocess file,
now I set it in mschap module too
>
>>[peap] Had sent TLV failure. User was rejected earlier in
>>> Let's say for realm "dr4.cnrs.fr" I would like that only VLAN1 and VLAN2
>>> are permitted.
>>>
>>
>> Use unlang and -=.
>>
>
>excuse me Ivan, I don't understand. can you explain more...
>thanks.
>
You say attr.filter is not working (and provide no debug) for you. Use
unlang instead.
[EMAIL PROTECTED] a écrit :
Let's say for realm "dr4.cnrs.fr" I would like that only VLAN1 and VLAN2
are permitted.
Use unlang and -=.
excuse me Ivan, I don't understand. can you explain more...
thanks.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://
>Let's say for realm "dr4.cnrs.fr" I would like that only VLAN1 and VLAN2
>are permitted.
Use unlang and -=.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
wpa_supplicant eapol_test.
Ivan Kalik
Kalik Informatika ISP
Dana 18/11/2008, "Queenie de Melo" <[EMAIL PROTECTED]> piše:
>Hi,
>
>Can anyone suggest a test radius client supporting PEAP with EAP MD5 ?
>
>I have tried JRadius Simuator , RadiusTest n others but could not get the
>option of PEAP wit
Hi folk,
I am using attribute filter on my radius proxy server to filter
attributes (Tunnel-Type, Tunnel-Medium-Type,
Trapeze-VLAN-Name=Tunnel-Private-Group-Id) received from the home server
for multiple realms (authentification and authorisation attributes are
stored in ldap database).
Let's
Hi,
Can anyone suggest a test radius client supporting PEAP with EAP MD5 ?
I have tried JRadius Simuator , RadiusTest n others but could not get the
option of PEAP with EAP MD5.
Incase anyone has come across, please let me know.
Warm regards
Queenie
-
List info/subscribe/unsubscribe? See http:/
>when I use the with-ntdomain-hack=no the result is :
>
Where is that line? You should enable it in mschap module. It shouldn't
have any effect on EAP Identity.
>[peap] Had sent TLV failure. User was rejected earlier in this session.
Debug you posted is useless. You have deleted the important
[EMAIL PROTECTED] wrote:
Here is the debug of radiusd (attached file)
You are playing a dangerous game by reusing an old radiusd.conf.
[ldap] expand: %{control:My-BaseDN} ->
ou\3dpeople\2cdc\3ddr4\2cdc\3dcnrs\2cdc\3dfr
basedn expansion went well.
rlm_ldap: bind as uid=Ma
> Hi all, I have a problem, can't authenticate my user with win login
user/pass.
I use:
- 802.1x
- newest freeradius, and ubuntu 8.4
- eap-tls
- win xp sp2 client, use automatic win logon and pass
When "Automatically use my Windows login name and password" is unchecked
on the windows, i type
>>Hi all, I have a problem, can't authenticate my user with win login user/pass.
>>
>>I use:
>>- 802.1x
>>- newest freeradius, and ubuntu 8.4
>>- eap-tls
>>- win xp sp2 client, use automatic win logon and pass
>>
>>When "Automatically use my Windows login name and password" is unchecked
>>on the
>Hi Alan,
>
>Thanks for yot reply.
>Bassically i have wireless adapter which has a utility supporting
> peap-eapmd5 on Windows XP service pack 2. Is there any way to Know whether
>the supplicant is the problem in case of peap-eap-md5, as with the utility
>peap-eap-mschapv2 works.
>
Yes. By doing w
>I am a little confused with this...
>
>tnt-4 wrote:
>>
>> ntlm_auth in mschap module works only for - mschap requests. It will not
>> work for pap requests.
>>
>
>Normally, ntlm_auth is set in the MSCHAP module. Authentication requests
>from logging into the system, like SSH, uses PAP?
>
>Is there
>I want to configure the freeRADIUS server to return the CLASS
>attribute in the ACCESS-ACCEPT message,.
>I tried adding the attribute for a user in users file :
>
>vinay Auth-type:=CHAP,User-Password="vinay",Class="Admin"
>
>The attribute is parsed. But when i try to connect with a RADIUS
>client,
30 matches
Mail list logo