Greetings,
I got freeradius running on F12. I see the radiusd.conf file uses ports 0
instead of 1812 and 1813. Netstat -a does not tells me which ports numbers
Radius is listening on, instead I see two ports with *:* in the port number.
Is there config examples on this cofig file and
hi,
In a ldap authentication i try to check the expiration date.
With default ldap schema there is ldap attribute named shadowexpire. And
i'm pretty sure the format is unix timestamp.
Can i use it directly with freeradius ldap.attrmap like that :
checkItem Expiration
Hi Alex,
RADIUS uses port 1812 for authentication and 1813 for accounting.
Since these are well known ports, netstat -a will not explicitly show you
the port #s being used but the name of the protocol instead for easy
identification.
See sample below:
agalnx-srv-01:~ # netstat -a
Active
Iam using Freeeadius 2.1.0. The setup is working fine with EAP-TTLS,
PEAP
method.But for EAP TLS, it gives the below error..
Please let me know how to solve..
[eap] Handler failed in EAP/tls
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Well,
I got freeradius running on F12. I see the radiusd.conf file uses ports 0
instead of 1812 and 1813.
Now go back and read comments above port = 0 entry.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
In a ldap authentication i try to check the expiration date.
With default ldap schema there is ldap attribute named shadowexpire. And
i'm pretty sure the format is unix timestamp.
Can i use it directly with freeradius ldap.attrmap like that :
checkItem Expiration
Hi Fernando,
It is highly recommended that you turn off HTML capability on your e-mail
client to post comments to this list. Many people on the list have chosen to
use mail programs that aren't HTML capable and they can barely read your
message -- it shows up as HTML junk.
If you're using a
tnt-5 wrote:
client.crt: client.csr ca.key ca.pem index.txt serial
openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key
$(PASSWORD_SERVER) -out client.crt -extensions xpclient_ext -extfile
At a glance, that should be ca password.
Ivan Kalik
-
List
I changed it but it's always the same problem:
[tls] TLS_accept: SSLv3 write certificate request A
[tls] TLS_accept: SSLv3 flush data
[tls] TLS_accept: Need to read more data: SSLv3 read client
certificate
A
Problem? What problem? Those are normal openSSL messages.
Ivan Kalik
tnt-5 wrote:
I changed it but it's always the same problem:
[tls] TLS_accept: SSLv3 write certificate request A
[tls] TLS_accept: SSLv3 flush data
[tls] TLS_accept: Need to read more data: SSLv3 read client
certificate
A
Problem? What problem? Those are normal openSSL
ESET NOD32 Antivirus, version of virus signature
database 4662 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4662 (20091205) __
The message was checked
At 12:55 PM 12/5/2009, Alex Bahoor wrote:
Ivan,
I red that. Assigning dynamic ports other than the specific ones, could be
to resolve conflict incase the ports are assigned to different processes.
But that does not make sense, there must be other reasons, otherwise, tftp,
ftp, mail, telnet,
://www.freeradius.org/list/users.html
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4662 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4662
Hello,
I've managed to configure freeeradius to do static dhcp assignement with
the dhcp virtual server and the mac2ip module.
Could we use any module inside dhcp server ? I wanted to use sql but
doesn't seems to work.
server dhcp {
modules {
Module: Checking dhcp DHCP-Discover {...}
On Sat, 5 Dec 2009, Alex Bahoor wrote:
They do? Networking would not work, when the ports would be dynamic.
Inetd would not be functional or useful...etc.
Dynamic as in you can change them from the default, in case something
else is already using the port, or you want to move it for other
/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4662 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__ Information from ESET NOD32
Alex Bahoor wrote:
It seems that we agree on the concept. However, netstat -a on the server
shows *:* for the port numbers of RADIUS, when it's dynamically assigned.
No, it doesn't. It shows that the *outgoing* IP and port are *:*.
This is normal for many UDP sockets.
Alan DeKok.
-
List
://www.freeradius.org/list/users.html
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4662 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__ Information from ESET NOD32 Antivirus, version of virus signature
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4662 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4662 (20091205
Alex Bahoor wrote:
Imagine DNS uses dynamic port assignment instead of port 53? Guess what,
no one would be able to use the internet. :-)
You can believe that the Internet doesn't work, or you can believe
that you don't understand the output of netstat.
Which one is likely to be true?
is likely to be true?
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4662 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http
This is a fact--the internet would not work if DNS uses dynamic port to
listen to? You must understand, all these known port numbers are used to
start up client connections
Ok, let's say you want to use port 1645 for radius authentication. What do
you do? Go round the shops and see if they
http://www.freeradius.org/list/users.html
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4663 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__ Information from ESET NOD32 Antivirus, version
] returns ok
expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
- /var/log/freeradius/radacct/127.0.0.1/auth-detail-20091205
[auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/freeradius/radacct/127.0.0.1/auth-detail-20091205
database 4663 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__ Information from ESET NOD32 Antivirus, version of virus
signature
database 4663 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
At 02:54 PM 12/5/2009, Alex Bahoor wrote:
Ivan,
Imagine DNS uses dynamic port assignment instead of port 53? Guess
what, no one would be able to use the internet. :-)
Alex
First, I believe you're trying to respond to me.
Second, you're asking questions about which you don't apparently
I'm trying to setup a tunnel and authenticate with mschap, but it does not
seem to work.
No wonder:
ad_recv: Access-Request packet from host 127.0.0.1 port 45716, id=28,
length=65
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = wim
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4663 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__ Information
? See
http://www.freeradius.org/list/users.html
__ Information from ESET NOD32 Antivirus, version of virus
signature
database 4663 (20091205) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__ Information from ESET NOD32 Antivirus
At 09:32 PM 12/5/2009, Alex Bahoor wrote:
I hope that help,
It helps show you're not worth bothering with. Thanks.
Bye.
Rick
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
30 matches
Mail list logo