Nitin Bhardwaj wrote:
I want to configure FreeRADIUS to do the following two things:
(1) Handle tunnel for PEAP authentication requested by any supplicant(s),
and do mschapv2 auth with another RADIUS server. (Irrespective of
the realm in the user-name)
(2) Transparently proxy all
On 05/09/2011 10:55 PM, Gary Gatten wrote:
Exec-Program output: Logon failure (0xc06d)
Exec-Program-Wait: plaintext: Logon failure (0xc06d)
Exec-Program: returned: 1
[mschap] External script failed.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
You've
On 10/05/2011 12:54 PM, Alan DeKok wrote:
Nitin Bhardwaj wrote:
I want to configure FreeRADIUS to do the following two things:
(1) Handle tunnel for PEAP authentication requested by any supplicant(s),
and do mschapv2 auth with another RADIUS server. (Irrespective of
the realm in the
Check some basic stuff too. Make sure your radius user can run ntlm_auth.
Sent from Verizon Wireless
-Original Message-
From: Phil Mayers p.may...@imperial.ac.uk
Sender: freeradius-users-bounces+ironrake=yahoo@lists.freeradius.org
Date: Tue, 10 May 2011 09:55:54
To:
The same FR instance works perfectly using the same Aruba controller and user
creds if the client OS is XP. As noted, everything also works with Windows 7
if you don't select use windows login info.
- Original Message -
From: ironr...@yahoo.com [mailto:ironr...@yahoo.com]
Sent:
Sorry, I trimmed because everything is the same between success and failure
up until the exec program output...
Yes, they are domain members. FR sees only a basic MSCHAP request, no *EAP of
any kind.
- Original Message -
From: Phil Mayers [mailto:p.may...@imperial.ac.uk]
Sent:
On 05/10/2011 01:20 PM, Gary Gatten wrote:
Sorry, I trimmed because everything is the same between success and failure up until
the exec program output...
Well, unfortunately the same didn't trigger my crystal ball, so I have
no idea what it was, regardless of whether it's the same.
I want
I don't have access to the debug right now, but will post it later.
I was hoping someone would pop up and say, oh yeah - you need patch xyz on
Winblows 7 No such luck :)
Thx
G
- Original Message -
From: Phil Mayers [mailto:p.may...@imperial.ac.uk]
Sent: Tuesday, May 10, 2011
Hello everyone.
I have a doubt regarding the restriction of a user by the NAS.
I am 40 and NAS connected to freeradius requires each user to connect only to
a specific NAS, denying access to the user when the other NAS
What parameter do I need to activate this feature?
Thanks All .
-
List
I forgot to mention that I use MySQL to manage my users and NAS.
In the table that records the users exists a field 'radnas_id' where I can
tell the NAS that he is entitled to connect, but can not enable this
restriction
-
List info/subscribe/unsubscribe? See
In the PEAP properties, EAP-MSCHAP v2, if you DISABLE
automatically use my windows logon name and password and
instead enter the credentials manually it works.
What version of FR are you running? If it's 2.1.10, try it with 2.1.10.
-
List info/subscribe/unsubscribe? See
I think its 2.1.6, maybe 2.1.7.
I can/will upgrade, but the symptoms lead me to believe its a windows thing.
What leads you to believe an FR upgrade would fix it?
- Original Message -
From: Garber, Neal [mailto:neal.gar...@iberdrolausa.com]
Sent: Tuesday, May 10, 2011 08:44 AM
To:
I Believe you have to use Huntgroups to do that
http://wiki.freeradius.org/SQL_Huntgroup_HOWTO
On Tue, May 10, 2011 at 3:30 PM, Marcos TP mark...@gmail.com wrote:
I forgot to mention that I use MySQL to manage my users and NAS.
In the table that records the users exists a field 'radnas_id'
In the PEAP properties, EAP-MSCHAP v2, if you DISABLE
automatically use my windows logon name and password and
instead enter the credentials manually it works.
Look at:
http://freeradius.1045715.n5.nabble.com/MSCHAP-Authentication-Issue-td2785146.html
to see if this is your problem (look
Hi
How can i configure FR if i have multiple FR Server and NAS. How can i tell
for example a specific user is for specific NAS.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Multiple-FR-Server-and-NAS-tp4384579p4384579.html
Sent from the FreeRadius - User mailing
I can/will upgrade, but the symptoms lead me to believe its a windows
thing. What leads you to believe an FR upgrade would fix it?
I sent another response with more info. The issue I'm thinking of is one we
talked about quite a while ago (I asked if you could test it). It's the one
where
On 05/10/2011 03:00 PM, Garber, Neal wrote:
In the PEAP properties, EAP-MSCHAP v2, if you DISABLE
automatically use my windows logon name and password and instead
enter the credentials manually it works.
Look at:
://www.freeradius.org/list/users.html
__ Information provenant d'ESET NOD32 Antivirus, version de la base
des signatures de virus 6110 (20110510) __
Le message a ete verifie par ESET NOD32 Antivirus.
http://www.eset.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
Hello,
I have a freeradius server that i use to authenticate users before they
access network switches. user passwords reside in an ldap directory with
the following attributes and formats:
userPassword: (CRYPT password)
sambaNTPassword: (NT Hash)
sambaLMPassword: (LM hash)
PAP is choosing
On 05/10/2011 03:35 PM, Robert Mc Cready wrote:
If the User-Name is being rewritten it is not intentional.
Now, I reinstalled from scratch, save the default configuration, join the
server to the domain, modified clients.conf, attr_rewrite, ldap, mschap and
inner-tunnel and ran diff. I can see
Robert Mc Cready wrote:
If the User-Name is being rewritten it is not intentional.
