Hi Ivan.
Ok i have reformetated my machine and installed Radius 2.1.1 from Yast
Open Suse 11.
I followed the instructions in /etc/raddb/certs/README
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
Hi Ivan,
these are the files in the /cert directory after i had ran the
instruction in RREADME
Could you let me know how to fix the errors
Thanks
linux-h9qt:/etc/raddb/certs # ls
01.pem ca.cnf client.cnf client.p12 index.txt
Makefile serial.old server.key
Hi Ivan
I did this
chown root:radiusd /etc/raddb/certs/server.pem
chown root:radiusd /etc/raddb/certs/ca.pem
and then i got the error
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
ok i set the password to devin123
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = /etc/raddb/certs/server.pem
HI Ivan,
These are the new error messages
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
Hi
I do have the random and dh file
linux-h9qt:/etc/raddb/certs #ls -al
-rw-r- 1 root root 245 2009-08-03 11:36 dh
-rw-r--r-- 1 root root 384 2009-08-03 12:11 index.txt
-rw-r--r-- 1 root root 21 2009-08-03 12:11 index.txt.attr
-rw-r--r-- 1 root root 21 2009-08-03 11:59
I was following
http://deployingradius.com/documents/configuration/active_directory.html
to
create freeradius with AD integration.
And also I was success to join with my domain net join. In this case I'm
not
using kerberos to join with my domain and only use samba. I'm no problems
with
linux-h9qt:/etc/raddb # radiusd -X
FreeRADIUS Version 2.1.1, for host x86_64-suse-linux-gnu, built on Dec
3 2008 at 13:57:16
Copyright (C) 1999-2008 The FreeRADIUS server project and
contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may
I have 2 NAS devices which will deliver RADIUS accounting message to my
billing server. Now my billing system will receive all accounting info for
all users.
I would like to do billing record only for some of my users so that I
would
like to filter the others. I built a freeradius 1.x to
Hi
This is my directory listing which file should i copy to the XP machine
linux-h9qt:/etc/raddb/certs # ls
01.pem bootstrap ca.key client.crt client.p12
dh index.txt.attr.old random serial.old server.csr
server.pem
02.pem ca.cnf ca.pem client.csr client.pem
Thank you for your message. I am away until August 7th. I will respond
to your message on my return . For urgent matters, please contact
helpd...@stgeorges.bc.ca .
Cheers,
Gilbert Lo
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks Ivan,
There is limitation of dependency with other software.
BTW, I have tried a configuration to work with MySQL as following and it
meets my requirement. Is it the best way?
1. In configuration file acct_users
DEFAULT Acct-Status-Type == Start, SQL-Group = REMOTE, Proxy-To-Realm
I have freeradius installed on my ubuntu, and novel eDirectory on SLES 10.
Is it possible to integrating freeradius with eDir? I've been searching on
google and stil can not find any documentation.
so I try to configure it using documentation for freeradius (on sles), and
it's failed.
Any help
Adam Osuchowski wrote:
what exactly should be placed in directory which freeradius 2.1 chroots
to? I tried to configure chrooted environment for freeradius and I had
to place all rlm_*.so (along with dependencies) and dictionary.* files
inside chroot directory because chroot() is called
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/eap.conf
Config: including file:
I have freeradius installed on my ubuntu, and novel eDirectory on SLES 10.
Is it possible to integrating freeradius with eDir? I've been searching on
google and stil can not find any documentation.
so I try to configure it using documentation for freeradius (on sles), and
it's failed.
You
DILLIOTT Tony wrote:
I still get the following error when I run radiusd -Xx :
/usr/local/etc/raddb/clients.conf[30]: No such home_server or
home_server_pool localhost-coa
I've put a patch into git that should fix the problem. See the
stable branch.
Or, wait a few hours, and grab it
Roy Kartadinata wrote:
An update on this issue, I was finally able to split the detail file log
into hourly by adding another entry to modules/detail.log file. So far
the memory usage is still increasing but in a much slower rate.
That helps narrow it down a bit. But it's still a bit
Everything is fine when I start radiusd -X and radiusd...
