Fajar A. Nugraha wrote:
> On Sun, May 17, 2009 at 11:33 PM, John Dennis wrote:
>> We expect to provide an official update to RHEL with a 2.x
>> version of FreeRADIUS in the next update cycle which would be RHEL 5.5,
>
> So how do you plan to provide seamless upgrade for RHEL 5 users?
> Is freerad
On 20/05/2009, at 12:00 AM, Alan DeKok
wrote:
Peter Lambrechtsen wrote:
Has anyone done any work with FreeRadius 2.1.1 or higher and SQLite
as
the backend db.
Nope.
Would love to have it working with sqlite as that is the smallest DB
footprint of all the supported databases for Free R
Marco De Magistris wrote:
>1. Radius Client sends packets towards Radius Proxy (from 192.168.1.2
> to 192.168.1.3)
>2. Radius proxy listen on 192.168.1.3 for authentication packet and
> forwarding them towards two different network (192.168.14.4 and
> 192.168.24.4)
>
> Ca
Hi all,
Thanks in advance for your help.
Here is our Scenario which is working now:
1. Radius Client sends packets towards Radius Proxy (from
192.168.1.2 to 192.168.1.3)
2. Radius proxy listen on 192.168.1.3 for authentication packet and
forwarding them towards two differen
Thanks Ivan !
With huntgroup it works perfectly, now I am searching to manage my huntgroup
whith ldap, no longer with the file huntgroup.
Each users have the primitive radiusHuntgroupName, but I want to define my
huntgroup in ldap, is it possible you think ?
Regards,
Francois
-Message d'
Hi Alan,
I realise, i've asked for the before, and it is on your todo list, but
I'd like to make a case again for maybe getting it moved up higher onto
the list.
The current "clients" structure identify the NAS's by ip address.
While this is perfect for corporate environments, it is not so pe
Ivan Kalik wrote:
>> I am a students, and i want to implement wireless LAN with MAC based
>> authentication by using freeRadius.
>> I installed freeRadius on Fedora Core 6. I need complete configuration of
>> freeRadius.
>>
>
> It's already configured. It will do that in default configuration.
Be
> I created once again certs by myself, giving common name for user cert the
> same like in example
> u...@example.com, I place them on xp client - both of them looks ok,
> now something is happening (anyway like Aragorn said: "still not king"):
>
>
> Ready to process requests.
> rad_recv: Access-R
> > Can the ./configure script be made to report at the end what modules it
> > found it can build. The ./configure output does have this information
> > but it's not easy to follow.
>
> i guess you are asking this after seeing similar feature in other
> software?
yes, net-snmp, xine-lib and con
I created once again certs by myself, giving common name for user cert the
same like in example
u...@example.com, I place them on xp client - both of them looks ok,
now something is happening (anyway like Aragorn said: "still not king"):
Ready to process requests.
rad_recv: Access-Request packet
> Oki, thanks. In fact, I want my radius client crypt my passwd in md5 for
> example, and freeradius check the MD5 hash. So I understand I have to use
> PAP ? In my modul ldap I think I have to put « password_attribute =
> userPassword ». But If I do, I have to put my password in clear in my
> lda
Fajar A. Nugraha wrote:
> So how do you plan to provide seamless upgrade for RHEL 5 users?
Upgrades across a major version number of software require manual
changes to the configuration.
> Is freeradius 1.1.3 config compatible with 2.x? Or do we have to do a
> clean install?
The configuratio
> I authenticate on cisco equipments via ssh/telnet. There is no supplicant,
> so I don't understand in my case and i would like to know if the
> communication between my cisco equipment and my FreeRadius safe is. I
> have a secret shared between both. I understand that the communciation
> between
Oki, thanks. In fact, I want my radius client crypt my passwd in md5 for
example, and freeradius check the MD5 hash. So I understand I have to use PAP ?
In my modul ldap I think I have to put « password_attribute = userPassword ».
But If I do, I have to put my password in clear in my ldap, othe
Well, I am using checkval to check the attribute NAS-IP-Address, what I want :
I have several users and several NAS, some users allows to authenticate on some
NAS, and others not. I use an openldap database. Each users have an attribute
"radiusCheckItem". I don't know if I am right, if it's the
Am 19.05.2009 um 14:14 schrieb François Mehault:
Hi,
I authenticate on cisco equipments via ssh/telnet. There is no
supplicant, so I don’t understand in my case and i would like to
know if the communication between my cisco equipment and my
FreeRadius safe is. I have a secret shared b
So in other words this script is for all clients exept microsofts-like ?
>You should try altering make client command in Makefile so that client
certificates are signed by ca and not server certificate.
do you have such altered makefile?
On Tue, May 19, 2009 at 1:35 PM, Ivan Kalik wrote:
> > #
Hi,
I authenticate on cisco equipments via ssh/telnet. There is no supplicant, so I
don't understand in my case and i would like to know if the communication
between my cisco equipment and my FreeRadius safe is. I have a secret shared
between both. I understand that the communciation between f
I have just committed *full* support for CoA to the "stable" and
"master" branches on git.freeradius.org. I'd like to thank the sponsor
of this work, who wishes to remain anonymous.
