Christian Zoffoli wrote:
I've configured freeradius with mysql anche checkval and all works as
expected when I try to authenticate users with Calling-Station-ID and :=
operators in radgroupcheck but I cannot use it with != operator.
I don't see why. It works as documented, and the !=
accounting
expand: /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d
- /var/log/freeradius/radacct/127.0.0.1/detail-20100621
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands
to /var/log/freeradius/radacct/127.0.0.1/detail-20100621
expand: %t
Hi to all,
I have to add wichorus dictionary for WiMAX, but in this
dictionary some attributes are invalid to freeradius.
for example: parent_attr and subtype values.
In the below sample of the dictionary:
VENDORWimax 24757
BEGIN-VENDOR
Moayad Mohammad wrote:
I have to add wichorus dictionary for WiMAX, but in this
dictionary some attributes are invalid to freeradius.
for example: parent_attr and subtype values.
Yes... those are not part of FreeRADIUS.
What I should to do?
Read the documentation for
Christian Zoffoli wrote:
mysql SELECT * FROM radcheck WHERE username='bumlwdgx';
...
mysql SELECT * FROM radusergroup WHERE username='bumlwdgx';
sigh You asked about radgroupcheck. Why post this?
SELECT * FROM radgroupcheck WHERE groupname='wireless';
group accounting
expand: /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d
- /var/log/freeradius/radacct/127.0.0.1/detail-20100621
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands
to /var/log/freeradius/radacct/127.0.0.1/detail-20100621
Christian Zoffoli wrote:
Il 21/06/2010 13:50, Alan DeKok ha scritto:
[cut]
Why? What possible use is this? What do you expect it to do?
there is something strange IMHO
Only if you haven't bothered reading the documentation.
if I try a different user in the wired group and this
Hi All,
I am currently running radius with Mysql backend. I am using PAP and
like to add the Mac-Auth.
What files I need to tweak?
I have looked at the http://wiki.freeradius.org/Mac-Auth but got
confused with the 'raddb/modules/file' and specially
'raddb/authorized_macs'. My question is why do
I have noticed that in 'raddb/modules/file',
usersfile = ${confdir}/authorized_macs (pointing to the file)
that is why my debug shows the following
=
ERROR: Cannot find a configuration entry for module authorized_macs.
/etc/raddb/sites-enabled/default[503]:
Hi,
I need to have EAP-TTLS working with LDAP bind and PEAP-MSCHAPV2 with
Samba + Winbind + Active Directory.
I've got winbind very unstable... I can successfully authenticate using
eapol_test but a few minutes later, I've got a
MPPE keys mismatch. If I restart winbind, I can authenticate
/%{Client-IP-Address}/detail-%Y%m%d
- /var/log/freeradius/radacct/127.0.0.1/detail-20100621
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands
to /var/log/freeradius/radacct/127.0.0.1/detail-20100621
expand: %t - Mon Jun 21 14:36:35 2010
++[detail] returns ok
On 06/19/2010 01:03 PM, Alan DeKok wrote:
John Dennis wrote:
On 06/18/2010 04:03 PM, Kyle Plimack wrote:
So how do I get pap to do it?
If you're asking how to you get pap to do mschap then that's a
nonsensical question.
Here is how things work:
http://wiki.freeradius.org/Concepts
Nice
Jean-Philippe Ghibaudo wrote:
I need to have EAP-TTLS working with LDAP bind and PEAP-MSCHAPV2 with
Samba + Winbind + Active Directory.
That should be possible. Follow the guides, and it should work.
I've got winbind very unstable... I can successfully authenticate using
eapol_test but a
Dear all,
I have an ADSL modem (running PPPoE Client) connect to a Cisco PPPoE
Server.
The Cisco PPPoE Server forward PPPoE request from CPE to the Freeradius
2.1.0.
I would like to provide to CPE an IP address based on the pair:
Username/password.
Authentication used: PAP
I see the WARNING
Thank you so much, you were right, once more as it seems, I've just downgraded
samba to native version (3.2.5) on my Debian Lenny and it works !
I had'nt managed to have samba 3.2.5 working the first time so I have tried
3.5.3 but with the same .conf, it works perfectly.
Date: Mon, 21 Jun
Hi list,
Is it possible to support multiple client CA certificates?
Suppose we want to support different customer groups. Each group has
its own CA certificate. Can freeradius support that?
Thanks a lot!
Gina Zhang
-
List info/subscribe/unsubscribe? See
On 06/21/2010 12:00 PM, Zhang, Ge (Gina) wrote:
Hi list,
Is it possible to support multiple client CA certificates?
Suppose we want to support different customer groups. Each group has
its own CA certificate. Can freeradius support that?
Yes, if the CA's are in a bundle set CA_file in
Am 21.06.2010 um 17:24 schrieb simone.trevi...@telsey.it:
Dear all,
I have an ADSL modem (running PPPoE Client) connect to a Cisco PPPoE
Server.
The Cisco PPPoE Server forward PPPoE request from CPE to the
Freeradius
2.1.0.
I would like to provide to CPE an IP address based on the pair:
Hello,
I'm using freeradius 2.1.6 on gentoo to do decoupled accounting.
