Hi Ivan,
my problem was that in LDAP i have the passwords save as SSHA, so i cant do
802.1x with EAP/PEAP/mschap
as i dont wanna change my LDAP configuration to store the passwords in
clear-text, or to use samba.scheme and to use NT hash. The only option
remaining from my view point was to
Caius wrote:
regarding your tips:
a) i dont wanna do, maybe if i have no other choice, ill have 2 password
attributes SSHA+NTLM, but its a clear no to clear-text, and a maybe to NT hash
NTLM is largely a version of MSCHAP for Active Directory.
If you want to do PEAP authentication, you
Dear all;
I'm having an issue when proxying an access-request message between two WiMAX
networks.
I recently downloaded FR 2.1.8 and I'm in the middle of the messaging path.
The home network is using EAP-TLS but it should be transparent for the proxy
right?
The issue is with the AVP
Alan DeKok al...@deployingradius.com wrote:
If I can not find something wrong caused by us, I will fill a bug
report. So far, nothing is found.
All of the time you spend investigating things is WASTED. The ONLY
thing that will help is to follow the instructions in doc/bugs.
Follow
Yes, i used the guide. But it only informs to use vendor-specific attribute
but don´t say the value of this attribute.
I called to 3COM before sent this e-mail.
But my switch has more than 3 mounths, so the support can´t help me, because
the support guaranty already expired.
So, if anyone have
11/11/2009 01:42 PM, Rafael Fernandes:
So, if anyone have any idea to help me.
http://www.google.com/search?q=3com+forum
--
Architecte Informatique chez Blueline/Gulfsat:
Administration Systeme, Recherche Developpement
+261 33 11 207 36
-
List
Hello everyone.
I just wanted to thank you so much for your time.
I found a solution without having to modify the control rules files in the
debian folder.
So I got freeradius function with OpenSSL and PEAP now.
Now I only need to find a know how for configuring Freeradius so it will
Hi, guys.
Please, could someone read this output from freeradius' debugging mode to help
me? Thanks in advance.
(I just omitted some informations such as IP, User-Password etc)
My scenario is:
- Server: Debian GNU/Linux lenny x86_64 kernel 2.6.26-2-amd64
- Freeradius 2.0.4
- MySQL 5.0.51a
-
Wagner Pereira wrote:
I think this output is more complete and useful. Thank you one more time.
You haven't said what is going wrong, or what you want it to do.
The debug log shows an Access-Accept. What's wrong with that?
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Peter Carlstedt wrote:
Now I only need to find a know how for configuring Freeradius so it
will accept authentication from Mac and Windows machines. Can anyone of
you recommend a good site? :)
http://deployingradius.com
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Hey, Alan.
This is an interesting website! Will you intend to sell that
DeployingRADIUS' book soon? If yes, through which website? How can it
shipping to here, Brazil?
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presena da RNP em So Paulo
CCE/USP - Centro de Computao Eletrnica da Universidade
Alan,
I've tried to authenticate an user (myself!) in a Cisco6500 router.
Then, in this router, I configured the necessary lines to authenticate
myself in other server, where the freeradius is. I set this freeradius
up to "talk" with my mysql database.
--
Wagner Pereira
PoP-SP/RNP - Ponto
Hi all,
FreeRADIUS 2.1.7
I currently have a server A that proxies accounting packets to server B.
I would like server A to proxy those same accounting packets to server C
as well.
Currently this is my setup:
Server A
clients.conf:
-
client server_B_ip {
ipaddr
Boa tarde,
Há algum brasileiro nessa lista querendo trocar experiência sobre
freeradius+mysql?
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
(11) 3091-8902
-
List
I think this picture can help YOU to help ME : )
This represents how my radgroupreply table, on my MySQL database, was
set up.
Mensagem original
Assunto:
Re: [Fwd: I need some help with freeradius 2.0.4]
Data:
Wed, 11 Nov 2009
On 11/11/2009 12:12 PM, Wagner Pereira wrote:
I think this picture can help YOU to help ME : )
Please do not send images to the list. Please use text instead.
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List info/subscribe/unsubscribe?
Sim eu sou brasileiro e ultilizo essa lista.
Att.
On Wed, 11 Nov 2009 14:50:09 -0200, Wagner Pereira wpere...@pop-sp.rnp.br
wrote:
Boa tarde,
Há algum brasileiro nessa lista querendo trocar experiência sobre
freeradius+mysql?
--
A entrada de seus negócios para o mundo virtual
Thiago
tbm sou
2009/11/11 Thiago Cesar thi...@kionux.com.br
Sim eu sou brasileiro e ultilizo essa lista.
Att.
On Wed, 11 Nov 2009 14:50:09 -0200, Wagner Pereira wpere...@pop-sp.rnp.br
wrote:
Boa tarde,
Há algum brasileiro nessa lista querendo trocar experiência sobre
freeradius+mysql?
11/11/2009 08:12 PM, Wagner Pereira::
I think this picture
Uh???
Your computer doesnt let you copy/paste as text MySQL output???
--
Architecte Informatique chez Blueline/Gulfsat:
Administration Systeme, Recherche Developpement
+261 33 11 207 36
-
Ok, John. It's understood.
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
(11) 3091-8902
John Dennis escreveu:
On 11/11/2009 12:12 PM, Wagner Pereira wrote:
I think this
Hi, Rakotomandimby.
What you meant with text MySQL output? How should I do that?
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
(11) 3091-8902
Rakotomandimby Mihamina
Parabéns
tbm sou
2009/11/11 Thiago Cesar thi...@kionux.com.br
Sim eu sou brasileiro e ultilizo essa lista.
Att.
