Tseveendorj wrote:
Does FreeRADIUS have mrtg module for monitoring bandwidth usage?
No. You can out accounting information in a DB, and then look at that.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Tseveendorj wrote:
I'm providing internet to customers via ADSL2+. I have cisco router and
FreeRADIUS 2.1.3.
Customer can make double connection via PPPoE.
How to disable double connection ?
What kind of attribute can do that ?
doc/Simultaneous-Use
Alan DeKok.
-
List
Am Dienstag, 7. April 2009 06:04:44 schrieb Tseveendorj:
Hello,
Does FreeRADIUS have mrtg module for monitoring bandwidth usage?
Sincerely,
Tseveen.
You can also make use of the logmatch feature of net-snmp to monitor RADIUS
messages in the logfile and make MRTG retrieve these values. No
Bryan Graham wrote:
/opt/csg/etc/raddb/sites-enabled/default[198]: Failed to find module
attr_rewrite.
/opt/csg/etc/raddb/sites-enabled/default[62]: Errors parsing authorize
section.
That message is produced when the module doesn't exist, OR when it has
failed to initialize properly.
I want to authenticate client by his username , password and mac address. Is
it possible in freeRADIUS 2.1.4. i am using fedora 8 as operating
system.
thanxs in advance..
--
View this message in context:
http://www.nabble.com/problem-mac-address-authenticaion-tp22922689p22922689.html
Alan DeKok wrote:
Apostolos Pantsiopoulos wrote:
I noticed that the following directives :
...
for perl were not present in the file after the compiling.
Are these directives obsolete?
Yes. The server already has a thread management system. Adding
another one for Perl is unnecessary.
Alan DeKok wrote:
Apostolos Pantsiopoulos wrote:
I noticed that the following directives :
...
for perl were not present in the file after the compiling.
Are these directives obsolete?
Yes. The server already has a thread management system. Adding
another one for Perl is unnecessary.
Hi,
thanks for the list
I can confirm all of these issues. Also, if you have WPA/AES turned
on, then the Mac wont touch the lovely WPA2/AES - ie it wont do 802.11n
properly. if you reratify the wifi so you only do WPA/TKIP and WPA2/AES
then the Mac is a _little_ happier
I can also confirm
How about the stats interface ? Write your own script for mrtg wich uses
the stats interface.
--
Thoralf Freitag
Manager Health Services System Administration
From:
Michael Schwartzkopff mi...@multinet.de
To:
FreeRadius users mailing list freeradius-users@lists.freeradius.org
Date:
07.04.09
Hello.
Config:
perl auth_perl_pppoe {
module = /var/www/radius/radius_auth.pl
func_accounting = accounting
}
perl acc_perl_pppoe {
module = /var/www/radius/radius_accounting.pl
func_authenticate = authenticate
}
-
a.l.m.bu...@lboro.ac.uk wrote:
taking some Steinbeck metaphor too far...
oh, how I wish Lenny were a code name for MacOSX rather than Debian... anyway,
or lovely friend Lenny or having a few issues compared to his friend George.
Lenny wants to have the lovely Wifi...but cant. You see,
Hi,
Let's not put Lenny out of his misery just yet. I've never had problems
with EAP-TTLS on Macs, I've actually started recommending people use it, as
it appears to be slightly more efficient than PEAPv0 (based purely on the
number of rounds it takes to complete), and far better documented.
Привет!
На самом деле, весьма _неудобно_ искать проблемы просто по дебагу + конфиг.
Уж лучше описать её хоть на ломаном англ.
Это так отступление...
А вообще, у rlm_perl весьма много глюков.
Например при работе с разными модулями, типа IO::Socket::.
Попробуйте все засунуть в один скрипт.
Thank you John for your structured questions.. the question that follows is
nearly the response for the previous! ..I'm able to reply to all, except the
sixth one.. I'll do it :)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ок, я так и сделал.
Но дело в том что мой радиус будет авторизовывать и считать несколько
сервисов с разных NAS.
И очень не плохо было бы их разнести.
Причем если запускать radius без режима дебага, то он какое то время будет
работать нормально, правда только какое-то.
Да, это точно баг.
У меня была такая проблема, в дебаге работает.
А как только включаешь нормальный режим, (почти)сразу начинаются глюки.
У меня есть предположение - все дело в форках. (как это не мерзко, но у
прекрасного языка perl есть кривые реализации модулей. Которые с багами работают
при
Hello.
Config:
perl auth_perl_pppoe {
module = /var/www/radius/radius_auth.pl
func_accounting = accounting
}
perl acc_perl_pppoe {
module = /var/www/radius/radius_accounting.pl
func_authenticate = authenticate
}
-
No, I just want to let our user using an anonymous account as the outer user
name for authentication to improve the security, and using the true account
for inner tunnel.
It's a supplicant setting. Nothing to do with radius server.
Because the administrator said that their user name all
I want to authenticate client by his username , password and mac address. Is
it possible in freeRADIUS 2.1.4. i am using fedora 8 as operating
system.
Is mac address in Access-Request packet? If it isn't it can't be done.
