Hello ,
I want to configure FreeRADIUS to do the following two things:
(1) Handle tunnel for PEAP authentication requested by any supplicant(s),
and do mschapv2 auth with another RADIUS server. (Irrespective
of the realm in the user-name)
(2) Transparently proxy all other non-PEAP req
I may be misunderstanding you, but FR still auths against a centralized AD
(ntlm_auth).
I will look into this further though, because it obviously won't honor any
DVLAN assignments we have in AD if it's not asking for / expecting them.
G
-Original Message-
From: freeradius-users-bounc
Hi,
>I should note, it appears the Aruba gear is terminating the PEAP – FR only
>sees an MSCHAP request.
I would change that behaviour with a quick reconfig - its possible because we
have
sites in the UK using Aruba kit with 'eduroam' - and 'eduroam' would break if
the
remote client was
Hello,
We use Aruba Wireless gear. We're using 802.1x PEAP, MSCHAPv2, use windows
credentials. Everything is working great with this setup until we started
testing / trying Windows 7 clients. They fail with:
Exec-Program output: Logon failure (0xc06d)
Exec-Program-Wait: plaintext: Logon
Robert Mc Cready wrote:
> I do not rewrite the User-name attribute I rewrite only the
> Stripped-User-Name attribute with these:
No. Go READ the debug log you posted. The "inner-tunnel" virtual
server gets:
Sending tunneled request
EAP-Message = 0x020800421a0208003d314cc241739d871a4cb33b63386
James J J Hooper wrote:
> It now seems to create a *directory* with the name that should be the
> detail *file*...
I've pushed a fix. The change missed one line..
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
use:
%{mschap:User-Name}
...including your LDAP filters. This will "just work"
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__ Information provenant d'ESET NOD32 Antivirus, version de la base
des signatures de virus 6106 (20110509) __
Le
On 09/05/2011 12:22, Alan DeKok wrote:
Alexander Clouter wrote:
Updating to git's v2.1.x to go on a post-Easter bughunt and found the
following accounting packet[1] seems to segfault freeradius:
...
#1 0x403075d8 in fnmatch () from /lib/libc.so.6
#2 0x409da598 in do_detail (instance=0x114e50
I got it working by changing the query to count if the MAC requesting access
is different than the one that got access cranted. Another question I had
was if a user is allowed access only for let say 5 hours a Day, if he is
connected just for 1 hour and decides to connect 3 hours later, I think the
Alan Buxey wrote:
>
>> NAS Port Attribute (5), length: 6, Value: 0
>
> NAS-Port 0
>
> are you serious? ;-)
>
Hey, *you* are the proxying it ;P
>> Vendor Specific Attribute (26), length: 12, Value: Vendor: Unknown
>> (14823)
>> Vendor Attribute: 2, Length: 4,
Hello,
Is the user you are testing with configured on the switch? No, this is my
username that is allowed to access the switches. It authenticates me with AD
and makes sure I belong to a certain group within AD.
If so, as what type of user? Admin user.
Have you tried a username which is not c
Alexander Clouter wrote:
> Updating to git's v2.1.x to go on a post-Easter bughunt and found the
> following accounting packet[1] seems to segfault freeradius:
...
> #1 0x403075d8 in fnmatch () from /lib/libc.so.6
> #2 0x409da598 in do_detail (instance=0x114e50, request=0x43443240,
> packet=0x4
Hi,
> NAS Port Attribute (5), length: 6, Value: 0
NAS-Port 0
are you serious? ;-)
> Vendor Specific Attribute (26), length: 12, Value: Vendor: Unknown
> (14823)
> Vendor Attribute: 2, Length: 4, Value:
..thats an interesting one.
> Unknown A
Updating to git's v2.1.x to go on a post-Easter bughunt and found the
following accounting packet[1] seems to segfault freeradius:
tcpdump: listening on bond0, link-type EN10MB (Ethernet), capture size 65535
bytes
11:30:34.398885 IP6 (hlim 51, next-header UDP (17) payload length: 258)
2001:
Thank you
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Radius-Database-tp4375341p4381272.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The query is ok for my purpose, when I execute it it returns 1 when a
session is active and 0 when no session is available. However when i
uncomment the simul query, all logins are terminated by User-Error afer 10
seconds and not Session-Timeout after x time as it's supposed to be, if a
commented t
16 matches
Mail list logo