But if I use radtest user_from_AD password_from_AD localhost 1812
testing123
It's always...
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=125, length=20
And where is debug of that?
Ivan Kalik
Kalik Informatika ISP
-
Hi !
I have a question,
What is the operator I can use in the post auth section for this
matching Nas-Port-id =* tty
In the users file it is works, but I want use it in post auth section.
The regular expression (tty[0-9]) could be good but i don't know how
to do.
Module: Checking
What is the operator I can use in the post auth section for this
matching Nas-Port-id =* tty
In the users file it is works, but I want use it in post auth section.
The regular expression (tty[0-9]) could be good but i don't know how
to do.
Module: Checking post-auth {...} for more modules
In this first time.. I'm surely was following
http://deployingradius.com/documents/configuration/active_directory.html and
successfully to join with my domain.. This problem is why always rejected if
I use radtest User_From_AD Password_From_AD localhost 1812 testing
123... ?? There is no debug
In this first time.. I'm surely was following
http://deployingradius.com/documents/configuration/active_directory.html
and
successfully to join with my domain.. This problem is why always rejected
if
I use radtest User_From_AD Password_From_AD localhost 1812 testing
123... ?? There is no
hi,
your FR isnt even starting due to problems in eap.conf
- check your directory and config to ensure that files
exist and permissions are correct
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
doesn't help. Also, putting these files under current directory is not
a solution due to modules dependencies. Am I doing something wrong
or it is impossible to jail freeradius into empty (or containing only
/dev/log and /dev/urandom devices) directory?
The server needs a lot of
Hi all,
Configuration (Debian packaged):
- freeradius 2.0.4
- pgsql 8.3
When AUTHing and ACCounTing, the FreeRADIUS makes some SQL
queries containing the NAS information.
Currently, on our system, the query SELECTs a function and
depending on that NAS information brought in the query
we answer
When AUTHing and ACCounTing, the FreeRADIUS makes some SQL
queries containing the NAS information.
Currently, on our system, the query SELECTs a function and
depending on that NAS information brought in the query
we answer by a Access-Reject if from the bad NAS.
- Is there, in the default
Hi,
I have a running FreeRADIUS installation (v 1.1.3-1.4 - as supplied by
Red Hat), which is happily authing my local users
(login@canterbury.ac.uk) via ntlm to active directory on Windows, this
is achieved by matching my local domain in the proxy.conf . All other
requests it passes on to an
I have a running FreeRADIUS installation (v 1.1.3-1.4 - as supplied by
Red Hat)
Upgrade. This is easy to do with unlang in 2.x.
http://wiki.freeradius.org/Red_Hat_FAQ
I do however need to add in certficate based authentication for a pool
of loan laptops which will not be using local auth
Hi all:
I am using freeradius with mysql I want to want to create a group
that with default reject response . so when I put a user in this
group he gets access-reject from freeradius.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I am using freeradius with mysql I want to want to create a group
that with default reject response . so when I put a user in this
group he gets access-reject from freeradius.
Read the FAQ.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See
Yes uncomment thoose lines, then restart freeradius.
Re run radmin and pass it the hup files command.
regards
Don't forget to reply to the list it may help some else.
Le lundi 03 août 2009 à 14:14 +, paul.blal...@gmail.com a écrit :
It looks like the control socket file
in
Hello Alan an all,
Could you please give me more details regarding this error? (rlm_ldap:
ldap_search() failed: Operations error)
We start seeing this message when migrate from Windows 2000 to Windows 2003.
We are using freeradius-1.1.3-1.4.el5.i386.rpm.
Is this version of freeradius compatible
Hi,
I am in the process of setting up freeRADIUS on Mac OSX. We're a small
group looking into becoming a WISP. Can anyone tell me if there is a
RAS that runs on OSX?
