Hi,
I'm trying to enable MediaProxy to close expired calls but got an error
Does anyone have any suggestions?
Thanks a lot
John
here is the log:
DBG:mi_datagram:identify_command: dtgram-len is 21
Nov 24 16:05:54 localhost media-dispatcher[3638]: [RelayServerProtocol,0,
127.0.0.1] Got
Andrew Rikhlivsky wrote:
Hello All,
I'm using 802.1x for authenticating users. How can I use
Framed-Ip-Address attribute to assign client ip address?
You can't. It's impossible.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ldap {
server = localhost
identity = cn=ManagerĄAdc=nchcĄAdc=orgĄAdc=tw
password = hsuan
..
rlm_ldap: bind as cn=Manager??dc=nchc??dc=org??dc=tw/hsuan to localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: LDAP login failed: check identity, password
Talk to the folks who created it perhaps?
Sent from my iPhone
On 24 Nov 2008, at 08:18, john li [EMAIL PROTECTED] wrote:
Hi,
I'm trying to enable MediaProxy to close expired calls but got an
error
Does anyone have any suggestions?
Thanks a lot
John
here is the log:
http://wiki.freeradius.org/index.php/FreeRADIUS_Wiki:FAQ#It_says_.22Could_not_link_..._file_not_found.22.2C_what_do_I_do.3F
Example is for mysql, but it applies to all such messages.
Ivan Kalik
Kalik Informatika ISP
Dana 24/11/2008, Ilya [EMAIL PROTECTED] piše:
hello,
i've got Linux 2.6.9-22
Hi all,
What do I need to do for use eap2 module? I want to use GPSK or PSK.
Can anybody help me with the configuration?
Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Fernando wrote:
Hi all,
What do I need to do for use eap2 module? I want to use GPSK or PSK.
Can anybody help me with the configuration?
Read raddb/experimental.conf. There is NO other documentation.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Alan DeKok wrote:
Fernando wrote:
Hi all,
What do I need to do for use eap2 module? I want to use GPSK or PSK.
Can anybody help me with the configuration?
Read raddb/experimental.conf. There is NO other documentation.
Thanks, and... what is the hostap's version needed to use
But that means that the authentication is successful?
If I have the NAS and Supplicant improperly set, I do not understand
because it rejects the response radius.
What do these lines?:
rlm_realm: No '@' in User-Name = cert, looking up realm NULL
rlm_realm: No such realm NULL
Thanks
What do these lines?:
rlm_realm: No '@' in User-Name = cert, looking up realm NULL
rlm_realm: No such realm NULL
You haven't configured NULL domain (in proxy.conf) for users without the
domain. Like most people. It's not a problem.
Ivan Kalik
Kalik Informatika ISP
-
List
[EMAIL PROTECTED] wrote:
What do these lines?:
rlm_realm: No '@' in User-Name = cert, looking up realm NULL
rlm_realm: No such realm NULL
You haven't configured NULL domain (in proxy.conf) for users without the
domain. Like most people. It's not a problem.
Ivan Kalik
Kalik
Fernando wrote:
Thanks, and... what is the hostap's version needed to use the extra
modules? and... how to build the libeap.so, any ideas?
Perhaps you could try reading raddb/experimental.conf.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
then what I want to say is that this configuration is for users who
are not in a domain.
But if users are in a domain?
besides, I need is a certified master who serves me, or for users who
are not in a domain.
What sugeris me?
-
List info/subscribe/unsubscribe? See
Hi,
I am searching a solution to get status information with freeradius 2.0.5.
Because of the broken snmp implemantation on 64 bit Linux systems, I can
not use snmp. So I tried to use the status interface. I configured a
server status as written below.
server status {
listen {
Hi,
I am using the ipppol modul. To check, wether IPs will put back to the
pool, after them freed, sometimes I take a look to the IP-Pool.
sudo /opt/radius/bin/rlm_ippool_tool -av
/opt/radius/etc/raddb/db.ippool.one /opt/radius/etc/raddb/db.ipindex.one
shows something like this:
KEY:
[EMAIL PROTECTED] wrote:
I am searching a solution to get status information with freeradius
2.0.5. Because of the broken snmp implemantation on 64 bit Linux
systems, I can not use snmp. So I tried to use the status interface. I
configured a server status as written below.
