On 10/21/2010 03:34 AM, ichiro tanaka wrote:
Hi.
i have a problem proxy.
Proxying to auth-server, and NAS-IP-Address was automatically added by proxy.
can I stop it?
It was probably added by the preprocess module, if memory serves.
Why would you want to stop it?
If you do, just remove the
On 10/20/2010 10:59 PM, Rowley, Mathew wrote:
I was able to configure FreeRadius/AD differently than most tutorials
– just using Kerberos as an authentication mechanism (sorry for any
weird formatting, coming from a wiki):
(For the archives)
The reason it's different than most tutorials, to
On 10/21/2010 08:55 AM, Chidanand Gangur wrote:
I have collected logs for full session of host authentication, log is
pasted below.
As mentioned in my previous mail I just want to proxy the host
authentication request to the home server, is it possible?
You didn't mention that in your
ichiro tanaka wrote:
My freeradius proxy already includes dictionary.rfc4818.
Do I need something?
No idea. Maybe the attribute isn't in the correct format.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
thanks a lot Phil.
It was probably added by the preprocess module, if memory serves.
Why would you want to stop it?
If you do, just remove the preprocess module from the authorize
section - but it does a lot of other processing and cleanups too.
The better option is to use attr_filter in the
Thanks Phil, thanks a lot
It worked. I have multiple home servers configured so I am using your
logic like this
if (%{User-Name}=~ /^host\/.*testad1.com$/) {
update control {
Proxy-To-Realm := testad1.com
}
}
On 21/10/10 10:54, Chidanand Gangur wrote:
Thanks Phil, thanks a lot
It worked. I have multiple home servers configured so I am using your
logic like this
Excellent, glad to hear you solved it.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ah, that is true. I never though that deeply into it, and only did a POC.
Is the downfall of doing things this way that passwords must be sent in
the clear?
On 10/21/10 1:59 AM, Phil Mayers p.may...@imperial.ac.uk wrote:
On 10/20/2010 10:59 PM, Rowley, Mathew wrote:
I was able to
On 21/10/10 15:50, Rowley, Mathew wrote:
Ah, that is true. I never though that deeply into it, and only did a POC.
Is the downfall of doing things this way that passwords must be sent in
the clear?
Not really. The User-Password radius field is encrypted with the
shared secret, which is
What does this error mean on a cisco switch? I only get it on a certain
model of switch with a certain ios image (a newer image doesn't give the
error). It happens when the configuration is saved.
Oct 18 16:40:21.365 EDT: %PARSER-3-BADSUBCMD: Unrecognized subcommand 32
in sg-radius command
I am kind of confused - one of our use cases is having our wireless
infrastructure authenticating through freeradius and in the end AD. Why
would it matter that freeradius uses rlm_krb5? Wouldn¹t it look something
like:
UserAPControllerfreeradiusAD
Anything-authradius
On 10/21/2010 06:40 PM, Rowley, Mathew wrote:
I am kind of confused - one of our use cases is having our wireless
infrastructure authenticating through freeradius and in the end AD. Why
would it matter that freeradius uses rlm_krb5? Wouldn¹t it look something
like:
Thanks its working..After coverting it into hex format (start with 0x) and
modifying the attribute type to octets.
On Wed, Oct 20, 2010 at 12:38 PM, Alan DeKok al...@deployingradius.comwrote:
janardhan madabattula wrote:
Hi,
I am trying to create IPv6 Ascend Data Filter in Free radius.
Hi,
For a couple of years I've been successfully using FreeRADIUS to
authenticate some users against Active Directory using cleartext
passwords, a Perl script to do some department checking, and a simple
LDAP bind as user.
I've now got at least one user who fails authentication, and I'm
I have configured
freeradius version 2.1.9 with mySQL backend and Active Directory integration
(NTLM) for the purpose of using it to authenticate users against firewall
protected
policies.
So far it’s all working. When
a user hits a firewall protected policy he is prompted to authenticate
On 10/21/2010 08:52 PM, mark.le...@stfc.ac.uk wrote:
I don't know whether the problem lies with me (for allowing a backslash
in the password in the first place) the NAS for appearing to 'escape'
the backslash (with a backslash)
rlm_ldap accesses the raw string value of the request-password
On 10/21/2010 10:27 PM, Phil Mayers wrote:
On 10/21/2010 08:52 PM, mark.le...@stfc.ac.uk wrote:
I don't know whether the problem lies with me (for allowing a backslash
in the password in the first place) the NAS for appearing to 'escape'
the backslash (with a backslash)
rlm_ldap accesses
On 10/21/2010 10:40 PM, Ramzi Abdallah wrote:
I have configured freeradius version 2.1.9 with mySQL backend and Active
Directory integration (NTLM) for the purpose of using it to authenticate
users against firewall protected policies.
So far it’s all working. When a user hits a firewall
Thanks Alan.
ichiro tanaka wrote:
My freeradius proxy already includes dictionary.rfc4818.
Do I need something?
No idea. Maybe the attribute isn't in the correct format.
I see.
Auth-server is freeradius-2.1.10.
I captuared radius packet by wireshark, and compared to rfc4818(sec.3)
19 matches
Mail list logo
