On Mon, Mar 29, 2010 at 2:12 PM, Randall Degges rdeg...@gmail.com wrote:
FreeRADIUS Version 2.1.0, for host x86_64-pc-linux-gnu, built on Sep 17 2009
why?
better use latest stable version.
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Hi,
*PROBLEM*
The problem I'm having is that when I run Freeradius (in production or
debug mode), my Cisco AS5400 is unable to connect to the freeradius
server. When I do a netstat -a on my freeradius server, I see no
connections listening on ports 1812 and 1813 (which freeradius should
be
Hi Stefan,
Ah, I thought that it would have to show in the bottom portion of my netstat
with the port numbers.
Also, when I run tcpdump (tcpdump port 1812) (tcpdump port 1813) I see no
packets at all. I've submitted a ticket with rackspace, although I'm like
99% sure there is no firewall there.
Hi
I am trying to assign a VLAN for PEAP and TTLS clients using a section
like this in the inner-tunnel configuration:-
update outer.reply {
Tunnel-Private-Group-ID := 123
Tunnel-Type := VLAN
Tunnel-Medium-Type := IEEE-802
}
However, I can't
Is there any way to make this work?
I have it working with:
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 141
}
Regards,
Leighton
---
This transmission is confidential and may be legally
After some debug I discovered that it was not an authentication problem but
an accounting problem. I was doing a proxy to store accounting data in a
remote radius server, but port 1813 of that radius server was shutdown and
so my server tried to send accouting information without success until
On Mon, Mar 29, 2010 at 01:02:09PM +0100, Leighton Man wrote:
Is there any way to make this work?
I have it working with:
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 141
}
Thanks, but unless I'm missing somthing I don't understand how this
can this work from the inner tunnel without update outer.reply ?
Sorry, it's almost a year since I got this going. I didn't really *understand*
how it worked then (and I still don't, though I'm learning!) but the config I
sent
On 03/29/2010 02:25 PM, Ben Thompson wrote:
On Mon, Mar 29, 2010 at 01:02:09PM +0100, Leighton Man wrote:
Is there any way to make this work?
I have it working with:
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Stefan Everyone,
I just confirmed that my server does have no firewall. The way I tested this
is:
*ON THE SERVER*
tcpdump udp port 1812
*ON THE CLIENT*
nc -u xx.xx.xx.xx 1812
mash the keyboard repeatedly to send fake packets
When I do this I send some raw packets to my radius server on
Ben Thompson wrote:
Thanks, but unless I'm missing somthing I don't understand how this
can this work from the inner tunnel without update outer.reply ?
Read raddb/eap.conf. Look for use_tunneled_reply
This is documented.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Randall Degges wrote:
I just confirmed that my server does have no firewall. The way I tested
this is:
...
When I do this I send some raw packets to my radius server on port 1812
for testing, and my tcpdump output shows each packet being received just
fine. So I don't think this is a firewall
Alan,
Thanks for your advise. I ran radiusd with valgrind. The only leak when
processing a request is in rlm_wimax.
After I fixed it, I still see RES memory increases with each request
processing. Could you please help with
the following questions?
1. Where does the caches happen with the
I will be out of the office starting 03/29/2010 and will not return until
04/01/2010.
I will have limited email and voicemail access during the week at the
Phoenix Contact Kickoff meetings. If this is an urgent issue, please
contact our Tech Support group at 800-586-5525.
Thanks,
Dan
-
List
Good afternoon.
I have a freeradius server to authenticate a Alcatel device (Alcatel
5620 SAM). The freeradius server is passing requests for an AD that
returns OK / NOK for authentication.
This part is working. However, I need the freeradius check if the
users are part of some groups. Is this
On 03/29/2010 03:13 PM, Lincoln Zuljewic Silva wrote:
Good afternoon.
I have a freeradius server to authenticate a Alcatel device (Alcatel
5620 SAM). The freeradius server is passing requests for an AD that
returns OK / NOK for authentication.
This part is working. However, I need the
I'm sorry.
I forgot to mention that I'm not using LDAP, but Samba to integrate
the freeradius with AD.
Regards
Lincoln
On Mon, Mar 29, 2010 at 4:54 PM, John Dennis jden...@redhat.com wrote:
On 03/29/2010 03:13 PM, Lincoln Zuljewic Silva wrote:
Good afternoon.
I have a freeradius server to
On 03/29/2010 04:02 PM, Lincoln Zuljewic Silva wrote:
I'm sorry.
I forgot to mention that I'm not using LDAP, but Samba to integrate
the freeradius with AD.
O.K. I presume you're using samba for authentication, but where are you
storing the information about which groups a user is in? I
Understood, but the freeradius will be able to return this group
information to the Alcatel device?
Regards
Lincoln
On Mon, Mar 29, 2010 at 5:10 PM, John Dennis jden...@redhat.com wrote:
On 03/29/2010 04:02 PM, Lincoln Zuljewic Silva wrote:
I'm sorry.
I forgot to mention that I'm not using
FWIW, I do group checking with SAMBA. I'm not in front of my system, but
there's an arg one can pass to the Samba util exe where it will validate uname,
password, and group membership. This should work for most simple confs,
although I can certainly envision situations where LDAP may be
Gary
Are you talking about the --require-membership-of parameter of ntlm_auth?
If yes, I can't use it because is a randon situation.
The Alcatel software has a list of all groups that can login and their
appropriate permissions. The freeradius has to see what are the user
groups that the user
Yup - that's what I was talking about.
You can use variables, but if you need to enumerate a users group memberships -
then yea you'll need LDAP.
G
-Original Message-
From: freeradius-users-bounces+ggatten=waddell@lists.freeradius.org
Hi,
I am using ubuntu and wanted to install freeradius. After installing
the default unbuntu version of freeradius, I realised that it does not
support WiMAX. I then removed the old version, downloaded the latest
version of freeradius (2.1.8) and built my own package according to the
build
I just confirmed that my server does have no firewall. The way I tested this
is:
ON THE SERVER
tcpdump udp port 1812
ON THE CLIENT
nc -u xx.xx.xx.xx 1812
mash the keyboard repeatedly to send fake packets
When I do this I send some raw packets to my radius server on port
The best way is to follow what I suggested in this post.
http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg1.html
We authenticate a group of 5620's and 7210's in our environment too using
that exact same method.
Now that the Timetra (now Lucent) Dictionary is in
Hi Peter,
I will give that instruction a try and return to you/to the list the results.
Thanks!
Lincoln
On Tue, Mar 30, 2010 at 1:12 AM, Peter Lambrechtsen
plambrecht...@gmail.com wrote:
The best way is to follow what I suggested in this post.
26 matches
Mail list logo
