On Mon, Jul 4, 2011 at 3:02 PM, Tom De Vylder wrote:
> On 01 Jul 2011, at 19:44, Alan DeKok wrote:
> pool1.conf:
> ippool main_pool {
> range-start = 192.168.10.1
> range-stop = 192.168.10.254
> [ ... ]
> }
> pool2.conf
> ippool secondary_pool {
>
Hey,
I'm running a freeradius2 server with mysql. Some users are authenticating via
mschapv2 and some through eap-tls.
My problem is that for eap-tls, the actual username field doesn't matter,
user's could specify anything as the username, as long as their certificates
are valid. So I would lik
Hello All,
I am stuck in a situation and need help. I have a ISP type local network, I
am using Mikrotik router as PPPOE server and FREERADIUS (ubuntu) as a radius
server for about 2000+ users. I Have 5 Terabyte of Media sharing server,
(hosted on IIS FTP) , Is there any way that IIS can get auth
I'm trying to do the same thing as your second example:
I setup a group in radgroupcheck:
id groupname attribute op value
1PVT NAS-IP-Address ==10.99.0.47
and the corresponding rows in radgroupreply:
id
Thanks... I was trying to do not use the FreeRadius version distributed in
CentOS. But if there is no other way
On Sun, Jul 3, 2011 at 1:32 PM, Fajar A. Nugraha wrote:
> On Sun, Jul 3, 2011 at 7:40 PM, Carlos Eduardo Tavares Terra
> wrote:
> >
> > Today I have 2 freeradius servers running..
Aurélien Lafranchise wrote:
> I thought that the 2.1.11 version should be easier to compile and get
> Oracle support. However, I can tell you that is not easy.
...
> configure:2771: gcc -o conftest -g -O2
> -I/usr/include/oracle/11.2/client64/ conftest.c
> -L/usr/lib/oracle/11.2/client64/lib/ -
Hi all,
I thought that the 2.1.11 version should be easier to compile and get Oracle
support. However, I can tell you that is not easy.
I am doing a ./configure --with-oracle-version=11
--with-oracle-lib-dir=/usr/lib/oracle/11.2/client64/lib
--with-oracle-include-dir=/usr/include/oracle/11.2/clie
I have posted at
http://www.cardiothink.com/downloads/
a set of patches which, when applied to the latest stable
freeradius-client (version 1.1.6) and to the CVS version,
fixes the problem with PPTP and radiusclient that results
in failure of CHAP authentication with the syslog errors:
rc_avp
Hey Fajar and Alexander, thanks! That's exactly what I was looking for. A cheap
way to pre-validate tokens without having to Exec an 'expensive' external
program to check if the token is computationally correct. Simply because I
expect a LOT of faulty regular passwords to fall through from the
Cor Bosman wrote:
>
> Would their be some way, in either the PAM stage, or in the FreeRadius
> stage before Exec to pre-validate if ive got a token-reponse? They're
> always 10 digit numbers.
>
unlang is your friend:
http://freeradius.org/radiusd/man/unlang.html
Something like the following s
On Mon, Jul 4, 2011 at 5:53 PM, Johannes Koepcke wrote:
> Hey,
>
> I'm running a freeradius2 server with mysql. Some users are authenticating
> via mschapv2 and some through eap-tls.
> My problem is that for eap-tls, the actual username field doesn't matter,
> user's could specify anything as th
On Mon, Jul 4, 2011 at 4:57 PM, Cor Bosman wrote:
> Would their be some way, in either the PAM stage, or in the FreeRadius stage
> before Exec to pre-validate if ive got a token-reponse? They're always 10
> digit numbers.
Are you asking for a "cheap" way to validate whether User-Password has
10
Hi all, im setting up an OTP authentication service for our customer base. They
should be able to authenticate with both their login/pass or an OTP. Ive got
this working just fine by using PAM/radius where each pam services checks 2
radius servers. First the one doing the login/pass (this is a
Tom De Vylder wrote:
> Configs are loaded, but the configuration inside them just doesn't show up.
>>From the log file:
i.e. "debug output".
Inventing your own terminology for things is a guaranteed way to
confuse yourself.
> including files in directory /etc/freeradius/ippool.d/
> includin
On Mon, Jul 4, 2011 at 3:31 PM, Tom De Vylder wrote:
>> Well, just split it. As long as it's included inside modules section
>> of radiusd.conf, it should work. Try using something like this on
>> radiusd.conf:
>>
>> modules {
>> ...
>> $INCLUDE ${confdir}/modules/
>> $INCLUDE ${conf
On 04 Jul 2011, at 10:19, Fajar A. Nugraha wrote:
> On Mon, Jul 4, 2011 at 3:02 PM, Tom De Vylder wrote:
>> On 01 Jul 2011, at 19:44, Alan DeKok wrote:
>
>> pool1.conf:
>> ippool main_pool {
>>range-start = 192.168.10.1
>>range-stop = 192.168.10.254
>>[ ... ]
Hi,
> Personally I'd just dump IIS and use something like linux+proftpd
> instead: http://www.proftpd.org/docs/contrib/mod_radius.html
I was going to say the same thing - use the Linux/BSD box with
FTP as the access layer - no trouble with the RADIUS integration then
alan
-
List info/subscribe/u
On Mon, Jul 4, 2011 at 2:03 PM, aacable wrote:
> Hello All,
>
Please don't send the same request over and over again.
>
> I am stuck in a situation and need help. I have a ISP type local network, I
> am using Mikrotik router as PPPOE server and FREERADIUS (ubuntu) as a radius
> server for about
On 01 Jul 2011, at 19:44, Alan DeKok wrote:
> Tom De Vylder wrote:
>> I'd like to integrate freeradius into a config management framework.
>> In order for this to work with multiple ippool instances I've decided to
>> create a ippool.d/ directory containing several config files.
>
> Those files
Hello All,
I am stuck in a situation and need help. I have a ISP type local network, I
am using Mikrotik router as PPPOE server and FREERADIUS (ubuntu) as a radius
server for about 2000+ users. I Have 5 Terabyte of Media sharing server,
(hosted on IIS FTP) , Is there any way that IIS can get auth
Hello All,
I am stuck in a situation and need help. I have a ISP type local network, I
am using Mikrotik router as PPPOE server and FREERADIUS (ubuntu) as a radius
server for about 2000+ users. I Have 5 Terabyte of Media sharing server,
(hosted on IIS FTP) , Is there any way that IIS can get auth
21 matches
Mail list logo
