Mike Bernhardt wrote:
> Just to clarify my questions:
> If one of the servers I'm proxying to is dead, is there a way to reduce the
> number of times freeradius tries before failing over to the next one?
Read raddb/proxy.conf
> 2. Are there any ways to make this process more efficient, given th
Just to clarify my questions:
If one of the servers I'm proxying to is dead, is there a way to reduce the
number of times freeradius tries before failing over to the next one?
2. Are there any ways to make this process more efficient, given that status
check currently doesn't work with the downstre
From: Alan DeKok
To: FreeRadius users mailing list
Sent: Thu, January 28, 2010 1:00:47 AM
Subject: Re: Allowing Access via 'users' when LDAP fails
Amaru Netapshaak wrote:
> Right now, if a user
> isnt found in the LDAP database, a reject is returned to the s
Mike Bernhardt wrote:
> I found the major problem that caused my configuration to not work. This was
> in regards to getting freeradius to proxy EAP/PEAP to IAS servers as
> standard CHAP.
? That's impossible. PEAP uses a MD4 hash of the password, and CHAP
uses an MD5 hash of the password. Yo
I found the major problem that caused my configuration to not work. This was
in regards to getting freeradius to proxy EAP/PEAP to IAS servers as
standard CHAP. I was using freeradius 2.1.7, and then 2.1.8 as recommended
by someone. Neither worked.
The solution was to back down to 2.1.4. Is this a
Ovi C wrote:
...
> Failed to authenticate the user.
> WARNING: Unprintable characters in the password.Double-check
> the shared secret on the server and the NAS!
So...
> Somehow the client is not sending the cleartext password from database
> and this causes the error.
> The shared se
I have read this document. It is asking me to add something like this to my
users.conf file. I don't understand. What group do I use? Is it asking me for a
local group or an eDirectory group?
DEFAULT Group == "staff", Simultaneous-Use := 4 Fall-Through = 1 DEFAULT Group
== "business", Simulta
Sorry bother you once more.
Can you please specify which files and option must I change
exactly...
José Campos
-Mensagem original-
De: freeradius-users-bounces+jjscampos=gmail@lists.freeradius.org
[mailto:freeradius-users-bounces+jjscampos=gmail@li
I'm currently running Freeradius 2.1.7 across 3 servers and have been having a
recurring issue where proxied accounting packets
stop being relayed to my customers approximately after 1 month of uptime. Auth
still works just fine, but for some strange reason, acct just stops being
relayed. At fi
José Campos wrote:
> What do you sugest. Diable md5 on eap or not using eap?
Use an EAP method that works with an AP: PEAP, TTLS, ...
> Sorry, I'm not very familiar with this subject.
>
> Can't I still use WPA-EAP on my AP?
Yes... there are millions of people using that.
piston wrote:
> Due some limitation, my partner is using two different server to handle
> different auth-type (PAP / EAP), said server1 only take PAP cannot handle
> EAP, server 2 take EAP cannot handle PAP.
>
> But their user (realm xyz.com), login at my location maybe authenticate by
> PAP or
piston writes:
> Due some limitation, my partner is using two different server to
> handle different auth-type (PAP / EAP), said server1 only take PAP
> cannot handle EAP, server 2 take EAP cannot handle PAP.
>
> But their user (realm xyz.com), login at my location maybe
> authenticate by PAP or
Hello,
What do you sugest. Diable md5 on eap or not using eap?
Sorry, I'm not very familiar with this subject.
Can't I still use WPA-EAP on my AP?
José Campos
-Mensagem original-
De: freeradius-users-bounces+jjscampos=gmail@lists.freeradius.
Due some limitation, my partner is using two different server to handle
different auth-type (PAP / EAP), said server1 only take PAP cannot handle EAP,
server 2 take EAP cannot handle PAP.
But their user (realm xyz.com), login at my location maybe authenticate by PAP
or EAP, depending what kind
John wrote:
> Again. Now we can get attributes from AD domains using the Global
> Catalog port 3268.
>
> A new problem: there are 2 same accounts in 2 domains. And we use filter
> = "(sAMAccountName=%{mschap:User-Name})". Looks ldapsearch return 2
> results from AD. And freeRADIUS could not handl
Tevfik Ceydeliler wrote:
Because still I don't know why but When I dont use pool, and I use onle framed-ip-address and mask, user can get Access-Accept but cant get IP address and mask. Agai I don't know why but radius can't send to user Framed-IP-Address and Netmask. I sniff the client side
Can anyone provide any input? I'm really clueless\stuck at this point.
I've run some LDP tool to verify credentials and DN is correct. Any input
would be deeply appreciated.
On Wed, Jan 27, 2010 at 2:14 AM, Edwin Isada wrote:
> I commented out rebind and chase_referral, but this didn't fix the
17 matches
Mail list logo