(debug listed below)
Freeradius 2.x
with Postgre database
I need to store ESN value to my database, but it comes in format[3GPP2-ESN =
\000\000\000\000\000\000\0BBF636]. Freeradius counts '\0' as the end
of the line and puts blank instead of actual parameter value. Not only ESN
comes in that
Hi,
I need to store ESN value to my database, but it comes in format[3GPP2-ESN =
\000\000\000\000\000\000\0BBF636]. Freeradius counts '\0' as the end
of the line and puts blank instead of actual parameter value. Not only ESN
comes in that format but [Acct-Session-Id = 000\000] does
lamersons wrote:
I need to store ESN value to my database, but it comes in format[3GPP2-ESN =
\000\000\000\000\000\000\0BBF636].
Change the dictionary to make it type octets. That's likely the
simplest fix.
Freeradius counts '\0' as the end
of the line and puts blank instead of actual
Hanno Schupp wrote:
thanks for your response. Unfortunately your response cut over with my
response to a previous mail list contributor. I had made some progress
with unlang and described my progress in there. I have run against a
wall though, when I discovered that I cannot perform any unlang
Hello Alan,
thank you for your reply.
The mapping of the NT-Password describe exactly our problem. We cannot find
the right passage in the radius config to do this. Maybe you can give as a
little hint, this would be very kindly.
Best Regards, Michael
native wired xp 802.1X client with PEAP
Thank you very much Kalik, it wors perfectly.
you are a good guy.. hehehe =)
t...@kalik.net escreveu:
These attributes in reply come from attrs file, the missing is
ERX-Egress-Police-Name.
In radreply it entry is:
ID Username
Attribute op
Johan Meiring wrote:
Alan DeKok wrote:
Johan Meiring wrote:
Any idea when?
There is no defined time frame.
What is generating the CoA packets?
It will also be freeradius (on a different machine), the actual radius
server.
In the short term, alternatives are things like shell
Thank you very much, changing it to octets gave me nice ascii look of esn.
Vendor is Huawei.
to official letter to huawei i got this answer listed below.
--
Good day,
I would like to inform that our BSC sends ESN according the
3GPP2 “Interoperability Specification (IOS) for
lamersons wrote:
Thank you very much, changing it to octets gave me nice ascii look of esn.
Vendor is Huawei.
OK.
to official letter to huawei i got this answer listed below.
--
Good day,
I would like to inform that our BSC sends ESN according the
3GPP2
Alan DeKok wrote:
Johan Meiring wrote:
Ok no replies I'm sure it so ugly that nobody's even interested.
Or busy.
Final question.
Instead of hacking auth.c to return DISCONNECT_NAK/_ACK instead of
ACCESS_ACK/_REJECT.
Is there any way to force the return packet type (i.e. value that
Hm, I dug up this:
http://www.3gpp2.org/public_html/specs/A.S0017-0_v1.0.pdf
and I can't find that statement in there. I would assume that zero
fill an ASCII string would mean fill with ASCII zeros, not nulls
(ASCII code zero).
Ivan Kalik
Kalik Informatika ISP
Dana 12/1/2009, Alan DeKok
Alan DeKok al...@deployingradius.com writes:
lamersons wrote:
Thank you very much, changing it to octets gave me nice ascii look of esn.
Vendor is Huawei.
OK.
to official letter to huawei i got this answer listed below.
--
Good day,
I would like to inform that our
You can also change the way passwords are stored in ldap. userPassword
should have cleartext password. If you are going to store encrypted
passwords you should use password header ({nt} in this case). If you
store your passwords that way you just need to enable auto headers in
pap module. pap
t...@kalik.net wrote:
Hm, I dug up this:
http://www.3gpp2.org/public_html/specs/A.S0017-0_v1.0.pdf
and I can't find that statement in there. I would assume that zero
fill an ASCII string would mean fill with ASCII zeros, not nulls
(ASCII code zero).
Looking at the spec, I agree. It
Bjørn Mork wrote:
Yes, it would be. However, the document Huawei refers to does not state
this.
Ok. So I *won't* change the dictionaries.
I don't think footnote d leaves any doubt wrt the format of this
attribute. The \0 prepending seems to be a Huawei invention.
Yes.
I think
Hi,
I have a lot of problems doing an EAP-TLS authentification with
Freeradius 2.1.3. We're doing a machine-based authentification with
certs, using EAP-TLS with 802.1x capable Linksys switches (cable based).
We had NO problems at all with Freeradius 1.1.0 and Windows 2000 SP4 and
XP SP2
Hi,
With XP SP3 the auth failed, I googled that FR 1.1.0 is not capable to
do this, because SP3 is realizing the same 802.1x engine as Vista does.
So I upgraded to 2.1.3 and compiled it on OpenSuse 10.1 without errors
and the software runs without problems. But the auth still doesn't
Can you post the debug of the *same* client certificate being accepted
from the SP2 machine and rejected from SP3.
Ivan Kalik
Kalik Informatika ISP
Dana 12/1/2009, Alexandros Gougousoudis
gougousoudis-l...@servicecenter-khs.de piše:
Hi,
I have a lot of problems doing an EAP-TLS
I'm running freeradius v2.1.1 that proxies to a Juniper Steel-Belted Radius.
(NAS-freeradius-Juniper).
The authentication works and the reply is sent to my NAS, but the Juniper
sends back trailing \000 in the return attributes which my NAS obviously is
not too fond of.
