David Mitchell wrote:
currently I'm using the check_cert_cn option in my EAP-TLS setup. I think
I may have the need to support two possible CN formats. Is there any
way to do a conditional check?
Your message contains the answer to that question.
I don't think the eap.conf file is
unlang
Hi,
Currently I am authenticating only One group of users in Cisco Switches group.
Now, I have to add another VPN group and distinguish between two sets of group
autentication , VPN Users, and
Cisco switches. I'd like to control access to each of those separately
(different AD Groups
Hi,
I'm currently trying to implement an authorization process only, between a
Cisco GGSN and Freeradius.
My idea is for the freeradius to authenticate regardless of the MS (IMSI)
and after authentication it Queries a Postgresql Database based upon IMSI to
get the IP Pool that he will be used.
On 26/05/11 12:06, Pedro Costa wrote:
But my issue is that i'm not able to authenticate (regardless of the
IMSI - No database query is required for this) and execute the SQL XLAT
being (the SQL SELECT that will get the IP Pool name for the specific IMSI).
Why not? Be specific. Tell us what
Hi Everyone,
I tried to set up Mac Authentication per the the doc at freeradius.org.
The client connects but the users don't. The folowing is the output from the
debug mode in freeradius. Thanks for your help.
eady to process requests.
rad_recv: Access-Request packet from host 10.41.0.254
[root@box ~]# /usr/sbin/radiusd -xx
[root@box ~]# ps aux | grep radius
radiusd 32539 0.0 0.1 148872 2672 ?Ssl 10:50 0:00
/usr/sbin/radiusd -xx
root 32564 0.0 0.0 61220 752 pts/0R+ 10:50 0:00 grep radius
For some reason I can't get radius -x to display to
Am 26.05.2011 um 16:54 schrieb Norman Zhang:
[root@box ~]# /usr/sbin/radiusd -xx
[root@box ~]# ps aux | grep radius
radiusd 32539 0.0 0.1 148872 2672 ?Ssl 10:50 0:00 /
usr/sbin/radiusd -xx
root 32564 0.0 0.0 61220 752 pts/0R+ 10:50 0:00
grep radius
For
On May 26, 2011, at 1:25 AM, Alan DeKok wrote:
David Mitchell wrote:
currently I'm using the check_cert_cn option in my EAP-TLS setup. I think
I may have the need to support two possible CN formats. Is there any
way to do a conditional check?
Your message contains the answer to that
David Mitchell wrote:
Well yes, that's true. I'm just not sure where the best place to put the
check is since I don't believe eap.conf is unlang interpreted.
It's not.
Should it go into the sites-enabled/default post-auth section?
The comments and examples in the sites-enabled/default
Is there any way to perform a different authentication method based on the
specific client entry (or group of entries) using the ntlm_auth method?
We're implementing the ntlm_auth interface to AD, and need to specify the
group to authenticate against differently for different classes of
Where does accounting logging primarily go by default? Can it be sent to a text
file?
Thanks in Advance,
Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I'm running a farm of freeradius server 2.1.1,
16 with Suse Linux and 32 with Sun Solaris,
and I need to proxy a copy of accounting packet to
a pool of remote home server, without wait
for reply/ack from remote servers, and
without retries or failover, for performance reasons.
The accounting
Hey, a Q I may be able to answer! It may depend a bit on distro, but
typically: /usr/local/var/log/radius/radacct/%NAS-IP%/detail-mmdd. It is a
text file.
HTH
G
From: freeradius-users-bounces+ggatten=waddell@lists.freeradius.org
By default, the accounting detail files are in:
${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
which usually translates to:
/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
Read the raddb/modules/detail file for more information.
Tim
From:
Dear Users,
One of the largest complains with FreeRADIUS is the lack of comprehensive
documentation.
The current wiki @ wiki.freeradius.org has served its purpose, but has
ultimately failed to provide an update to date, well organised source of
documentation.
The current major problems with
On Fri, May 27, 2011 at 7:29 AM, Arran Cudbard-Bell
a.cudba...@gmail.com wrote:
If you want to help out, please do the following:
1) Sign up for Facebook, Twitter or GitHub
2) Go to http://power.freeradius.org:4567
http://power.freeradius.org:4567 is problematic from here (slow, and
sometimes
On May 26, 2011, at 6:09 PM, Fajar A. Nugraha wrote:
On Fri, May 27, 2011 at 7:29 AM, Arran Cudbard-Bell
a.cudba...@gmail.com wrote:
If you want to help out, please do the following:
1) Sign up for Facebook, Twitter or GitHub
2) Go to http://power.freeradius.org:4567
On Fri, May 27, 2011 at 8:22 AM, Arran Cudbard-Bell
a.cudba...@gmail.com wrote:
On May 26, 2011, at 6:09 PM, Fajar A. Nugraha wrote:
On Fri, May 27, 2011 at 7:29 AM, Arran Cudbard-Bell
2) Go to http://power.freeradius.org:4567
http://power.freeradius.org:4567 is problematic from here (slow,
It's still slow. Using wget reveals something interesting though:
- it's connected almost immediately
- HTTP request sent, awaiting response... took over 10 seconds
- once I got 200 OK, the content is transferred very quickly, so
it's not connection speed problem.
Does ruby (or apache,
On Fri, May 27, 2011 at 9:26 AM, Arran Cudbard-Bell
a.cudba...@gmail.com wrote:
It's still slow. Using wget reveals something interesting though:
- it's connected almost immediately
- HTTP request sent, awaiting response... took over 10 seconds
- once I got 200 OK, the content is transferred
On May 26, 2011, at 7:41 PM, Fajar A. Nugraha wrote:
On Fri, May 27, 2011 at 9:26 AM, Arran Cudbard-Bell
a.cudba...@gmail.com wrote:
It's still slow. Using wget reveals something interesting though:
- it's connected almost immediately
- HTTP request sent, awaiting response... took over 10
Fajar A. Nugraha wrote:
So the current policy is:
- anyone can register (via github etc)
- any logged-in user can create/edit new page
Is that correct? I'll try updating the FAQ with some new entries later.
Yes. By using OAuth, we can avoid the problem of managing users
ourselves, and
Fajar A. Nugraha wrote:
Is this a location problem (e.g. hosted on not-so-good datacenter),
server problem (e.g. not enough RAM), or application problem (e.g.
non-optimum sql queries)?
It's a quad-core 8G system with 1Tb of disk, and 1Gb connection to the
net. I think it's fine. :)
Alan
Sandro Magri wrote:
I'm running a farm of freeradius server 2.1.1,
16 with Suse Linux and 32 with Sun Solaris,
and I need to proxy a copy of accounting packet to
a pool of remote home server, without wait
for reply/ack from remote servers, and
without retries or failover, for
24 matches
Mail list logo