The install of freeRADIUS itself seems to have gone smoothly, and I
installed MySQL 5.1 as well, no hitches. I have not, tho,
hi,
hoping that their password for their PC account is the same as you have in
LDAP or AD... hwta you need to do is enable the nt fix stuff in the mschap
module etc - and then ,when doing auth, use the stripped username, dont use
the mschap:username etc - this will be a plain user name without
Hi,
Could you please give me more details regarding this error? (rlm_ldap:
ldap_search() failed: Operations error)
We start seeing this message when migrate from Windows 2000 to Windows 2003.
We are using freeradius-1.1.3-1.4.el5.i386.rpm.
Is this version of freeradius compatible with
On 08/03/2009 03:16 PM, Alan Buxey wrote:
hi,
hoping that their password for their PC account is the same as you have in
LDAP or AD... hwta you need to do is enable the nt fix stuff in the mschap
module etc - and then ,when doing auth, use the stripped username, dont use
the mschap:username etc
Hi,
Passwords are the same. I believe I did set the with_ntdomain_hack as
shown below. How would I go about checking which user name I am using
when doing auth?
radiusd -X
it tells you everything you need to know
alan
-
List info/subscribe/unsubscribe? See
I would like to leave that option checked however when I do so the
rlm_ldap fails because it is looking up DOMAIN\5cUSER. I have searched
around a found a few leads but most of the deal with authenticating with
ActiveDirectory and even if I do try their suggestions it doesn't seem
to work.
I am in the process of setting up freeRADIUS on Mac OSX. We're a small
group looking into becoming a WISP. Can anyone tell me if there is a
RAS that runs on OSX?
The install of freeRADIUS itself seems to have gone smoothly, and I
installed MySQL 5.1 as well, no hitches. I have not, tho,
Don't be *too* helpful, my head may explode.
On Mon, Aug 3, 2009 at 5:25 PM, Ivan Kalikt...@kalik.net wrote:
I am in the process of setting up freeRADIUS on Mac OSX. We're a small
group looking into becoming a WISP. Can anyone tell me if there is a
RAS that runs on OSX?
The install of
After a little trial and error, and not changing anything on the wireless
client side, I got FreeRADIUS to use mschap, but I'm now getting this error:
[mschap] No MS-CHAP-Challenge in the request
++[mschap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering
Don't be *too* helpful, my head may explode.
Try asking questions about freeradius not how to use a computer.
How to find out if a process is running: you type a command at the command
prompt and computer lists the running processes. Same on Windows, OS X,
Linux or any other operating system.
Hello,
I have to plan an upgrade of my freeradius setup.
I am wondering if I shall upgrade now to 2.1.6 or wait until the next
comming 2.1.7 release.
What are the new features, improvements, or bug fixes that should come
with 2.1.7?
Is there Major leacks in 2.1.6?
thanks
-
List
Hi Ivan
Ok i managed to install ca.der and client.p12 on my XP
When i run radiusd -X i get
rad_recv: Access-Request packet from host 203.121.4.59 port 6001,
id=30, length=216
User-Name = devin...@palettemm.com
NAS-IP-Address = 203.121.4.59
Called-Station-Id =
Hi Ivan,
When i clik on my SSID palstaff it prompts for the certificate name
username on certificate so i selected
devin...@palettemm.com
Click OK then authentication failed on the SSID
2009/8/4 Devinder Singh devinbhul...@gmail.com:
Hi Ivan
Ok i managed to install ca.der and client.p12 on
++[unix] returns notfound
[files] users: Matched entry devin...@palettemm.com at line 94
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap]
Hello,
Does anyone know if these projects still active! In fact , I d like to
install it on my server but it looks like non-existent!
Thanks!
Sincerly!
--
JJohnny R.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi
I have used Daloradius and its easier to set up and install
google Daloradius - authored by Liran Tal
2009/8/4 RANDRIAMAMPIONONA José Johnny vasian...@gmail.com:
Hello,
Does anyone know if these projects still active! In fact , I d like to
install it on my server but it looks like
So, apparently when I have LDAP turned off for authorization in
sites-enabled/default I can authenticate properly, but when I uncomment it, I
can't. To get LDAP working with FreeRADIUS 2.1.6, LDAP is currently being used
for authorization in the inner-tunnels config file, BUT for
50 matches
Mail list logo