This is not
Hi,
Hi again,
It didn't make . It has returned errors.
you need to have the readline dev/packages installed
readline
readline-devel
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Martin Silvero wrote:
then what I want to say is that this configuration is for users who
are not in a domain.
But if users are in a domain?
If they are in a domain when they response to EAP-IDENTITY the realm
[EMAIL PROTECTED] must be set. Then your radius forwards the response to the
Alan DeKok wrote:
Fernando wrote:
Thanks, and... what is the hostap's version needed to use the extra
modules? and... how to build the libeap.so, any ideas?
Perhaps you could try reading raddb/experimental.conf.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Fernando wrote:
Yes, I read the file but it only says that the module libeap.so is
needed. I don't know how build it :(. I've downloaded the hosapd 0.6.1
but there is no way to obtain the library. So can you provide me with
some tips to build libeap.so?
Edit the Makefiles that refer to
Hi All;
Is it possible to capture in Freeradius the MAC address of a device connecting
via a VPN server (Cisco VPN 3000 or Microsoft PPTP Server), pls?
The user has a Username/Password Combination which isn't the MAC Address.
Thank you.
Lucio
Hi,
Hey,
I know this is a bit off-topic, but I was wondering if anyone on the list
might be able to help with configuring a Cisco Aironet WAP to authenticate
wireless users against a FreeRADIUS server?
I just followed the cisco docs for how to configure a Cisco
autonomous AP to
Lucio Godoy wrote:
Is it possible to capture in Freeradius the MAC address of a device
connecting via a VPN server (Cisco VPN 3000 or Microsoft PPTP Server), pls?
Look in the Access-Request. If you see something that looks like a
MAC address, that's it.
It may be in the Calling-Station-Id
Hi -
Summary - I want/need to configure free radius to allow a TLS user on to
the system; without having
To authenticate the certs? I am not sure if this is possible, but
wanted to ask if there was a way to bypass
TLS cert authentication.
I did set the Default-auth-type = Accept; got a
Jackson Jerry-NPC637 wrote:
Hi -
Summary - I want/need to configure free radius to allow a TLS user on to
the system; without having
To authenticate the certs? I am not sure if this is possible, but
wanted to ask if there was a way to bypass
TLS cert authentication.
It's not possible
Hi Alan -
This is a wireless network. If you have a minute could you explain why
this is
different between `wireless' `wired' system?
Thanks for your time,
Jerry
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
dius.org] On Behalf Of Alan DeKok
Sent: Monday,
attached is the updated patch.
User need this should add
# retention-time: If not zero specifies the amount of seconds to
wait
# before releasing an entry after receiving an acct Stop packet.
# Default: 0
retention-time = 0
to the raddb/modules/ippool
Le 23.11.2008 17:39, Ilya a écrit :
hello,
i've got Linux 2.6.9-22 and freeRADIUS server v.2.1.1.
after installing and configured FreeRADIUS i try to to start the
daemon with -X parametr and get the error:
Could not link driver rlm_sql_oracle: libclntsh.so.10.1: cannot open shared
Hi Alan;
In the Calling-Station-Id i get the device IP Address and not the MAC!
Thanks
Lucio Date: Mon, 24 Nov 2008 16:52:22 +0100 From: [EMAIL PROTECTED] To:
freeradius-users@lists.freeradius.org Subject: Re: Capture the MAC address of
VPN connecting devices in FreeRadius Lucio Godoy
Hi,
Hi Alan -
This is a wireless network. If you have a minute could you explain why
this is
different between `wireless' `wired' system?
for wireless 802.1X the cert is used as part of the securing system
to create keyed content to ensure the encryption of the data
for wired 802.1X
Hi,
Hi Alan;
In the Calling-Station-Id i get the device IP Address and not the MAC!
luckily you dont get a phone number instead ;-) (RFC 2865)
I'm wondering if theres a set in stone standard for Calling-Station-ID
ie should it be a MAC or IP address? or am I being very hopeful?
alan
-
In the Calling-Station-Id i get the device IP Address and not the MAC!
luckily you dont get a phone number instead ;-) (RFC 2865)
I'm wondering if theres a set in stone standard for Calling-Station-ID
ie should it be a MAC or IP address? or am I being very hopeful?
Don't know about it being
Lucio Godoy wrote:
In the Calling-Station-Id i get the device IP Address and not the MAC!
sigh Read the rest of my message: If you see something that looks
like a MAC, that's it.
