Hi.
I wrote wrong period of reseting (never). I played with 'monthly'. It was ok
when no-reset counter was used.
Looking at source of rlm_sqlcounter I understood
a.) this module is designed for time counters;
b.) the returned value is result of more complex calculation when counter has
period o
Mike O'Connor wrote:
>
> Using freeradius 2.1.4 the following works if I user the hints file.
>
> DEFAULT Called-Station-Id == "splns357"
>User-Name := "%{user-na...@mb.webshield.net.au"
>
> The user is proxied to the correct server and the user is correctly set.
>
Alexander Clouter wrote:
> Mike O'Connor wrote:
>
>> Using freeradius 2.1.4 the following works if I user the hints file.
>>
>> DEFAULT Called-Station-Id == "splns357"
>>User-Name := "%{user-na...@mb.webshield.net.au"
>>
>> The user is proxied to the correct server
Finally. I got it working with the files (users and huntgroups), but i need
this to work in SQL instead and seem to run into the same problem. All
NAS-IP:s are accepted. Why??
I am so close but not quite there. Please help!
Followed a guide from jdennis that i googled up, but something is acceptin
Hi,
I have a wifi with wpa2, with peap and mschap2, with db users with
active directory, and all is working fine if my users log in with:
WINDOWSDOMAIN\userlogin
as username, but if the users auth as userlogin, the server reply:
Auth: Login incorrect (rlm_mschap: No such user (0xc064)):
The
>
> Finally. I got it working with the files (users and huntgroups), but i
> need
> this to work in SQL instead and seem to run into the same problem. All
> NAS-IP:s are accepted. Why??
Because if sql group doesn't match it is ignored - user is not rejected.
> I am so close but not quite there. P
> I have a wifi with wpa2, with peap and mschap2, with db users with
> active directory, and all is working fine if my users log in with:
>
> WINDOWSDOMAIN\userlogin
>
> as username, but if the users auth as userlogin, the server reply:
> Auth: Login incorrect (rlm_mschap: No such user (0xc064)
That is my ntlm_auth:
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--domain=%{mschap:NT-DOMAIN} --username=%{mschap:User-Name}
--challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}"
What i can change to fix that?
On Thu, Aug 27, 2009 at 12:16, Ivan Kalik wrote:
>> I hav
Hi,
> That is my ntlm_auth:
> ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
> --domain=%{mschap:NT-DOMAIN} --username=%{mschap:User-Name}
> --challenge=%{mschap:Challenge:-00}
> --nt-response=%{mschap:NT-Response:-00}"
>
> What i can change to fix that?
currently you have --domain=%{mschap:NT
Thank you very much. Work fine!
Большое спасибо.
2009/8/27 Ivan Kalik :
>> That is my ntlm_auth:
>> ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
>> --domain=%{mschap:NT-DOMAIN} --username=%{mschap:User-Name}
>> --challenge=%{mschap:Challenge:-00}
>> --nt-response=%{mschap:NT-Response:-00}"
>>
Hi Guys
This email tries to ask my question in a different way, to last time.
I need to Rewrite the User-Name of individual accounts to add a realm,
this would need to reliable up to at least 1 users.
Does any one have any ideas on how this might be done, in a way that can
be updated with ou
I don't know specifics, but pretty much any change will require an FR restart;
kill -1
With the perl and python modules you can do pretty much anything, but I think
you could also do this with "unlang". I recall reading examples of this, did
you check the files in the "doc" dir?
Wish I c
If I change NT-DOMAIN by the name of my real domain, the radius don't
work. I have changed the --domain by:
--domain=%{%{mschap:NT-DOMAIN}:-WINDOWSDOMAIN}
Where WINDOWSDOMAIN is the real name of my domain, as told me Ivan
Kalik, and all is working.
On Thu, Aug 27, 2009 at 14:36, Alan Buxey wrote
On Thu, Aug 27, 2009 at 10:57:47PM +0930, Mike O'Connor wrote:
> I need to Rewrite the User-Name of individual accounts to add a realm,
> this would need to reliable up to at least 1 users.
