hello all,
after all, my freeradius server is working so fine ( i'm glad)
thanks for all of u taking time to help me.
i can successfully authenticate my users in users file with
Cleartext-Password.
so know i'd like to authenticate my users through openldap, men that i won't
put all my users in
i just want to understand
according to man 5 users,
the DEFAULT Auth-Type = LDAP means that for all users reaching this
entry, perform authentication against LDAP, process any following entries
which may match.
so why i got an unknown value LDAP for attribute Auth-Type ?
knowing that in
Hi all,
I am not able to use the set or add command when using radmin. Could you
please provide me a pointer on the same.
This is the error which i am getting.
radmin add help
ERROR: You do not have write permission. See mode = rw in
/usr/local/var/run/radiusd/radiusd.sock
radmin help
add
Hello list,
is there an option in radiusd.conf how to enable debug logging only for
several rlm_modules,
e.g. I have rlm_perl and I only want debug messages for this.
Thanks for your reply in advance.
T.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I am not able to use the set or add command when using radmin. Could you
please provide me a pointer on the same.
This is the error which i am getting.
radmin add help
ERROR: You do not have write permission. See mode = rw in
/usr/local/var/run/radiusd/radiusd.sock
the error
Hi Alan,
But how do I enable that option?
Any specific command?
Regards,
Abhilash
-Original Message-
From: Alan Buxey [mailto:a.l.m.bu...@lboro.ac.uk]
Sent: Thursday, March 11, 2010 5:19 PM
To: absha...@cisco.com; FreeRadius users mailing list
Cc: al...@freeradius.org
Subject: Re:
sorry but nobody has a clue?
Regards
2010/3/11 omega bk omeg...@gmail.com
i just want to understand
according to man 5 users,
the DEFAULT Auth-Type = LDAP means that for all users reaching this
entry, perform authentication against LDAP, process any following entries
which may
Yes... i did it.
When I run freeradius in debug mode (radiusd -X) I see that the nasipaddress
make a match with radhuntgroup, but nothing happen after that, just the default
process of authentication.
Date: Wed, 10 Mar 2010 14:58:08 -0800
Subject: Re: Users Groups
From:
On 03/11/2010 06:58 AM, Abhilash Shastry -X (abshastr - Infosys at
Cisco) wrote:
Hi Alan,
But how do I enable that option?
Any specific command?
If you can't understand what the following means:
You do not have write permission. See mode = rw in
Joel Prine wrote:
UPDATE:
It is definitely the # that is killing me, if i move the # sign
anywhere in the string it keeps only the piece prior to the # sign of
the string, is there a way to escape this character?
Use a string.
Cisco-Avpair = lcp:interface-config#1=rate-limit input 512000
People keep CC'ing me on NEW messages to the list. In case you hadn't
noticed, I *do* read the list. Sending me *another* copy of the message
is rude.
From now on, I'm going to ignore any messages sent to the list which
CC me.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
= rosario
User-Password = \202\204\005\340-\275\341\344u\351-\310L$\260\242
+- entering group authorize {...}
++[preprocess] returns ok
expand:
/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -
/var/log/freeradius/radacct/127.0.0.1/auth-detail-20100311
[auth_log]
/var
On 11/03/10 14:35, Rosario Lumia wrote:
Hi to all.
I've this configuration:
- freeradius 2.x
- in mysql i have user rosario with attribute NT-Passwors and value
NTHash of my password
when i try to use radtest works greatlly.
But i have a web library the try to authenticate the same user
Thank you Phil. I did not know that the secret is used (also) to garbling
the password.
Thank you so much.
Rosario
2010/3/11 Phil Mayers p.may...@imperial.ac.uk
On 11/03/10 14:35, Rosario Lumia wrote:
Hi to all.
I've this configuration:
- freeradius 2.x
- in mysql i have user rosario
I apologize if this is a trivial question, but I cannot find an explanation
regarding my specific question.
I have seen the following entry in the wiki regarding taking into account
Gigawords:
*snip*
Modify FreeRADIUS Queries
Secondly, modify the accounting queries in sql.conf to make the
Jeff Wark wrote:
I understand the left shifting of the Gigawords value and the subsequent
'or'-ing of the Acct-Input-Octets value to produce one 64-bit value.
