On 12 May 2009, at 20:28, Doug Hardie wrote:
On 12 May 2009, at 13:29, Doug Hardie wrote:
V 2.1.5. I am having a problem with PAP not using the proper user
id. IF the user id is just a plain
then it works properly. However, I have some realms
setup that have prefixes and suffixes e.g.
you could also use SQL or another database for storing users. This
doesn't require HUP ing of the server.
On Tue, May 12, 2009 at 8:25 PM, ournixnat...@gmail.com
wrote:
> I may have figured it out myself. Will this work: service radiusd reload
>
> If so, what exactly is it doing? Just reloading
On 12 May 2009, at 13:29, Doug Hardie wrote:
V 2.1.5. I am having a problem with PAP not using the proper user
id. IF the user id is just a plain
then it works properly. However, I have some realms setup
that have prefixes and suffixes e.g., DUB+@lafn. PAP is
trying to find the user_i
I may have figured it out myself. Will this work: service radiusd reload
If so, what exactly is it doing? Just reloading the users file or more?
On Tue, May 12, 2009 at 8:17 PM, ournixnat...@gmail.com
wrote:
> I am fairly new to radius and would like to know if you could explain
> how I would go
Hi,
It's not a major concern, just happen it is ucommented for previous version
(from 1.x to 2.1.3), and the change log wasn't mention this changes. So for
those less experiance freeradius users might have some issue, if you guys think
it is fine as it is just ignore it, or atleast put a line
I am fairly new to radius and would like to know if you could explain
how I would go about this: "In 2.1.x, you can HUP the server, and it
will reload the users file."
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Team,
I'm trying to set up freeradius 2.1.4 in a AMD 64 X2 system with an OpenSUSE
11.1 (x86_64.iso) OS.
I must tell you that I'm new to Linux and Freeradius.
According to the instructions on freeradius.org/radiusd/install I can either:
1. Get a pre-installed binary package (Peter Nixon)
2. ge
--- On Tue, 5/12/09, John Dennis wrote:
>
> I think you'll save yourself a lot of headaches if you
> stick with RPM
> based packages. If the version of FreeRADIUS is not
> available as an RPM
> for the version of the distro you're using then you can
> find
> instructions for how to download,
True... And not only SQL support... Good idea is just like it is now.
Simple with basic options and good comments in config files...
If you need something, uncomment it :)
John Dennis wrote:
piston wrote:
Dear Alan
Same issue as 2.1.5 (debian OS), $INCLUDE sql.conf is commented by default
V 2.1.5. I am having a problem with PAP not using the proper user
id. IF the user id is just a plain
then it works properly. However, I have some realms setup
that have prefixes and suffixes e.g., DUB+@lafn. PAP is
trying to find the user_id DUB+@lafn rather than the stripped
user id
ournixnat...@gmail.com wrote:
> Is there a way to add entries to or modify the users file in
> /etc/raddb without having to restart radiusd to apply the changes?
In 2.1.x, you can HUP the server, and it will reload the users file.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.
Hi,
> a.l.m.bu...@lboro.ac.uk wrote:
> > crash bang boom. after a successful auth, things go wonky in SQL logging
> > land
> >
> > radiusd: symbol lookup error: /usr/lib/rlm_sql_log-2.1.6.so: undefined
> > symbol: rad_assert
> >
> > the daemon crashes out
>
> Hah! I already caught that and c
a.l.m.bu...@lboro.ac.uk wrote:
> crash bang boom. after a successful auth, things go wonky in SQL logging land
>
> radiusd: symbol lookup error: /usr/lib/rlm_sql_log-2.1.6.so: undefined
> symbol: rad_assert
>
> the daemon crashes out
Hah! I already caught that and committed a fix before you s
Is there a way to add entries to or modify the users file in
/etc/raddb without having to restart radiusd to apply the changes?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> Arran Cudbard-Bell wrote:
>> /usr/local/tmp-src/freeradius-server-2.1.6/libtool --mode=link gcc
> ...
>> .libs/client.o .libs/conffile.o .libs/crypt.o .libs/exec.o .libs/files.o
>> /usr/libexec/gcc/powerpc-apple-darwin8/4.0.1/ld: Undefined symbols:
>> _lt__PROGRAM__LTX_preloaded_symbols
>
> Lib
On 12/5/09 19:49, Alan DeKok wrote:
Arran Cudbard-Bell wrote:
/usr/local/tmp-src/freeradius-server-2.1.6/libtool --mode=link gcc
...
.libs/client.o .libs/conffile.o .libs/crypt.o .libs/exec.o .libs/files.o
/usr/libexec/gcc/powerpc-apple-darwin8/4.0.1/ld: Undefined symbols:
_lt__PROGRAM__LTX_pr
Hi,
crash bang boom. after a successful auth, things go wonky in SQL logging land
+- entering group post-auth {...}
[reply_log] expand:
/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d ->
/var/log/radius/radacct/192.168.5.13/reply-detail-20090512
[reply_log] /var/
Arran Cudbard-Bell wrote:
> /usr/local/tmp-src/freeradius-server-2.1.6/libtool --mode=link gcc
...