I have everything set up, the only problem seems to be the speed of
the 'detail reader server'. I do quite a lot off accounting packets on
the box ( no auth ), the detail writer has already written 1.9G of
John,
Thank you very much for the information! I will try it.
Regards,
Gina
-Original Message-
From: John Dennis [mailto:jden...@redhat.com]
Sent: Monday, June 21, 2010 11:20 AM
To: FreeRadius users mailing list
Cc: Zhang, Ge (Gina)
Subject: Re: Can freeradius support multiple client
John,
Is it possible to support multiple sets of server certificates so that one
group customer would use
one server CA file?
Thanks a lot!
Regards,
Gina Zhang
-Original Message-
From:
freeradius-users-bounces+gina.zhang=alcatel-lucent@lists.freeradius.org
On 06/21/2010 01:01 PM, Zhang, Ge (Gina) wrote:
John,
Is it possible to support multiple sets of server certificates so that one
group customer would use
one server CA file?
This is a basic PKI question, not really FreeRADIUS. In PKI there can
only be one certificate per server. You would
Il 21/06/2010 14:57, Alan DeKok ha scritto:
[cut]
The server works as documented. Since you haven't read the
documentation, you don't understand what it's doing.
Weird, isn't it?
probably you are right, probably I've read all the docs, some useless
guides, many threads on the mailing
Christian Zoffoli wrote:
probably you are right, probably I've read all the docs, some useless
guides, many threads on the mailing list and I've not understood the
right way
probably your answers doesn't help much
Have you read the documentation as I suggested?
No, not really. That's
John,
Thanks a lot for your response. If I configure multiple virtual server, would
it be possible?
Thanks a lot,
Gina Zhang
-Original Message-
From: John Dennis [mailto:jden...@redhat.com]
Sent: Monday, June 21, 2010 12:34 PM
To: Zhang, Ge (Gina)
Cc: FreeRadius users mailing list
On 06/21/2010 02:38 PM, Zhang, Ge (Gina) wrote:
John,
Thanks a lot for your response. If I configure multiple virtual server, would
it be possible?
A (FreeRADIUS) virtual server does not have a different IP address nor
would it have different subject names nor subject alt names.
I'm not
John,
Thank you very much for your advise!
Regards,
Gina Zhang
-Original Message-
From: John Dennis [mailto:jden...@redhat.com]
Sent: Monday, June 21, 2010 1:54 PM
To: Zhang, Ge (Gina)
Cc: FreeRadius users mailing list
Subject: Re: Can freeradius support multiple client CA
I am specifying an Sql-Group required for one of my huntgroups and am finding
that when looking up the group info from my database that the wrong sql
instance is being used. I have an sql_read instance that's specified to be
used in my authorize section, but when the Sql-Group is evaluated for
On 21 Jun 2010, at 19:53, John Dennis wrote:
A (FreeRADIUS) virtual server does not have a different IP address nor would
it have different subject names nor subject alt names.
I'm not getting the feeling you understand how PKI works, it might be
worthwhile to read up on it.
When testing
Bob,
Thank you so much for your help! I am going to try that on my system.
Regards,
Gina Zhang
-Original Message-
From: Robert Franklin [mailto:rc...@cam.ac.uk]
Sent: Monday, June 21, 2010 3:03 PM
To: FreeRadius users mailing list
Cc: Zhang, Ge (Gina)
Subject: Re: Can freeradius
On 06/21/2010 04:03 PM, Robert Franklin wrote:
When testing a new server certificate with a different chain to a new
root CA, I set up a separate eap module with different certificates.
Ah, good point and good suggestion. I had forgotten each module instance
has it's own SSL context.
--
Howdy,
Is the timeout/retransmit timer adjustable for the detail file reader
(copy-acct-to-home-server).
If not, what is the default retransmit time for the reader?
Just to double/triple verify, this is a serial reader (it waits to send a
second packet until it has a response from the first)
Il 21/06/2010 20:26, Alan DeKok ha scritto:
Christian Zoffoli wrote:
[many]
Have you read the documentation as I suggested?
No, not really. That's why my answers don't help.
probably I don't know many things to find my mistakes
now I've fixed my problem in this way
---
update control
Hi,
last night one of our radius servers had a dying network card.
I shouldn't be a problem because I've installed several servers and if
one server isn't answering the switches are using the fallback servers.
But the interface freeradius is using was still up - only the interface
with the
Alan DeKok wrote:
Riccardo Veraldi wrote:
radtest u...@myrealm.org password localhost 10 testing123
...
[r...@radius ~]# kinit user
Password for u...@myrealmg.org:
The realm names are different. Is this intentional?
Try placing the name password into a text file.
Hi,
I downloaded the freeradius-server-2.1.9 and tried to install on my Linux box,
I did './configure --prefix=/tmp/freeradius', 'make' and then 'make install', a
problem appears in the 'make install'. The error messages are as the followings:
libtool: install: error: cannot install
hey,
try installing the binary package if u don't need to compile.
- Original Message -
From: Zhouhuai Shen shenzho...@hotmail.com
To: freeradius user freeradius-users@lists.freeradius.org
Sent: Tuesday, June 22, 2010 6:44:46 AM GMT +02:00 Egypt
Subject: problem with installation
37 matches
Mail list logo