On Wed, 11 Nov 2009 14:50:09 -0200, Wagner Pereira
wpere...@pop-sp.rnp.br
wrote:
Boa tarde,
Há algum brasileiro nessa lista querendo trocar experiência sobre
Ol, Thiago e Alisson.
Um prazer conhec-los. Estou em busca de colegas que queiram trocar
experincias sobre implementao de freerasdius + mysql. Algum de vocs
j conseguiu autenticar usando o cenrio abaixo?
MySQL database
^
|
|
|
| | freeradius server - debian x86_64
| |
| |
| |
wagner Nesse espoco seu desenhado não, eu tenho freeradius
autenticando em ldap, tenho freeradius mysql sendo autenticado por nas
não da Cisco.
Att.
A entrada de seus negócios para o mundo virtual
Thiago Cesar
Diretor TI
MSN: thiago_rodrig...@hotmail.com
Skype: thiago_ceor
Please, could someone read this output from freeradius' debugging mode to
help me? Thanks in advance.
My scenario is:
- Server: Debian GNU/Linux lenny x86_64 kernel 2.6.26-2-amd64
- Freeradius 2.0.4
- MySQL 5.0.51a
- Calling Station: Windows XP Professional 32 bits SP3
- Software client:
What you meant with text MySQL output? How should I do that?
By the amazing technique od copy/paste.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ok, Thiago. Sem problema.
Estou começando a achar que o problema está na configuração do IOS,
pois o radtest me retorna um Access-Accept. Você concorda com isso?
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade
Funny! : ) but what output should I copy/paste here? from freeradius
-X ? I already did that in my first message sent to freeradius-users.
If necessary, I can paste it again.
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presena da RNP em So Paulo
CCE/USP - Centro de Computao Eletrnica da
my problem was that in LDAP i have the passwords save as SSHA, so i cant
do 802.1x with EAP/PEAP/mschap
as i dont wanna change my LDAP configuration to store the passwords in
clear-text, or to use samba.scheme and to use NT hash. The only option
remaining from my view point was to try and
Funny!nbsp; : ) but what output should I copy/paste here? from freeradius
-X ? I already did that in my first message sent to freeradius-users.
If necessary, I can paste it again.br
pre class=moz-signature cols=72--
Wagner Pereira
For starters read this:
Ivan,
I did what you recommended (I guess). See below:
mysql select * from radgroupreply;
++---+++---+--+
| id | groupname | attribute | op | value |
Prio |
++---+++---+--+
Se o Freeradius assinala via radtest o Accept, com certeza deve ser
problema na config do seu IOS.
Att.
On Wed, 11 Nov 2009 16:42:59 -0200, Wagner Pereira wrote:
Ok, Thiago. Sem problema.
Estou começando a achar que o problema está na
configuração do IOS, pois o radtest me retorna um
!DOCTYPE html PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN
Enough with that HTML It produces extraordinary ammount of crap as you
can see:
I did what you recommended (I guess). See below:br
No, you didn't. But getting closer.
|nbsp; 1 | pop-spnbsp;nbsp;nbsp; | Framed-Compression | := |
Dear colleagues,
I am introducing now a new information. Below is what is declared into
my IOS - Cisco 6500. Is this correct?
aaa new-model
aaa group server radius admin
!
aaa authentication login default group radius local
aaa authentication enable default line enable
aaa authorization
Wagner Pereira wrote:
Dear colleagues,
I am introducing now a new information. Below is what is declared into my IOS -
Cisco 6500. Is this correct?
Why don't you just read the cisco wiki page.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See
Ok, Ivan. I guess I removed that HTML craps now : )
Below is my new radgroupreply:
mysql select * from radgroupreply;
++---+---++---+--+
| id | groupname | attribute | op | value | Prio |
Ivan,
I already read the Cisco wiki page and I implemented what they
recommend, but it's not working yet.
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
(11) 3091-8902
I already read the Cisco wiki page and I implemented what they
recommend, but it's not working yet.
Does the debug now show Nas-Prompt-User in Access-Accept packet? If it
does - it's some problem on the router - debug ip ssh.
Ivan Kalik
Kalik Informatika ISP
-
List
Hi,
I found a new man-in-the-middle attack with SSL.
http://www.sslshopper.com/article-ssl-and-tls-renegotiation-vulnerability-discovered.html
I am afraid if freeRADIUS use SSL renegotiation? The freeRADIUS version is
1.1.6. We use EAP-TLS and the backend OpenLDAP server with TLS
Hi All, thanks. Now the 3COM is authenticationing on freeradius. But i
don?t know how to set diferent priorities to users; My 3COM is 4210
and have 3 levels of priority. Does anybody know how to send the level
of priority by freeradius? Thanks.
If I got it right you, you need access to the
Hi:
I'm trying to configure a FreeRadius server to perform a certification
authentication from a Windows Laptop.
I have follow the steps at
http://wiki.freeradius.org/WPA_HOWTO#HOWTO_Do_It:_An_Outline
But when I try to do the connection, it never ends... and I get peridical
messeges at the
John wrote:
I found a new man-in-the-middle attack with SSL.
http://www.sslshopper.com/article-ssl-and-tls-renegotiation-vulnerability-discovered.html
It's a nice attack on SSL.
I am afraid if freeRADIUS use SSL renegotiation? The freeRADIUS version
is 1.1.6. We use EAP-TLS and the
Hi Ivan,
i know about the restrictions,
but do you know how weak that NT hash is?
from what i know its MD4 hashing, where is that use nowadays? not even MD5 is
used anymore ...
the MD4 algorithm was one of the earliest MD algorithms ... made in '90, and
MD5 came as a improvement and is to
43 matches
Mail list logo