The debug shows:
rad_recv:
Jørn Kostøl wrote:
I'm running freeradius v2.1.1 that proxies to a Juniper Steel-Belted
Radius. (NAS-freeradius-Juniper).
The authentication works and the reply is sent to my NAS, but the
Juniper sends back trailing \000 in the return attributes which my NAS
obviously is not too fond of.
Hello guys,
I made others test Freeradius, but not works.
I made other BD and reinstall my freeradius, I used user= paulo
and password= user01 for test.
My clients.conf has the below configuration:
client 127.0.0.1 {
secret=
On Mon, Jan 12, 2009 at 3:08 PM, Paulo César Naves Mota
paulo.m...@cetelem.com.br wrote:
Hello guys,
I made others test Freeradius, but not works.
I made other BD and reinstall my freeradius, I used user= paulo and
password= user01 for test.
My clients.conf has the below
Hello Luciano,
In below the result of command:
I have a user in BD:
mysql use radius;
mysql show tables;
+--+
| Tables_in_radius |
+--+
| radacct |
| radcheck |
| radgroupcheck|
| radgroupreply|
| radpostauth |
| radreply
Hi,
Can someone help me?
I'm sure someone can - please send output of 'radiusd -X'
to this list as per the FAQ, the docs in the server
and the many many such requests to this list
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Hello Luciano,
In below the result of command:
I have a user in BD:
do you read documents? is so, which document did you read
to set this up?
it should be
++--+-+++
| id | username | attribute | op | value |
Ok, I think I've installed everything correctly (according to the faq) but
obviously not. starting radius in debug I still get:
Ignoring EAP-Type/tls because we do not have OpenSSL support.
Ignoring EAP-Type/ttls because we do not have OpenSSL support.
Ignoring EAP-Type/peap because we do not
In below the result of command:
That's the debug of the startup. You haven't sent the request to be
processed. You should post the debug of request processing.
mysql select * from radcheck;
++--+---+++
| id | username | attribute | op | value |
Brian Ertel wrote:
Ok, I think I've installed everything correctly (according to the faq) but
obviously not. starting radius in debug I still get:
Perhaps you built and installed things correctly, it's hard to tell, but
you might have more than one version installed and you might be
I have Freeradius 2.1 built, and somehow, radrelay didn't get built. I
was poking around on google, and it looks like proxy.conf might help me
replace radrelay.
Can you have multiple accthosts inside of proxy.conf realms?
Like this:
realm mydomain.com {
type = radius
authhost =
hi,
did you follow the fedora/redhat quid as posted to
this list - or did you just install openssl-devel and try
the daemon again? if so, that wont work. you will need to
rerun the ./configure and make steps again for the
system to learn your got the SSL support installed..and
thus compile in
I installed the openssl and openssl-devel rpms and the freeradius SRPM with
all dependency rpms...
Brian
On 1/12/09 3:39 PM, a.l.m.bu...@lboro.ac.uk a.l.m.bu...@lboro.ac.uk
wrote:
hi,
did you follow the fedora/redhat quid as posted to
this list - or did you just install openssl-devel and
Adam Bultman wrote:
I have Freeradius 2.1 built, and somehow, radrelay didn't get built.
$ man radrelay
This is documented.
I
was poking around on google, and it looks like proxy.conf might help me
replace radrelay.
Can you have multiple accthosts inside of proxy.conf realms?
No.
Brian Ertel wrote:
I installed the openssl and openssl-devel rpms and the freeradius SRPM with
all dependency rpms...
You didn't follow the instructions in the FAQ.
You must build the SRPM and install the resulting RPM's. Please folow the
instuctions in the FAQ.
A SRPM contains the source
Hi,
I installed the openssl and openssl-devel rpms and the freeradius SRPM with
all dependency rpms...
..but before you ran your own version up? if so,
you're still running your own version
which radiusd
will probably say /usr/local/sbin/radiusd
you need to run the version the SRPMS would
I obeyed the faq's every command and get caught up on this:
[r...@freeradius redhat]# rpmbuild -ba rpmbuild
/usr/src/redhat/SPECS/freeradius.spec
error: failed to stat /usr/src/redhat/rpmbuild: No such file or directory
???
Brian
-Original Message-
From:
Brian Ertel wrote:
I obeyed the faq's every command and get caught up on this:
[r...@freeradius redhat]# rpmbuild -ba rpmbuild /usr/src/redhat/SPECS/freeradius.spec
error: failed to stat /usr/src/redhat/rpmbuild: No such file or directory
My apologies, there was a typo in the FAQ, the
I try to determine some data externally through an PHP programme with the
'exec' module.
Everything is fine as long as I do only return one value from PHP, the
return attribute is duly accepted and processed.
As soon as I return more than one the exec module gets confused, as
everything
Ahhh, ok. Tomorrow's another day
Thanks John,
Brian
From: freeradius-users-bounces+bsertel=amherst@lists.freeradius.org on
behalf of John Dennis
Sent: Mon 1/12/2009 6:14 PM
To: FreeRadius users mailing list
Subject: Re: eap/tls freeradius openssl
unsubscribe
CompuLab - Consult
Robert Schuster
Am Karmelkloster 16
53229 Bonn
mailto: robert.schus...@compulab-consult.de
Tel. +49 228 97604-0
Fax. +49 228 97604-25
mobil +49 175 1606254
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
39 matches
Mail list logo