In 2.1.6, the server could *originate* CoA packets. e.g. If the users
bandwidth consumption is over a quota, s
Peter Lambrechtsen wrote:
> Has anyone done any work with FreeRadius 2.1.1 or higher and SQLite as
> the backend db.
Nope.
> Would love to have it working with sqlite as that is the smallest DB
> footprint of all the supported databases for Free Radius.
Write the code... submit it back.
> H
On Tue, May 19, 2009 at 9:10 AM, liran tal wrote:
> Hey Santiago,
> I am in a need to get a Nomadix AG3100 gateway to do the same thing as you
> have done - get it authenticate
> to FreeRADIUS and redirect to portal pages for a simple user/pass login.
> I've exchanged a bunch of emails with their
> # make client
>
> next I made a copy of ca.der and client.p12 to xp directory,
> next I opened mmc and install both of them to Trusted Root Certificate
> Authorities and to Personal
>
> exclamation mark on client certificate:
> "windows does not have enough information to verify this certificate"
Has anyone done any work with FreeRadius 2.1.1 or higher and SQLite as
the backend db.
Working on a single router solution with OpenWRT with FreeRadius
running PEAP and EAP-TLS auth.
Would love to have it working with sqlite as that is the smallest DB
footprint of all the supported databases for
>>
>> PS. You have either disabled group checking or removed group membership
>> query.
>>
>> Ivan Kalik
>> Kalik Informatika ISP
>>
>>
>
> None of them. Group checking is enabled (read_groups = yes) and the query
> (authorize_group_check_query = "SELECT ... ") is defined in sql module.
> But
> sim
> I am a students, and i want to implement wireless LAN with MAC based
> authentication by using freeRadius.
> I installed freeRadius on Fedora Core 6. I need complete configuration of
> freeRadius.
>
It's already configured. It will do that in default configuration.
Ivan Kalik
Kalik Informatika
Ok, I downloaded 2.1.6
# unp freeradius-server-2.1.6.tar.gz
# cd /usr/src/freeradius-server-2.1.6
# dpkg-buildpackage -rfakeroot -uc -us
# dpkg -i freeradius_2.1.6-0_i386.deb
- instalator create ca and server certs in /etc/freeradius/certs directory
# cd /etc/freeradius/certs
# make client
next I
Dear all,
I am a students, and i want to implement wireless LAN with MAC based
authentication by using freeRadius.
I installed freeRadius on Fedora Core 6. I need complete configuration of
freeRadius.
Thank you
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
> PS. You have either disabled group checking or removed group membership
> query.
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
None of them. Group checking is enabled (read_groups = yes) and the query
(authorize_group_check_query = "SELECT ... ") is defined in sql module. But
simply the query
Checkval with Calling-station-id works fine ! And I want to check also the IP
of the NAS to authenticate my user.
rlm_checkval: Item Name: Calling-Station-Id, Value: 192.168.0.80
rlm_checkval: Value Name: Calling-Station-Id, Value: 192.168.0.80
++[station-check] returns ok
>NAS-IP-Address can be
On Sun, May 17, 2009 at 11:33 PM, John Dennis wrote:
> We expect to provide an official update to RHEL with a 2.x
> version of FreeRADIUS in the next update cycle which would be RHEL 5.5,
So how do you plan to provide seamless upgrade for RHEL 5 users?
Is freeradius 1.1.3 config compatible with 2
Hi,
> which Linux distribution should I use? So far I tryied debian-etchnhalf, or
> CentOS, and in every How to its written that I have to compile it by mysefl.
> This how to didnt work anyway... so I will try what you will suggest.
> Bartosz.
theres nothing wrong with compiling it yourself - so
I know it's almost trivial to go an alter the table column size, but for users
convenience, the sql attribute length should be increased. Currently the
schema.sql which comes with the distribution is varchar(32). One of the
motorola wimax attributes is 39 characters,
Motorola-WiMAX-Maximum-Co
Hey Santiago,
I am in a need to get a Nomadix AG3100 gateway to do the same thing as you
have done - get it authenticate
to FreeRADIUS and redirect to portal pages for a simple user/pass login.
I've exchanged a bunch of emails with their support team (which is awful)
and read their guides but it's
Hey Jerome,
I am in a need to get a Nomadix AG3100 gateway to do the same thing as you
have done - get it authenticate
to FreeRADIUS and redirect to portal pages for a simple user/pass login.
I've exchanged a bunch of emails with their support team (which is awful)
and read their guides but it's
t
Hey Ignacio,
I am in a need to get a Nomadix AG3100 gateway to do the same thing as you
have done - get it authenticate
to FreeRADIUS and redirect to portal pages for a simple user/pass login.
I've exchanged a bunch of emails with their support team (which is awful)
and read their guides but it's
35 matches
Mail list logo