Ivan Kalik
Kalik Informarika ISP
-
List info/subscribe/unsubscribe?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan,
thanks for the list
I can confirm all of these issues. Also, if you have WPA/AES
turned on, then the Mac wont touch the lovely WPA2/AES
I haven't seen this. We have WPA/WPA2 TKIP/AES, and the Mac appears to
always pick WPA2. Unfortunately
Id really appreciate anyone could clarify if they are indeed using DBM files
with multiple DEFAULT user profiles and/or user profiles with duplicate
usernames. From my tests and cursory look at code (especially
rlm_dbm_parser), it seems the key is based solely on username which wont
work for
Hi,
We are currently moving from Cistron Radius on Freebsd 6.2 to Freeradius
2.0.5 on Freebsd 6.2.
We have 2 freeradius servers and 1 Cistron server on our live network.
On our Dial up system, on Cistron records 1 Start/ 1 Stop per
Acct-Session-ID sent from a NAS.
On Freeradius 2.0.5 it
Seamus Bridgeman wrote:
Id really appreciate anyone could clarify if they are indeed using DBM
files with multiple DEFAULT user profiles and/or user profiles with
duplicate usernames.
Very few people are using the DBM module. The users file is better
for small numbers of entries, and SQL
Hello,
I have two freeradius v2.1.3-1 servers setup to run with redundant load
balancing with two Windows Active Directory LDAP servers for authentication.
When the LDAP servers are running the radius will load-balance between them and
authenticate fine. If I shut the primary LDAP server
a.l.m.bu...@lboro.ac.uk wrote:
thanks for the list
Not a problem.
I can confirm all of these issues. Also, if you have WPA/AES turned
on, then the Mac wont touch the lovely WPA2/AES - ie it wont do
802.11n properly. if you reratify the wifi so you only do WPA/TKIP
and WPA2/AES then
Hi,
Have you actually traced the wireless traffic (passively), are you
sure it's the Macs at fault with this one?
as everything works fine on the same Mac when it runs Vista (yes, I know...)
and works all okay on random PCs and PDAs/smartphones..the big greasy
pointy finger is pointing
On Tue, Apr 7, 2009 at 9:04 PM, Clare Scally clare.sca...@eircom.net wrote:
On Freeradius 2.0.5 it seems that the same session can have multiple Starts
and Stops against one Acct-Session-ID.
Is this normal behaviour and should these multiple tickets with the same
session be recorded as 1
I too have had weird behavior on macs. I just ended up using
mac-address authentication (due to insecurities in EAP. (or possibly
rumored, i havn't seen a paper on it yet))
On Tue, Apr 7, 2009 at 7:08 AM, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Have you actually traced the wireless traffic
Bryan Graham wrote: /opt/csg/etc/raddb/sites-enabled/default[198]:
Failed to find module attr_rewrite.
/opt/csg/etc/raddb/sites-enabled/default[62]: Errors parsing authorize
section.
Alan DeKok wrote:
That message is produced when the module doesn't exist, OR when it has
failed to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Bartell wrote:
I too have had weird behavior on macs. I just ended up using
mac-address authentication (due to insecurities in EAP. (or
possibly rumored, i havn't seen a paper on it yet))
Wait what... You went to Mac-Based authentication
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Have you actually traced the wireless traffic (passively), are
you sure it's the Macs at fault with this one?
as everything works fine on the same Mac when it runs Vista (yes, I
know...) and works all okay on random PCs and PDAs/smartphones..the
Arran Cudbard-Bell wrote:
Ohh are you referring to the scaremongering 'The Register' was doing
last year? Because of course, anyone with a hacked copy of FreeRADIUS
can steal all your users credentials !
Unfortunately, people read his column, and believe him. They might
also believe that he
Is there a way to match on the EAP type in unlang? I need to be able to
proxy everything except incoming eap-md5 requests (which need to be handled
remotely).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Stephen Bowman wrote:
Is there a way to match on the EAP type in unlang?
Yes.
I need to be able to
proxy everything except incoming eap-md5 requests (which need to be
handled remotely).
And... no. That won't work.
EAP *starts* the conversation before you know which EAP type it is.
Sorry to re-post, but I'm still banging my head against the wall with
this... If anyone could help, or provide a pointer to something that
(obviously) I'm missing, it would be greatly appreciated.
Hi,
I've googled this to no avail (have been working on it for about 4 hours
now). I'm running
Sounds good, I have made the change to read
format = ~nadmin:*,User-Name
added nadmin to the dictionary file
Things at this point are working OK
[noc_group] Added nadmin: 'NOC' to reply_items
++[noc_group] returns ok
However I can still not get the logic of the unlang statement correct.
Hello all,
I am struggling to get a windowsXP client to authenticate to
freeradius. I've set up winbind/samba and radtest works from the
command line on the freeradius server.
However the client doesn't seem to be able to contact the server when
attached to a switch which supports .1x. During
Nevermind... was making it WAY to complicated
if (nadmin == NOC) {
update reply {
Reply-Message = 'Noc-Group Match'
}
}
-Original Message-
From: freeradius-users-bounces+lfross=ucdavis@lists.freeradius.org
Hello,
Sorry to post again for the same subject, but I guess I haven't been
very clear in my last question to the list, so I'm trying to ask it
differently.
I've done some drawing that illustrate the settings I've tried and also
provide the whole log, that could be seen here
39 matches
Mail list logo
