Jim Whitescarver wrote:
> The only thing we want is python authentication. I just commented out
> everything else. I will start again and try to minimize edits. I am
> rather clueless about the nature the minimum edits should have.
Add what you need. The default configuration *works*.
> It
On 17/05/2011 22:28, Frank Dornheim wrote:
Dear FreeRADIUS users,
i try to migrate my radius setup to LDAP.
I use mainly the informations from "Frank Ranner"
(http://lists.cistron.nl/pipermail/freeradius-users/2007-September/msg00205.html).
Today i have a problem to understand the xlat statemen
Dear FreeRADIUS users,
i try to migrate my radius setup to LDAP.
I use mainly the informations from "Frank Ranner"
(http://lists.cistron.nl/pipermail/freeradius-users/2007-September/msg00205.html).
Today i have a problem to understand the xlat statement in the "hint" file:
DEFAULT
Hint =
Mark Pipkin wrote:
>> What does that look like to you?
>
> Looks like it is trying to use PAP to authenticate with.
i.e. you haven't *read* the warning message. You just saw "pap" and
"WARNING", and stopped there.
To be excruciatingly simple: RADIUS servers authenticate users by
KNOW
On Tue, May 17, 2011 at 3:08 PM, Alan DeKok wrote:
> Jim Whitescarver wrote:
>> But, after sucessfully calling our python module the user is rejected
>>
>> ERROR: No authenticate method (Auth-Type) found for the request:
>> Rejecting the user
>
> Don't edit the default configuration and break it
> What does that look like to you?
Looks like it is trying to use PAP to authenticate with. Though PAP is
local only, at least from what I can tell, and there is no local
user/pass for this account. Then it looks like it rolls to a EAP/leap
authentication method. At this point it fails
Jim Whitescarver wrote:
> But, after sucessfully calling our python module the user is rejected
>
> ERROR: No authenticate method (Auth-Type) found for the request:
> Rejecting the user
Don't edit the default configuration and break it.
> Below is the complete log.
>
> Any ideas of what we m
I am hoping someone can help me. We compiled 2.1.x from source and
finally got it to accept our python Auth-Type as the default in the
users file.
DEFAULT Auth-Type := python
But, after sucessfully calling our python module the user is rejected
ERROR: No authenticate method (Auth-Type)
Mark Pipkin wrote:
> was highlighted in read. To you it might be obvious what this means. To
> me, I don't really understand it, except that later one in the debug I
> get :
You're supposed to read the output. Only looking at *part* of it
means you can only solve *part* of the problem.
Here
> Post the debugging output into the form at:
> http://networkradius.com/freeradius.html
> And read the highlighted lines. It should be obvious what's going
on.
Module: Instantiating attr_filter.access_reject
attr_filter attr_filter.access_reject {
attrsfile = "/etc/freeradius/attr
Hello,
I have encountered a very strange issue with my setup. I have mac
address filtering setup and working perfect on one server, this server
also does other things so I want to migrate it to a new server. All
servers are on the same machine running in a vm environment. The
server1 does the file
Alan you are correct, the example in the proxy.conf file is correct, in the
latest version. Regrettably in the version I have installed there is a typo in
the proxy.conf file and the all-so-important "." is omitted. This is what I
get for not staying current, thanks for the sharp eye!
PS: A
Sallee, Stephen (Jake) wrote:
> I am trying to follow the excellent instructions in the proxy.conf file
> for setting up a virtual server using realms, however I keep getting an
> error when I try to start radisud –X telling me that the regex is
> invalid… here is my realm decleration, what am I do
I am trying to follow the excellent instructions in the proxy.conf file for
setting up a virtual server using realms, however I keep getting an error when
I try to start radisud -X telling me that the regex is invalid... here is my
realm decleration, what am I doing wrong?
realm "~*\\.cru$" {
}
ok, I just wanted to get your suggestions if there is any (It seems
there is no) and start to implement it.
Thanks for your attention. I'll soon ask my specific questions here.
Sorry for any disturbance.
