On Fri, Apr 17, 2009 at 5:00 AM,
wrote:
> Send Freeradius-Users mailing list submissions to
> freeradius-us...@lists.freeradius.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.freeradius.org/mailman/listinfo/freeradius-users
> or, via email, send a me
Just adding debugging messages:
1) When readclients=no radiusd starts even if sql2 is down
rlm_sql_unixodbc: Connection failed
rlm_sql (sql2): Failed to connect DB handle #0
rlm_sql (sql2): starting 1
rlm_sql (sql2): starting 2
rlm_sql (sql2): starting 3
rlm_sql (sql2): starting 4
rlm_sql (sql2):
On Fri, 2009-04-17 at 20:44 +0100, Ivan Kalik wrote:
> Two. One active and other as "hot" standby.
Ok.
> >But, what if I don't want to proxy and only want two freeradius servers
> >that do auth, and two separate servers for accounting?
>
> No need for extra accounting servers. Each server can d
Hi,
Kalik's advices are very good - just to add some words:
Certainly such a failover is achieved on the client side. NAS's have
options to do that. On Cisco VoIP routers e.g.you can do it with the
RADIUS groups. You can have broadcast groups to achieve redundancy -
send the requests to mul
Does Mikrotik support CoA? If it does, this can be done (Disconnect-Request
blah,blah).
Ivan Kalik
Kalik Informatika ISP
-Original Message-
From: freeradius-users-bounces+tnt=kalik@lists.freeradius.org
[mailto:freeradius-users-bounces+tnt=kalik@lists.freeradius.org] On
Behalf Of A
>Anyway, I've been wondering how many servers are required to have a proper
(i.e. no single point of failure) on the freeradius side of things.
Two. One active and other as "hot" standby.
>I know that I can have one freeradius server proxying requests to any
number of authorization and/or accou
Recently in rel 2.1.4 you fixed and issue for replicated databases that allow
readclients=yes option in sql.conf. This worked great if ALL databases are
up and running.
The issue happens if radiusd can't connect to a database and process cannot
start even though it can read NAS info from sql2 if s
Hello Everyone,
I'm stepping into the world of Freeradius for the first time - holy shit
is there a lot to learn.
Anyway, I've been wondering how many servers are required to have a
proper (i.e. no single point of failure) on the freeradius side of
things. I know that I can have one freeradius s
Guy Fraser wrote:
> I thought this would be enough to make it log failed authentications :
Yes. But to flat-text files, not to SQL.
> post-auth {
> reply_log
> sql
> sql_log
This says "log to SQL on success".
> exec
> Post-Auth-Type REJECT {
> attr_filter.access
On 2009-Apr-17, at 03:08, Alan DeKok wrote:
Guy Fraser wrote:
I have installed :
"radiusd: FreeRADIUS Version 2.1.3, for host i386-portbld-freebsd7.1,
built on Feb 26 2009 at 15:47:46"
I have not been able figure out how to get it to log failed
authentication attempts
into the radpostauth sql
Jérôme BERTHIER wrote:
> When no cache is enabled on radius (eap.conf / cache / enable=no),
> clients using NetworkManager are not able to re-negociate
> authentification because they are always trying to resume their session.
Maybe I'm missing something... those clients worked with 2.0.5, didn'
Alan DeKok a écrit :
Jérôme BERTHIER wrote:
Sorry. It means that when the NAS asks for reauthentification (after
reauth-period timeout has expired), clients won't stop trying to
re-connect using session resumption option again and again
Here, an extract from freeradius debug :
[ttls] eapt
Jérôme BERTHIER wrote:
> Sorry. It means that when the NAS asks for reauthentification (after
> reauth-period timeout has expired), clients won't stop trying to
> re-connect using session resumption option again and again
> Here, an extract from freeradius debug :
> [ttls] eaptls_process return
Alan DeKok a écrit :
Jérôme BERTHIER wrote:
I'm trying to configure Freeradius 2 to implement EAP/TTLS-PAP
authentication method on my Cisco AP1242. It works but I'd like some
precisions to get configuration files as small as possible.
Why? It's not like there are any CPU / memory /
Jérôme BERTHIER wrote:
> I'm trying to configure Freeradius 2 to implement EAP/TTLS-PAP
> authentication method on my Cisco AP1242. It works but I'd like some
> precisions to get configuration files as small as possible.
Why? It's not like there are any CPU / memory / disk issues with
having th
Hi,
I'm trying to configure Freeradius 2 to implement EAP/TTLS-PAP
authentication method on my Cisco AP1242. It works but I'd like some
precisions to get configuration files as small as possible.
What is the shortest way to configure it ?
authorize {
preprocess
auth_log
suffix
eap
> >> It should be running one Perl thread per system thread. The
server
> >> core already manages min/max spare threads, idle threads, etc.
> > I hope this implementation will satisfy Borislav too. Will he be
> > able to
> > instantiate different perl scripts for different needs?
> >
> > So, whe
Guy Fraser wrote:
> I have installed :
> "radiusd: FreeRADIUS Version 2.1.3, for host i386-portbld-freebsd7.1,
> built on Feb 26 2009 at 15:47:46"
>
> I have not been able figure out how to get it to log failed
> authentication attempts
> into the radpostauth sql table, like I had it working in Ve
Khan wrote:
> My installation process and other steps i took can be found on this
> link: http://voiprookie.blogspot.com/
The discussion on editing the "configure" arguments is unnecessary.
If you had read the rest of the debian/control file, you would see how
OpenSSL *should* be enabled.
> I t
Ubuntu 8.04 hardy is freeradius 1.7
if Ubuntu 8.10 is freeradius 2.1
- Original Message -
From:
To: "FreeRadius users mailing list"
Sent: Friday, April 17, 2009 2:46 PM
Subject: Re: FreeRADIUS 2 Installation failed on ubuntu hardy
Hi,
My installation process and other steps i
Hi,
> My installation process and other steps i took can be found on this
> link: http://voiprookie.blogspot.com/
>
> I tried to install it several time but no luck, first I used aptitude
> which installed the 1.x version so i removed it and then I used
> synaptic to install that didn't work, fin
Hi,
> Fri Apr 17 09:52:09 2009 : Auth: Login OK: [miracle] (from client st17-gw
> port 367362 cli 00:14:A4:46:73:26)
> Fri Apr 17 09:52:12 2009 : Auth: Login OK: [stepanov] (from client st17-gw
> port 367363 cli 00:0E:A6:3A:A5:4E)
> Fri Apr 17 09:52:13 2009 : Auth: Login OK: [260130] (from clien
22 matches
Mail list logo