Well... it's obviously someone you've changed, because it doesn't
happen in the default configuration.
Now, I reinstalled from scratch, save the default configuration, join the
server to the domain, modified
mic night wrote:
I have a freeradius server that i use to authenticate users before they
access network switches. user passwords reside in an ldap directory with
the following attributes and formats:
userPassword: (CRYPT password)
sambaNTPassword: (NT Hash)
sambaLMPassword: (LM hash)
One additional note: the fixes that went into 2.1.10 extract (verbatim)
the client username from the EAP-MSCHAPv2 response, and pass that
through to the rlm_mschap module as an extra attribute.
You're right Phil. It's been too long since I wrote that patch.
Gary: Forget what I said about
Le 10/05/2011 16:50, Alan DeKok a écrit :
mic night wrote:
I have a freeradius server that i use to authenticate users before they
access network switches. user passwords reside in an ldap directory with
the following attributes and formats:
userPassword: (CRYPT password)
sambaNTPassword: (NT
proxy.conf.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__ Information provenant d'ESET NOD32 Antivirus, version de la base
des signatures de virus 6110 (20110510) __
Le message a été vérifié par ESET NOD32 Antivirus.
http
21 * * *
22 * * *
23 * * *
__ Information provenant d'ESET NOD32 Antivirus, version de la base
des signatures de virus 6110 (20110510) __
Le message a ete verifie par ESET NOD32 Antivirus.
http://www.eset.com
-
List info/subscribe/unsubscribe? See http
Robert Mc Cready wrote:
The host name are not domain names, there are computers account name, and we
have hundreds of them . We only use the MS Domain to authenticate the
computers account, not the users.
Well... re-writing the names in the inner-tunnel server is breaking
authentication.
Hi all,
We are using Freeradius for accounting from our voip system. Is there
documentation somewhere, that you can point me to, on how I can add a
couple of custom vendor fields to the radacct database schema and the
INSERT query?
I have no problem reading the documentation, but I can't
mic night wrote:
Yes , sorry i didn't expose the problem... Actualy, we have a problem
generating the sambaNTPassword an sambaLMPassword and that's why i'm
(temporary) trying to force PAP to use the userPassword attribute.
$ man unlang
See !*. You can delete attributes from the control
Hello,
Huntgroups I know, but the functionality it provides me not for me.
I need the user only has permission to access a NAS, as much as I could with
Huntgroups was to restrict the access group, because several groups have
access, containing their speed and can not do the search for access
Tim Donahue wrote:
Hi all,
We are using Freeradius for accounting from our voip system. Is there
documentation somewhere, that you can point me to, on how I can add a
couple of custom vendor fields to the radacct database schema and the
INSERT query?
raddb/sql.conf
This is
Dear All
im using version ffreeradius-server-2.1.8.. and also radius manager is
installed here..
when my Mikrotik PPPOE users got Disconnect and trying to relogin they
cant.. Access Denied,you are already logged in and Reject authentication
failed msg like that which i got from My Radius
im getting this log from mikrotik some users is connected some are not
g,packet received Access-Reject with id 190 from 10.10.100.7:1812
On Wed, May 11, 2011 at 1:15 AM, Tanjil Ahmed tan...@tanjil.net wrote:
Dear All
im using version ffreeradius-server-2.1.8.. and also radius manager is
On Tue, May 10, 2011 at 01:59:44PM -0300, Marcos TP wrote:
Huntgroups I know, but the functionality it provides me not for me.
I need the user only has permission to access a NAS, as much as I could
with Huntgroups was to restrict the access group, because several
groups have
Hi,
I have just experienced some weird problem. I'm used to watch the mikrotik log
of my pppoe.. and at some point more than 100 clients disconnected from it.. i
was looking at the radius log, and I realize this information.
Tue May 10 11:50:49 2011 : Error: Discarding duplicate request from
slow database (probably)...
On 5/10/2011 10:08 PM, Rodrigo Yoshioka wrote:
Hi,
I have just experienced some weird problem. I'm used to watch the
mikrotik log of my pppoe.. and at some point more than 100 clients
disconnected from it.. i was looking at the radius log, and I realize
this
Rodrigo Yoshioka wrote:
I have just experienced some weird problem. I'm used to watch the
mikrotik log of my pppoe.. and at some point more than 100 clients
disconnected from it.. i was looking at the radius log, and I realize
this information.
Tue May 10 11:50:49 2011 : Error: Discarding
Can someone give me a hint how to solve following:
We are using PPPoE server with FreeRadius autentification and we are using
Simultaneous Use Checking. We are limiting number of simultaneous
connections to 1.
The problem is in nonstandard situation when PPPoE server is nonstandardly
restarted
Dear All sometimes im getting that type of msg from Freeradius!
[radutmp] expand: /usr/local/var/log/radius/radutmp -
/usr/local/var/log/radius/radutmp
[radutmp] expand: %{User-Name} - bnetelvis
checkrad: No NAS type, or type other not checking
++[radutmp] returns ok
Using
Ahmed Syed zerocoo...@gmail.com wrote:
Can someone give me a hint how to solve following:
We are using PPPoE server with FreeRadius autentification and we are using
Simultaneous Use Checking. We are limiting number of simultaneous
connections to 1.
The problem is in nonstandard
Hi,
I have freeradius 2.1.10 installed and was able to customize some reply
messages to another language, the only one I am unable to change is the one
for simultaneous login check, where would I chnage this reply message?
Thanks
-
List info/subscribe/unsubscribe? See
41 matches
Mail list logo