The part that confuses me is the repeated occurrence of the ':-0' at the
end of each variable. What is the purpose of this? I have
Fazal Ahmed Malik wrote:
I am having trouble to implement monthly data transfer limit in
Freeradius. Does any body have implemented such solution please let me
know how to configure Freeradius to fullfill this requirement.
Read raddb/sql/mysql/counter.conf
If you have any problems, see
Sebastien Chapiron wrote:
I'm trying to setup a radius server in order to authenticate users from
OpenVPN and I am therefore using the libpam-radius-auth plugin (on
Ubuntu 9.10).
Since the RADIUS requests that this lib sends are using PAP (as far as I
can tell from the freeradius debug
bi...@antworte.me wrote:
is there an option in radiusd.conf how to enable debug logging only for
several rlm_modules,
e.g. I have rlm_perl and I only want debug messages for this.
Not at this time.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
hello
i got my user bernard on my openldap database.
see my ldapserch:
radtest:# ldapsearch -x -b dc=example,dc=com uid=bernard
# extended LDIF
#
# LDAPv3
# base dc=example,dc=com with scope subtree
# filter: uid=bernard
# requesting: ALL
#
# search result
search: 2
result: 0 Success
#
On 03/11/2010 12:02 PM, omega bk wrote:
hello
i got my user bernard on my openldap database.
see my ldapserch:
radtest:# ldapsearch -x -b dc=example,dc=com uid=bernard
...
[ldap] performing search in ou=users,ou=radius,dc=example,dc=com,
with filter (uid=bernard)
[ldap] object not found
You really need to *READ* the messages you're posting.
omega bk wrote:
i got my user bernard on my openldap database.
see my ldapserch:
radtest:# ldapsearch -x -b dc=example,dc=com uid=bernard
...
# numResponses: 1
...
[ldap] performing search in ou=users,ou=radius,dc=example,dc=com,
On Thu, Mar 11, 2010 at 5:55 PM, Alan DeKok al...@deployingradius.comwrote:
Sebastien Chapiron wrote:
P.S: using IPSec to secure the channel between the radius client and
server is too much pain in the ass to be considered as a viable
solution. I'm not *that* paranoid !
shrug Using a
It's a pity. OK.
How can I have a minimal logging to log ONLY
requests (i.e. rejects and accepts)?
Is there a way to do this?
Thanks for your reply in advance.
Tom.
On Thu, 11 Mar 2010 17:56:27 +0100, Alan DeKok al...@deployingradius.com
wrote:
bi...@antworte.me wrote:
is there an option in
Hi All;
I have Freeradius 2 setup with the MySQL database back-end and it is working
really well with one Cisco VPN 3060, I also allow multiple logins from the same
user.
But yesterday i have added a second VPN server and whole thing stop working,
user gets authenticated across the 2
Can you clarify this statement:
but my user still got the privilege to connect to all the routers in
the network
Do you send a specific RADIUS attribute, like a VSA? Or are you making
this statement based upon receiving an Access-Accept?
-M
On Thu, Mar 11, 2010 at 5:16 AM, Siryx XL
My statement is based upon an Access-Acept, i'm not sending any attibutte
already.
Thanks.
Date: Thu, 11 Mar 2010 10:59:04 -0800
Subject: Re: Users Groups
From: li...@beatmixed.com
To: freeradius-users@lists.freeradius.org
Can you clarify this statement:
but my user still got the
On 11 March 2010, at 03:43, bi...@antworte.me bi...@antworte.me wrote:
Hello list,
is there an option in radiusd.conf how to enable debug logging only for
several rlm_modules,
e.g. I have rlm_perl and I only want debug messages for this.
Thanks for your reply in advance.
It can be
Alan,
Could you please tell me what attributes I should use in the Accounting
section to achieve the following:
if ((Packet-Src-IP-Address != A) (Packet-Src-IP-Address != B)) {
copy-acct-to-home-server-A
copy-acct-to-home-server-B
}
I have tried
29 matches
Mail list logo