> .libs/client.o .libs/conffile.o .libs/crypt.o .libs/exec.o .libs/files.o
> /usr/libexec/gcc/powerpc-apple-darwin8/4.0.1/ld: Undefined symbols:
> _lt__PROGRAM__LTX_preloaded_symbols
Libtool and li
a.l.m.bu...@lboro.ac.uk wrote:
> no showstopper just yet... however, noted error in Makefile
> (spotted when doing the install)
>
> sed: can't read pool.h: No such file or directory
> sed: can't read smodule.h: No such file or directory
>
>
> indeed, Makefile mentions pool.h and smodule.h but th
Hi,
> We plan on releasing 2.1.6 this week.
>
> Please test the pre release at: http://git.freeradius.org/pre/
>
> If there are any concerns, problems, errors, etc., please let us know
> before we release the final version.
no showstopper just yet... however, noted error in Makefile
(spott
piston wrote:
> Dear Alan
>
> Same issue as 2.1.5 (debian OS), $INCLUDE sql.conf is commented by default.
>
> Hope you can take look on this.
Perhaps you could explain why this is a problem, and what you would
like me to do about it.
Again... it's only a *DEFAULT* configuration. It is not
piston wrote:
> Dear Alan
>
> Same issue as 2.1.5 (debian OS), $INCLUDE sql.conf is commented by default.
>
> Hope you can take look on this.
I think there is a good argument for not including sql.conf by default.
You can't use sql until you've configured and set up a sql backend which
requires
Dear Alan
Same issue as 2.1.5 (debian OS), $INCLUDE sql.conf is commented by default.
Hope you can take look on this.
Thanks
- Original Message
From: Alan DeKok
To: FreeRadius users mailing list
Sent: Tuesday, May 12, 2009 9:33:04 PM
Subject: Proposed release of 2.1.6
We plan o
On 12/5/09 14:33, Alan DeKok wrote:
We plan on releasing 2.1.6 this week.
Please test the pre release at: http://git.freeradius.org/pre/
If there are any concerns, problems, errors, etc., please let us know
before we release the final version.
Alan DeKok.
-
List info/subscribe/unsu
mct...@yahoo.com wrote:
>
> I have done some testing on 2.1.4 and I like the flexibility
> comparing to 1.x.
>
> Unfortunately, I am using for production a pretty old distribution
> 1.1.7. For such an old distro, it's almost impossible to do an
> upgrade and still maintaining the rpm package inf
anoop c wrote:
>
> Hi
> Thanks for the response. I have installed Python-3.1a1 in redhat linux
> 9. Which version I should install for FREERADIUS or which file I should look
> for?
There's your problem. The currently shipping major version of Python is
2. The next major version of Python is 3
We plan on releasing 2.1.6 this week.
Please test the pre release at: http://git.freeradius.org/pre/
If there are any concerns, problems, errors, etc., please let us know
before we release the final version.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/lis
> I have configure Radius server with LDAP authentication, for performing
> AAA
> for Cisco Routers and Firwalls. Currently all users created in LDAP are
> getting equal priviledge of accessing all devices (NAS) configured with
> AAA.
> I want to allow a set of users to let access some devices (say
Hi
I have configure Radius server with LDAP authentication, for performing AAA
for Cisco Routers and Firwalls. Currently all users created in LDAP are
getting equal priviledge of accessing all devices (NAS) configured with AAA.
I want to allow a set of users to let access some devices (say only few
t...@urugn.com wrote:
> Errors initializing modules
> I thot may be ad trace the problem and directly executed
> /usr/local/etc/raddb/certs/bootstrap Here is the output
> sh: test: argument expected
> *** Error code 1
> The following command caused the error:
> if [ -e /dev/urandom ] ; then \
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
...I would have bet that I had done exactly these steps this morning. But
nevertheless I tried it another time and - succeeded.
Thanks for pushing my nose on this again and again - it finally helped :) I
will try to find the differences between
> sites-enabled/default:
>
>
> authorize {
> chap
> suffix
> eap {
> ok = return
> }
> files
> expiration
> logintime
> pap
> }
...
