Hi,
I am using freeRADIUS verison 2.1.9.
I am trying to add some attribute in proxy-reply, I want to do it only if it
is Access-Accept packet. I am trying to achieve it using unlang.
I have tried following options and none of them have worked
if (%{proxy-reply:Packet-Type} == 2) {
}
if(proxy-re
Konstantin Chekushin wrote:
> Thanks for advice, but I am using database for main solution (I've
> writen my module for this issue, which uses rlm_sql functions for sql
> logic). And I wont to use file-based for redundancy only. So, the main
> question - what will happens, if query-cache will be le
Esteban TALAVERA wrote:
> I create and copy the certificates to a Windows XP SP3 laptop to test
> if everything is OK, but in "freeradius -X" mode I got a lot of message
> and none give me the reason of the problem.
>
> The AP says authentication failed and the Radius server sends the
> challenge
Hi Marten
You mean configuring freeradius for EAP-PEAP its not necessary to creates
certificates?
Its possible to use with CISCO AP as NAS?
Thanks
On Mon, Sep 13, 2010 at 6:23 PM, Marten Pape wrote:
> Hi Esteban,
> this can be done via EAP-PEAP or EAP-TTLS, but not directly via TLS.
>
> Reg
Hi Esteban,
this can be done via EAP-PEAP or EAP-TTLS, but not directly via TLS.
Regards,
Marten Pape
Esteban TALAVERA schrieb:
> Hi
>
> I´ll like to know if there is a way to configurates a Radius server +
> Mysql to authenticate Wireless clients via a Cisco AP without
> certificates (EAP TLS),
Hi
I have installed freeradius recently with MySQL and tested with success to
authenticate VTY session en cisco routers and switches.
However, my configuration with EAP_TLS is not working properly.
I use a Cisco AP
I create and copy the certificates to a Windows XP SP3 laptop to test if
every
Hi
I´ll like to know if there is a way to configurates a Radius server + Mysql
to authenticate Wireless clients via a Cisco AP without certificates (EAP
TLS), only a username and password
Thanks
--
*Esteban Talavera*
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/user
Paulo Maia wrote:
> Im trying to authenticate freeradius against passwd , but i keep getting
> Login Incorrect error , im doing EAP/PEAP mschapv2
> I dont know what im missing
> I can perform a radtest with sucess .
> Here is the ouput
Which you need to read. The debug output you posted to the
Hi guys ,
Im trying to authenticate freeradius against passwd , but i keep getting
Login Incorrect error , im doing EAP/PEAP mschapv2
I dont know what im missing
I can perform a radtest with sucess .
Here is the ouput
rad_recv: Access-Request packet from host 192.168.0.1 port 2048, id=187,
length
http://de3wpk.2010healthworld2.com/cap
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hi,
cisco problem? - contact cisco.
FreeRADIUS problem? send the output of radiusd -X to this list.
please dont send cisco debug output to this list
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> If someone who has a working freeradius samba ntlm_auth AD 2008 setup
> could let me know which version of samba they are using and which
> patches it might help me a great deal.
>
> I have a working configuration freeradius + samba 3.0.37 + Active
> Directory 2003.
we moved to 2008 last y
Hi,
Can somebody indicates me if there is any log that can help me identifying the
problem with my Windows XP client trying to authenticate to the radius server.
I do not know how to interpret the RADIUS/DECODE:
parse response no app start; FAIL since no communication was establish between
the
Hi,
> > The messages keep appearing
> > Ignoring EAP-Type/tls because we do not have OpenSSL support.
> > Ignoring EAP-Type/ttls because we do not have OpenSSL support.
> > Ignoring EAP-Type/peap because we do not have OpenSSL support.
I'm not sure which bit of this isnt clear enough? the FreeRA
Hello
If someone who has a working freeradius samba ntlm_auth AD 2008 setup
could let me know which version of samba they are using and which
patches it might help me a great deal.
I have a working configuration freeradius + samba 3.0.37 + Active
Directory 2003.
Our Active Directory servers are
Hi,
> peap {
>
> default_eap_type = mschapv2
> copy_request_to_tunnel = no
> use_tunneled_reply = no
personally, I'd advise that you set those to yes rather than no.
> File /etc/raddb/users
>
> DEFAULT Auth-Type = ntlm_auth
you dont need to do this. eve
David Mitchell wrote:
> Douglas Caro wrote:
>
>> # freeradius -v
>> freeradius: FreeRADIUS Version 2.1.9, for host i486-pc-linux-gnu, built
>> on Sep 13 2010 at 09:40:57
>> Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
>
> It seems suspicious to me that your freeradius i
Douglas Caro wrote:
>
> # freeradius -v
> freeradius: FreeRADIUS Version 2.1.9, for host i486-pc-linux-gnu, built
> on Sep 13 2010 at 09:40:57
> Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
It seems suspicious to me that your freeradius is reporting a build date
of tod
Thanks for advice, but I am using database for main solution (I've
writen my module for this issue, which uses rlm_sql functions for sql
logic). And I wont to use file-based for redundancy only. So, the
main question - what will happens, if query-cache will be less, then
ip-range? I have made
On 09/13/2010 10:35 AM, Kleber Larroyd wrote:
Have any idea ? Where can i find the solution ?
When i trying connect (windows vista) freeradius server *with wireless over
access point* i get this error:
In the future please follow the instructions to send the *complete*
output of radiusd -X *on
Douglas Caro wrote:
> Hi David and Alexander... thank you, so much...
>
> I've tried your tips, but it didn't work...
The Wiki contains instructions for building your own debian
package with OpenSSL support.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
Kleber Larroyd wrote:
If you can't be bothered to explain *why* you're doing this, and
*what* is going wrong, then we can't be bothered to read the reams of
data you posted.
It also helps to *read* the debug output. Really.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.fre
Michael Bathe wrote:
> is there any how_to or solution to interpret the ldap checkItem and
> change the replyItem (I think in inner-tunnel)?
> f.e.: If the checkItem match one of 'sec11', 'Sec11', 'SEC11'... the
> replyItem should be set to '111'.
$ man unlang
The ldap module doesn't do generic
On 09/13/2010 01:44 PM, Michael Bathe wrote:
Hallo Liste,
is there any how_to or solution to interpret the ldap checkItem and
change the replyItem (I think in inner-tunnel)?
f.e.: If the checkItem match one of 'sec11', 'Sec11', 'SEC11'... the
replyItem should be set to '111'.
ldap.attrmap:
chec
Hi David and Alexander... thank you, so much...
I've tried your tips, but it didn't work...
# dpkg -l |grep freeradius
ii freeradius
2.1.9+gita high-performance and highly
configurable R
ii freeradius-common
Hallo Liste,
is there any how_to or solution to interpret the ldap checkItem and
change the replyItem (I think in inner-tunnel)?
f.e.: If the checkItem match one of 'sec11', 'Sec11', 'SEC11'... the
replyItem should be set to '111'.
ldap.attrmap:
checkItem Tunnel-Private-Group-Id sec
Konstantin Chekushin wrote:
> My pool size is 32k. And I'm using this pool only for fallback issue.
> So, I'll need it rarely in the future.
For 32K IP's, I'd suggest using a database.
> If cache-size = 32768, then radiusd process takes all memory.
> "Mon Sep 13 12:33:46 2010 : Error: Couldn't
Hi all. I have a question about rlm_ippool and cache-size option.
Info from description: cache-size: The gdbm cache size for the db
files. Should be equal to the number of ip's available in the ip
pool.
Also, note the cache size matches the number of IP's in your pool.
More is OK but waste
28 matches
Mail list logo