Hegedus Gabor wrote:
Hi I have a question.
How can I send attributes(for example reply-message, cvpn3000, ...) in
access-reject packet.
I tried to put my exec to the post-auth section Post-Auth-Type
REJECT{}, but in this
section radius dosen't send the attribs in the reject packet.
Radius
hi,
sorry for my late answer: in short:
Am Donnerstag, den 05.03.2009, 10:05 +0100 schrieb t...@kalik.net:
Queries are in raddb/sql/mysql/dialup.conf. Have you made changes to that
file?
no, it was commented out from myself ..., bad idea. Undo it, was the
trick. :-)
My long answer follows
but cisco log about accounting evrytime send message like this
Mar 6 08:57:48 192.168.255.10 210: 000207: Mar 6 08:57:48 MSK:
%RADIUS-3-NOACCOUNTINGRESPONS
Stop for session 0074 failed to receive Accounting Response.
You are wondering about accounting on your radius server -
Hi,
I'm new to freeradius (3 weeks experience) and mailing lists (second attempt)
so please have patience.
I have freeradius 1.1.7 (prebuilt package) on Solaris 10 configured to
authenticate against Active Directory using ntlm-auth.
All working OK.
Now I'm trying to return different reply
Am 06.03.2009 um 12:20 schrieb Leighton Man:
Hi,
I'm new to freeradius (3 weeks experience) and mailing lists
(second attempt) so please have patience.
I have freeradius 1.1.7 (prebuilt package) on Solaris 10 configured
to authenticate against Active Directory using ntlm-auth.
All working
Thank you for your answers. I've solved my problem, but now i have another
one. Does anybody know, can freeradius server recieve CoA requests (using
port 3799 or 1700) according to the rfc 3576? And how can i configure it if
it does?
2009/3/4 Evgeniy Kozhuhovskiy ug...@mgts.by
M K wrote:
M K wrote:
Thank you for your answers. I've solved my problem, but now i have
another one. Does anybody know, can freeradius server recieve CoA
requests (using port 3799 or 1700) according to the rfc 3576? And how
can i configure it if it does?
It does not receive CoA requests. If it did,
Where does the cookbook say that you should put that in ldap.attrmap?
Where are those radius attributes defined? Some additional dictionary?
This part is not from the cookbook, it's something we intend to use
internally here at the university. The setup is based on the eduroam
guide, though,
Sorry I wasn't more clear.I am not using 1.x but most of the documentation
refers to how things were done in 1.x and because of this means nothing to
me.
I am not using syslog.
Accounting packets are being written to disk using the detail function.
Then I am shipping them off to the other radius
I'm new to freeradius (3 weeks experience) and mailing lists (second attempt)
so please have patience.
I have freeradius 1.1.7 (prebuilt package) on Solaris 10 configured to
authenticate against Active Directory using ntlm-auth.
All working OK.
Now I'm trying to return different reply
Leighton Man wrote:
Many thanks for this. I'm using 1.1.7 because it's available as a pre-built
package on solaris for both sparc and x86 architectures. The idea is to get
freeradius configured and working as fast as possible so it can be demo'd to
management (I'm trying to retire Cisco
Huh? It compiles on 3-4 different Solaris boxes that I have access to.
Did you run make from the TOP directory, or by cd'ing to src/lib?
Alan DeKok.
Tried gmake from the top directory and gcc -g -O2 -D_REENTRANT
-D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG -D_LIBRADIUS
Now, this is still not working:
having it as User-Name := '%{reply:User-Name}' still gives me an
Access-Accept with text instead of variable value.
Also, using double quotes yields the exact same result.
Sending Access-Accept of id 127 to xx.xx.xx.xx port 32785
User-Name =
Is there any way to do what I want without upgrading?
You can try users file:
DEFAULT Ldap-Group == staff
some reply
DEFAULT Ldap-Group == student
some other reply
DEFAULT Auth-Type := Reject
That should be at the end of the users file (ie. anything
Leighton Man wrote:
Tried gmake from the top directory and gcc -g -O2 -D_REENTRANT
-D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG -D_LIBRADIUS
-I/export/home/cmsxljm/freeradius-server-2.1.3/src -c dict.c -fPIC -DPIC -o
.libs/dict.o (copy and paste from the gmake output) from the
Hmm... would it be possible to have to give *more* output? i.e. start from a
fresh directory:
$ tar -zxf freeradius-server-2.1.3.tar.gz $ cd freeradius-server 2.1.3 $
./configure $ gmake
And show the errors (not the dozens of lines saying building foo, or the
last dozen lines saying
TR Missner wrote:
Accounting packets are being written to disk using the detail function.
Then I am shipping them off to the other radius by setting the listen
object on the detail file.
That should be fine.
Even with load_factor set to 100 the speed at which the detail is read
is very
On Thu, Mar 05, 2009 at 09:19:19AM -0600, Ben Wiechman wrote:
We set num_sql_socks to 25. We had them set to 10 but ran into issues when
massive numbers of subscribers were attempting to enter the network at once
- for example when we would power cycle a base station with 400 subscribers
on it
accounting {...}
[detail] expand: /var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d -
/var/log/radacct/192.168.255.10/detail-20090306
[detail] /var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to
/var/log/radacct/192.168.255.10/detail-20090306
[detail] expand: %t - Fri Mar 6 11:43:15 2009
++[detail] returns ok
rlm_counter: We only run on Accounting-Stop packets.
++[daily] returns noop
++[unix] returns fail
Finished request 5.
unix module is failing. If you are not using it comment it out from the
accounting section.
Ivan Kalik
Kalik Informatika ISP
-
List
OK, I comment all unix section in site-enable/default, but result is the
same!
In pucture below I thurned on debug on cisco about accounting, therefore
cisco work correctly, but radius server not recieve Accounting-Request? Why?
001534: Mar 6 22:38:57: tty2 AAA/AUTHOR/EXEC (3942780195):
Alan DeKok wrote:
00093701a89d Cleartext-Password == 66e3c1cd773f487d
Use:
00093701a89d Cleartext-Password := 66e3c1cd773f487d
Holy cow! That was it!! And to think that I spent days
looking at config files and log files before I thought
of posting to this list.
Thank you Alan for
OK, I comment all unix section in site-enable/default, but result is the
same!
In pucture below I thurned on debug on cisco about accounting, therefore
cisco work correctly, but radius server not recieve Accounting-Request? Why?
001534: Mar 6 22:38:57: tty2 AAA/AUTHOR/EXEC (3942780195):
Hello,
How i can solve this problem:
sometimes, some users connections stay locked on radius.. and with,
Simutaneous-Use resulting = 1 ...
Fri Mar 6 20:29:11 2009 : Auth: Multiple logins (max 1) [MPP attempt]:
[alines] (from client Orbit port 256018 cli xxx)
Fri Mar 6 20:29:11
If you mean when I type a some command on cisco shell, in the cisco
console already I show you (much more), else you mean a radius server
then I must disappoint you there is a silent, nothing to do!
If you consider for important all debug information on radius when user
login-run some
If you mean when I type a some command on cisco shell, in the cisco
console already I show you (much more), else you mean a radius server
then I must disappoint you there is a silent, nothing to do!
If you consider for important all debug information on radius when user
login-run some
Hi
I need some opinions.
Condition:
1. I have a local realm (suffix), xyz.com. I'm using freeradius 2.1.3+mysql.
2. My own user's username in mysql radcheck table is store in usern...@xyz.com
format
3. A person want me to proxy his prefix ABC/his-customer-usern...@myrealm to
his radius
27 matches
Mail list logo