> Tue May 12 11:35:50 2009 : Info: server default {
> Tue May 12 11:35:50 2009 : Info:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
On Tuesday 12 May 2009 11:57:14 Alan DeKok wrote:
> Andreas Bourges wrote:
> > -> the user gets rejected, but not because of the Auth-Type := Reject
> > setting in the users file. This is the same behaviour we observer when
> > configuring "real"
p...@canoemail.com wrote:
> Freeradius Server v2.1.4. All clients are authenticating properly,
> except for clients that pass a ntdomain\userid. I have configured
> proxy.conf, realm and inner-tunnel in the past (i.e. v2.0.5) to handle
> these requests without issue. As of v2.0.6 and greater, clien
Helo there Am in solaris 5.10 Generic_138889-02 i86pc
i386 i86pc I installed openssl and mysql from blastwave then
installed freeradius. I cannot get it to initialize via radiusd -X here is
the output FreeRADIUS Version 2.1.5, for host i386-pc-solaris2.10,
built on May 11 2009 at 09:54:37 Copyright
Andreas Bourges wrote:
> -> the user gets rejected, but not because of the Auth-Type := Reject setting
> in the users file. This is the same behaviour we observer when configuring
> "real" user accounts having a password associated, like the following:
>
> testuser Auth-Type := Local, C
mct...@yahoo.com wrote:
> Unfortunately, I am using for production a pretty old distribution
> 1.1.7. For such an old distro, it's almost impossible to do an
> upgrade and still maintaining the rpm package info and what not,
> so I am considering upgrading by compiling from source, ie
> configure
Hi All
Sorry about my mails, I check the pipermail now.
Thanks Nicolas Goutte.
Regards,
François
De : freeradius-users-bounces+francois.mehault=netplus...@lists.freeradius.org
[mailto:freeradius-users-bounces+francois.mehault=netplus...@lists.freeradius.org]
De la part de Nicolas Goutte
Envo
I have done some testing on 2.1.4 and I like the flexibility
comparing to 1.x.
Unfortunately, I am using for production a pretty old distribution
1.1.7. For such an old distro, it's almost impossible to do an
upgrade and still maintaining the rpm package info and what not,
so I am considering
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
...we recently upgraded vom freeradius 0.9 to freeradius 2.1.4. Unfortunately
local users cannot be authenticated anymore.
This morning I used the default configuration files from 2.1.4 and started
from scratch. My first objective was to get any
Am 12.05.2009 um 11:31 schrieb François Mehault:
De : François Mehault
Envoyé : mardi 12 mai 2009 11:27
À : 'freeradius-users@lists.freeradius.org'
Cc : François Mehault
Objet : RE: check-item NAS-IP-ADdress & Calling-Station-ID with
openldap
Hi All,
Don't worry. We do receive your e
Hi All,
I want to use FreeRadius to administer network equipement. I use also OpenLDAP
to stock information about users. FreeRADIUS and OpenLDAP are installed on the
same server FreeBSD 7.0.
I contact a Network equipement (like catalyst cisco 2950 v12.1) with putty
(ssh/telnet).
To resume :
W
De : François Mehault
Envoyé : mardi 12 mai 2009 11:27
À : 'freeradius-users@lists.freeradius.org'
Cc : François Mehault
Objet : RE: check-item NAS-IP-ADdress & Calling-Station-ID with openldap
Hi All,
I want to use FreeRadius to administer network equipement. I use also OpenLDAP
to stock info
Hi All,
I want to use FreeRadius to administer network equipement. I use also OpenLDAP
to stock information about users. FreeRADIUS and OpenLDAP are installed on the
same server FreeBSD 7.0.
I contact a Network equipement (like catalyst cisco 2950 v12.1) with putty
(ssh/telnet).
To resume :
W
Hi All
I have to install a FreeRADIUS to authenticate some users on network
equipement (like a Catalyst cisco). I just want to authenticate users on the
cisco switch, no vlan attribution ... So i conclude that I don't have to
install/configure supplicant on my computer (windows XP), the comput
Meyers, Dan wrote:
> I was having this exact same problem for a significant period of time
> when I bought a new Verisign cert for our servers which was chained (the
> old one being directly root signed, which Verisign no longer do). It
> would appear to be a bug/security patch in XP sometime after
> I am thinking of using sqlcounter to implement a "logout" counter,
> ie whenever I want to logout a particular user, I set something
> into the database, then the sqlcounter will pick it up, and
> drop the existing session.
>
Dropping sessions on radius server will have no impact on users connec
I was having this exact same problem for a significant period of time
when I bought a new Verisign cert for our servers which was chained (the
old one being directly root signed, which Verisign no longer do). It
would appear to be a bug/security patch in XP sometime after SP2 that
causes this. Odds
--- On Tue, 5/12/09, Ming-Ching Tiew wrote:
>
> Whereas the radclient continually sending accounting info
> to
> the server, I thought doing the reject at accouting will
> also some what accomplishing the same purpose.
>
> Any comments ?
>
>
Further readings seems to indicate this this
CJ O wrote:
> I am having an issue where FreeRadius is not handing the intermediate CA
> to a windows WPA2 client. We are in the process of deploying WPA2/AES
> with PEAP. So we purchased a certificate from a company that has a
> Trusted Root CA in Windows, Mac OSX, and Linux. However, it was signe
50 matches
Mail list logo