--- 10年9月2日,周四, John 写道:
发件人: John
主题:
收件人: freeradius-users@lists.freeradius.org
日期: 2010年9月2日,周四,下午12:45
Hi all, We upgrade freeradius from 1.1.6 to 2.1.18 recently. Looks 2.1.8 will
reply a Access-Reject when [ldap] return fail, but 1.1.6 is just keep silence.
Is there a way t
Hi all, We upgrade freeradius from 1.1.6 to 2.1.18 recently. Looks 2.1.8 will
reply a Access-Reject when [ldap] return fail, but 1.1.6 is just keep silence.
Is there a way to let 2.1.8 reply nothing in the case?
Listening on authentication address * port 1812
Listening on proxy address * p
Message: 4
Date: Wed, 1 Sep 2010 09:35:53 -0500
From: "Ben Wiechman"
Subject: RE: ask for help on WiMAX + Freeradius + Disconnect
To: "FreeRadius users mailing list"
Message-ID: <4c7e64c3.c84de70a.22a4.2...@mx.google.com>
Content-Type: text/plain; charset="iso-2022-jp"
Step 1: Read
> > The user 'testuser' does not have permission to access the socket.
> Add
> > 'testuser' to the group 'radius' or run radmin as root.
> >
> > Tim
> >
> Is possible to connect to socket with a group different of 'radius'?.
Yes. Check the documentation in the raddb/sites-available/control-socke
On 9/1/10, Tim Sylvester wrote:
> > The socket is created with this permissions:
> >
> > ls -ltr "/opt/freeradius/var/run/radiusd/radiusd.sock"
> > srw-rw 1 radius radius 0 2010-09-01 20:18
> > /opt/freeradius/var/run/radiusd/radiusd.sock
> >
> > When I try to connect to the socket with
Thanks for the advice to everyone.
As per your recomendation we changed the users file with the following line:
steve2Cleartext-Password := "testing", Huntgroup-Name == "arcsight"
but we got the same result access-reject.
And we got the following output:
rad_recv: Access-Request packet f
> The socket is created with this permissions:
>
> ls -ltr "/opt/freeradius/var/run/radiusd/radiusd.sock"
> srw-rw 1 radius radius 0 2010-09-01 20:18
> /opt/freeradius/var/run/radiusd/radiusd.sock
>
> When I try to connect to the socket with radmin I received a permission
> denied:
>
> /opt/fre
Hi all
I'm trying to configure control-socket functionality on freeradius
2.1.8. Radius in debug mode shows:
radiusd: Opening IP addresses and Ports
listen {
type = "auth"
ipaddr = *
port = 1645
}
listen {
type = "acct"
ipaddr = *
port =
Step 1: Read the wimax dictionary file. It will help you understand what
types of data you need to be putting into each attribute.
update disconnect {
User-Name = "%{User-Name}"
Calling-Station-Id = "%{Calling-Station-Id}"
WiMAX-AAA-Session-Id = "%{WiMAX-AAA-Session-Id}"
On Wed, 1 Sep 2010, Alan DeKok wrote:
> Kadlecsik Jozsef wrote:
> > rad_recv: Access-Request packet from host 127.0.0.1 port 43327, id=0,
> length=160
> > User-Name = "anonym...@teszt.eduroam.hu"
>
> The original packet from eapol_test.
>
> > +- entering group pre-proxy {...}
> ...
> > Se
Jan Zacharias wrote:
> To speed up the debugging, I introduced a sleep of varying duration in
> the ntlm_auth_wrapper.
>
> I found that freeradius kills the ntlm stuff if it takes longer than ten
> seconds to complete.
Yes. Any child script which takes that long is broken.
> My suggestion is
Alan DeKok hat am 31. August 2010 um 13:18
geschrieben:
> Jan Zacharias wrote:
> > Call me dump, but I have no idea what to look for.
>
> Neither do I. It's your system...
>
> > One idea: is ntlm_auth referred to as child? Maybe I sould
> > write a wrapper and see how long execution of this
Xiaochen wrote:
> [r...@aaa bin]# cat packet.txt | radclient -x 100.1.6.4:3799 disconnect
> 0123456789
> radclient: XUnknown attribute "WiMAX-Session-Id"
Use attributes that are defined in the WiMAX dictionary.
Or, update the WiMAX dictionary to include the attributes you're using.
Alan De
Kadlecsik Jozsef wrote:
> We have a working freeradius setup, with one exception: when guests try to
> authenticate (EduRoam) it always fails.
You are trying to do EAP locally, *and* proxy EAP to another server.
> Here follows the output of eapol_test:
That isn't necessary.
> And the debu
Xiaochen wrote:
> After packet.txt was sent to AGW, radclinet debug window said: ?Unknown
> WiMAX-Session ?ID or Unknown WiMAX-DM-Action-Code ?
radclient doesn't produce that error message.
Please post the *real* error message, and not anything else.
Alan DeKok.
>
Hello Konstantin Chekushin,
Am 2010-09-01 11:21:17, hacktest Du folgendes herunter:
>
> Does it correct solution?
> server allauth {
> listen {
>
>
> type = auth
>
>
No, because your encoding is wrong!
Thanks, Greetings and nice Day/Evening
Mi
Does it correct solution?
server allauth {
listen {
type = auth
ipaddr = *
port = 1812
}
authorize {
auth_log
update control {
Auth-Type = 'Accept'
Hi all. I have radius server, which assign ip-addresses to users. I
use rlm_ippool, but I need to assign ip-address only from the pool,
which is linked with radius packet parameter - NAS. If user comes
with nas=xxx.xxx.xxx.xxx - it takes ip from pool1, if with
nas=yyy.yyy.yyy.yyy - then from
18 matches
Mail list logo