>
> Does any one have any ideas on how this might be done, in a way that can
> be updated with out resta
I've had FreeRadius 2.1.6 running ippools fine on one linux server and just
installed it on a new one. They run with --prefix=/usr on both servers, which
neccessitated me putting /usr/lib in /etc/ld.so.conf to get rlm_ippool to load
on the new server.
I copied over the old raddb tree, but w
Hi
I have installed free radius, with GTC and NIS
on Mac, iphone, linux is working
however, I am not able to configure XP SP2
When I go on EAP PEAP properties
I can choise only EAP_MSCHAP2 and autre certificate
I would like that XP was able to download the certificate automaticaly
What I am doing
Hello.
I am trying to setup FreeRadius server so it proxies all requests to
Server1 and also sends copy of accounting packets to Server2.
Proxying is working fine, but I cant get the copy-acct-to-home-server
function to work.
At the moment, authentication works fine, but accounting packets ge
> however, I am not able to configure XP SP2
> When I go on EAP PEAP properties
> I can choise only EAP_MSCHAP2 and autre certificate
>
> I would like that XP was able to download the certificate automaticaly
> What I am doing wrong
Nothing. It can't.
Ivan Kalik
Kalik Informatika ISP
-
List info
You have defined your 2 home server in a single pool
Unfortunately, home_server_pool are only of type fail-over (packet sent
to the second server *ONLY* if first fails) or load-balance (differents
flavours) but not type allow for acct packet to be sent to both server.
You must use detail-file and d
Hello All
My needs are simple. Use an exiting LDAP server to communicate with
FreeRadius.
After reading a number of sources (including the FAQ) I am a bit
confused as to what is required? I will start out simple with WPA using
LEAP - since all my client boxes can use it.
Questions:
Do I need an
> Questions:
>
> Do I need any special schema for ldap to use this plan? Y/N
>
No.
> If NO, what other settings need to be set on the client, ldap and
> FreeRadius server for testing.
Configure ldap module (raddb/modules/ldap, instructions in doc/rlm_ldap)
and uncomment ldap in authorize section
Replying to myself...I'm a dope. I deleted all the db.*ippool* files and
let it create new ones and it's fine now.
On Thu, 27 Aug 2009, u...@3.am wrote:
I've had FreeRadius 2.1.6 running ippools fine on one linux server and just
installed it on a new one. They run with --prefix=/usr on b
tnt,
Made the changes you suggested but could not locate the doc/rlm_ldap.
Do you have any simple tests for the settings I changed?
Steven
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-
List info/subscribe/unsubscribe? See ht
tnt,
I loaded FreeRadius in terminal using -X to see what is loading.
Here's what comes back - you will notice one complaint below - in the
rlm_ldap section: rlm_ldap: Over-riding set_auth_type, as there is no
module ldap listed in the "authenticate" section.
[r...@ns1 ~]# radiusd -X
FreeRADIUS
John Morrissey wrote:
> On Thu, Aug 27, 2009 at 10:57:47PM +0930, Mike O'Connor wrote:
>
>> I need to Rewrite the User-Name of individual accounts to add a realm,
>> this would need to reliable up to at least 1 users.
>>
>> Does any one have any ideas on how this might be done, in a way that
If it is posible:
How to combine freeradius with postgresql?
How I can conect freeradius to postgres?
some one know about this or have experience?
any help will be welcome, thank you
--
Este mensaje le ha llegado mediante el servicio de correo electronico que
ofrece Infomed para respaldar el
On 08/27/2009 01:46 AM, Magui wrote:
If it is posible:
How to combine freeradius with postgresql?
How I can conect freeradius to postgres?
some one know about this or have experience?
any help will be welcome, thank you
Of course it's possible. There is existing documentation, files, and
examp
Hi All
So after a little playing this is how I got it to work.
We wrote a python program which set the Proxy-To-Realm as a control item
in the return. Then wrote some unlang code for authorize and preacct
which uses this to selectively rewrite the username so that it has a realm.
I have another
Hi Guys
How would I match for the packet type ie 'Access-Accept' in unlang
Mike
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi All,
I installed freeradius with detail, buffered-sql active. How to monitor the
buffered-sql module. If it stops or sleeps for very long time responding to
mysql db.?
I saw all of a sudden buffered-sql not pushing packets to mysql db
yesterday. After restarting radius process it started proces
30 matches
Mail list logo