> On Tue, May 17, 2011 at 4:22 PM, Alan DeKok wrote:
>> Abbas Yazdanpanah wrote:
>>> I've rea
On Tue, May 17, 2011 at 7:41 PM, Abbas Yazdanpanah
wrote:
> Dear Fajr
>
> I've read all the documents(it toke about 2 month for me to read and
> learn them)
It shouldn't take THAT long :P
If you have a problem, you can check whethere it's a known problem in the FAQ.
If it's not, follow instructio
Abbas Yazdanpanah wrote:
> I've read all the documents(it toke about 2 month for me to read and
> learn them) and I also implemented freeRadius 2.1 and daloradius using
> mysql configuration for an ISP(the mentioned system). I'm just an IT
> guy so my boss who don't have good technical standpoint d
Dear Fajr
I've read all the documents(it toke about 2 month for me to read and
learn them) and I also implemented freeRadius 2.1 and daloradius using
mysql configuration for an ISP(the mentioned system). I'm just an IT
guy so my boss who don't have good technical standpoint decided to
migrate and
Steve Brown wrote:
> Gotcha, that makes sense. Actually, setting the fourth octet to zero would do
> just fine for what the home server wants it mangled for. What would be the
> syntax in V2 to do that?
My first response described how to do that.
Or, you can read the documentation. See "ma
On Tue, May 17, 2011 at 6:41 PM, Abbas Yazdanpanah
wrote:
> Dear all,
>
>
> There is a NAS and I want to authenticate users. I have two resources,
> the first one the is Internet and the second is an intranet. I've two
> access policies regarding to each source. for example a policy is
> "users ha
Dear all,
There is a NAS and I want to authenticate users. I have two resources,
the first one the is Internet and the second is an intranet. I've two
access policies regarding to each source. for example a policy is
"users have different bandwidth for accessing each source". I've a
proprietary r
On 16/05/11 20:26, Alan DeKok wrote:
My $0.02 is that we should use github. They now support git-backed
Wikis, which use "markdown". It's close enough, and has a lot of benefits.
I quite like Markdown.
We have some internal "introduction to radius" and "introduction to
FreeRADIUS" docum
On 16/05/11 20:19, Alan DeKok wrote:
> You can set the fourth octet to zero. *Nothing* else is possible.
Gotcha, that makes sense. Actually, setting the fourth octet to zero would do
just fine for what the home server wants it mangled for. What would be the
syntax in V2 to do that?
Steve
-
Li
Stefan A. wrote:
> if I'm using an expression like
>
> if (control:VSA1=~/something/ || control:VSA2 =~/something_else/)
> {...}
>
> I do get the information"(Attribute control:VSA1 was not found)" in case
> the VSA is not in the control context.
> As the condition is '||', I would expe
Hi,
if I'm using an expression like
if (control:VSA1=~/something/ || control:VSA2 =~/something_else/)
{...}
I do get the information"(Attribute control:VSA1 was not found)" in case
the VSA is not in the control context.
As the condition is '||', I would expect, that FR tries the next
Ali Majdzadeh wrote:
> I’m using freeradius 1.1.8
Upgrade.
> with a C external program for auth/acct. I’m
> sending attributes to RAS by printf . RAS type is HUAWEI MA5200G And I
> send attributes as follows:
...
> printf(",\nInput-Peak-Rate=%d",(int)rx_burst);
Read
Hello All
I’m using freeradius 1.1.8 with a C external program for auth/acct. I’m
sending attributes to RAS by printf . RAS type is HUAWEI MA5200G And I send
attributes as follows:
printf("Session-Timeout=%d",session_time);
printf(",\nInput-Peak-R
hi,
a quick look at your output shows that your server is configured
to have a defauly type of EAP that doesnt match what your client
is trying to use. there is then a reattempt after the NAK - and your client
is using LEAP. it fails at the LEAP stage in the EAP module - check
your eap.conf o
Gary Gatten wrote:
> Good point about configuring multiple things at once - but that is a "recipe"
> - right? Several ingredients that make a tasty cake?
Yes. It should be done as a recipe with multiple steps. See
http://deployingradius.com for examples.
> I think it would be a pretty common
Alexandros Gougousoudis wrote:
> Phil, I also understand a lot of things and I can read, but the
> documentation of FR is not ideal. I've googled around, looked examples
> and had more questions than before. Where are all these features
> documented, like the "if then"-things in the conf, all the k
30 matches
Mail list logo