If you don't see a MAC in the request... then that means there's no
MAC in the request. This isn't hard to
[EMAIL PROTECTED] wrote:
I'm wondering if theres a set in stone standard for Calling-Station-ID
ie should it be a MAC or IP address? or am I being very hopeful?
You're being hopeful.
The contents of the Calling-Station-Id are whatever the NAS wants them
to be. This is RADIUS after all,
On Mon, Nov 24, 2008 at 9:46 PM, [EMAIL PROTECTED] wrote:
I'm wondering if theres a set in stone standard for Calling-Station-ID
ie should it be a MAC or IP address? or am I being very hopeful?
For IEEE 802.1X, see RFC 3580, Ch. 3.21 (MAC address). This is also
included as an informative annex
please excuse me if this isn't entirely related to freeradius but it's
all about getting WindowsXP laptops to my wireless network with
freeradius and 8021.x
I see that there is certificate failures and am thinking that I need to
clean this up
up until now, server2 is my ca and I have used that
Hi,
I have setup a FreeRadius-server and try to get it operational with a
Linksys WAP54G AccessPoint. This seems to work highly unreliable.
I posted a question about this on the Linksys support forums,
but no luck so far:
In the Calling-Station-Id i get the device IP Address and not the MAC!
How you want to retrieve a MAC if VPN client can be theoretically
behind one or more routers and, at all, it can use non-Ethernet link
to accessto the VPN server?
If you want to get MAC - use PPPoE for clients, or
my radius server though is running on server1 and I think that my
failure is related to the fact that I'm generating the certificates and
signing them with server2.
Yes. Same CA has to be used for server and client certificates.
So my questions...
1. Do I set up server1 to be its own CA or do
I have setup a FreeRadius-server and try to get it operational with a
Linksys WAP54G AccessPoint. This seems to work highly unreliable.
I posted a question about this on the Linksys support forums,
but no luck so far:
/certs does not work as-is. See
http://bugs.freeradius.org/show_bug.cgi?id=614
I fixed mine by changing the script to sign the client with the CA in
stead of the server. While there are a number of way to go about it this
was the most expedient.
There is also an unrelated problem that
I use FreeRadius 2.1.1 with a WAP54GP v1.36 in Ent2 mode. Works
flawlessly. In fact, right now the WAPs are FreeRadius only reason to
exist in my network.
Maybe you want to run in debug mode and have a look at whats going wrong
when you have trouble.
-Ted-
M.K. tenNapel wrote:
Hi,
I have
tinyca is a nice graphical interface for linux with openssl in the
backend. Its much easier than remembering all the openssl commands
needed, especially when you dont add/revoke certificates all the time.
On Mon, Nov 24, 2008 at 1:18 PM, Craig White [EMAIL PROTECTED] wrote:
please excuse me if
Is tinyca able to add the OID's supposedly required for Windows?
-Ted-
Paul Bartell wrote:
tinyca is a nice graphical interface for linux with openssl in the
backend. Its much easier than remembering all the openssl commands
needed, especially when you dont add/revoke certificates all the
There is also an unrelated problem that causes the CA to only last 30
days. See here http://bugs.freeradius.org/show_bug.cgi?id=615
Hm, I was under the impression that this was sorted:
http://lists.freeradius.org/pipermail/freeradius-users/2008-September/msg00653.html
That solution works.
On Sun, 2008-11-23 at 02:59 -0600, Alan DeKok wrote:
Craig White wrote:
OK - that quiets the notification but I still can't figure out the issue
where I can authenticate RRAS, Macintosh and iPod clients against radius
via LDAP using mschapv2 but even with the certificates on Windows XP
I have 1 WAP54G that works sometimes. Read the thread in the links I
included for more details. I used tcpdump to see if any data got
through.
Op maandag 24-11-2008 om 23:12 uur [tijdzone +0100], schreef
[EMAIL PROTECTED]:
I have setup a FreeRadius-server and try to get it operational with a
I am not able to execute the file eapol_test after making the necessary
changes as described in the link below:
http://deployingradius.com/scripts/eapol_test/
The message that I am getting is as below:
[EMAIL PROTECTED] wpa_supplicant-0.5.10]# make eapol_test
Make: `eapol_test' is up
48 matches
Mail list logo